NSX-T Data Center REST API
ALBAcceptedCipherEnums (schema)
AcceptedCipherEnums type
Valid ENUM values for ALBAcceptedCipherEnums
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAcceptedCipherEnums | AcceptedCipherEnums type Valid ENUM values for ALBAcceptedCipherEnums |
string | Enum: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_GCM_SHA256 |
ALBActiveStandbySeTag (schema)
ActiveStandbySeTag type
Valid ENUM values for ALBActiveStandbySeTag
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBActiveStandbySeTag | ActiveStandbySeTag type Valid ENUM values for ALBActiveStandbySeTag |
string | Enum: ACTIVE_STANDBY_SE_1, ACTIVE_STANDBY_SE_2 |
ALBAlertScriptConfig (schema)
AlertScriptConfig
Advanced load balancer AlertScriptConfig object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| action_script | Action script User Defined Alert Action Script. Please refer to kb.avinetworks.com for more information. |
string | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBAlertScriptConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBAnalyticsPolicy (schema)
AnalyticsPolicy
Advanced load balancer AnalyticsPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| all_headers | All headers Log all headers. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| client_insights | Client insights Gain insights from sampled client to server HTTP requests and responses. Enum options - NO_INSIGHTS, PASSIVE, ACTIVE. Default value when not specified in API or module is interpreted by ALB Controller as NO_INSIGHTS. |
ALBClientInsights | Default: "NO_INSIGHTS" |
| client_insights_sampling | Client insights sampling Placeholder for description of property client_insights_sampling of obj type AnalyticsPolicy field type str type ref. |
ALBClientInsightsSampling | |
| client_log_filters | Client log filters Placeholder for description of property client_log_filters of obj type AnalyticsPolicy field type str type array. |
array of ALBClientLogFilter | |
| full_client_logs | Full client logs Placeholder for description of property full_client_logs of obj type AnalyticsPolicy field type str type ref. |
ALBFullClientLogs | |
| metrics_realtime_update | Metrics realtime update Settings to turn on realtime metrics and set duration for realtime updates. |
ALBMetricsRealTimeUpdate | |
| significant_log_throttle | Significant log throttle This setting limits the number of significant logs generated per second for this VS on each SE. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Default: "10" |
| udf_log_throttle | Udf log throttle This setting limits the total number of UDF logs generated per second for this VS on each SE. UDF logs are generated due to the configured client log filters or the rules with logging enabled. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Default: "10" |
ALBAnalyticsProfile (schema)
AnalyticsProfile
Advanced load balancer AnalyticsProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| apdex_response_threshold | Apdex response threshold If a client receives an HTTP response in less than the Satisfactory Latency Threshold, the request is considered Satisfied. It is considered Tolerated if it is not Satisfied and less than Tolerated Latency Factor multiplied by the Satisfactory Latency Threshold. Greater than this number and the client's request is considered Frustrated. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 500) edition, Essentials(Allowed values- 500) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 500. |
integer | Minimum: 1 Maximum: 30000 Default: "500" |
| apdex_response_tolerated_factor | Apdex response tolerated factor Client tolerated response latency factor. Client must receive a response within this factor times the satisfactory threshold (apdex_response_threshold) to be considered tolerated. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. |
number | Default: "4.0" |
| apdex_rtt_threshold | Apdex rtt threshold Satisfactory client to Avi Round Trip Time(RTT). Allowed values are 1-2000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 250) edition, Essentials(Allowed values- 250) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 250. |
integer | Minimum: 1 Maximum: 2000 Default: "250" |
| apdex_rtt_tolerated_factor | Apdex rtt tolerated factor Tolerated client to Avi Round Trip Time(RTT) factor. It is a multiple of apdex_rtt_tolerated_factor. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. |
number | Default: "4.0" |
| apdex_rum_threshold | Apdex rum threshold If a client is able to load a page in less than the Satisfactory Latency Threshold, the PageLoad is considered Satisfied. It is considered tolerated if it is greater than Satisfied but less than the Tolerated Latency multiplied by Satisifed Latency. Greater than this number and the client's request is considered Frustrated. A PageLoad includes the time for DNS lookup, download of all HTTP objects, and page render time. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 5000) edition, Essentials(Allowed values- 5000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5000. |
integer | Minimum: 1 Maximum: 30000 Default: "5000" |
| apdex_rum_tolerated_factor | Apdex rum tolerated factor Virtual service threshold factor for tolerated Page Load Time (PLT) as multiple of apdex_rum_threshold. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. |
number | Default: "4.0" |
| apdex_server_response_threshold | Apdex server response threshold A server HTTP response is considered Satisfied if latency is less than the Satisfactory Latency Threshold. The response is considered tolerated when it is greater than Satisfied but less than the Tolerated Latency Factor (STAR) S_Latency. Greater than this number and the server response is considered Frustrated. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 400) edition, Essentials(Allowed values- 400) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 400. |
integer | Minimum: 1 Maximum: 30000 Default: "400" |
| apdex_server_response_tolerated_factor | Apdex server response tolerated factor Server tolerated response latency factor. Servermust response within this factor times the satisfactory threshold (apdex_server_response_threshold) to be considered tolerated. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. |
number | Default: "4.0" |
| apdex_server_rtt_threshold | Apdex server rtt threshold Satisfactory client to Avi Round Trip Time(RTT). Allowed values are 1-2000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 125) edition, Essentials(Allowed values- 125) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 125. |
integer | Minimum: 1 Maximum: 2000 Default: "125" |
| apdex_server_rtt_tolerated_factor | Apdex server rtt tolerated factor Tolerated client to Avi Round Trip Time(RTT) factor. It is a multiple of apdex_rtt_tolerated_factor. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. |
number | Default: "4.0" |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| client_log_config | Client log config Configure which logs are sent to the Avi Controller from SEs and how they are processed. |
ALBClientLogConfiguration | |
| client_log_streaming_config | Client log streaming config Configure to stream logs to an external server. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBClientLogStreamingConfig | |
| conn_lossy_ooo_threshold | Conn lossy ooo threshold A connection between client and Avi is considered lossy when more than this percentage of out of order packets are received. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50. |
integer | Minimum: 1 Maximum: 100 Default: "50" |
| conn_lossy_timeo_rexmt_threshold | Conn lossy timeo rexmt threshold A connection between client and Avi is considered lossy when more than this percentage of packets are retransmitted due to timeout. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20. |
integer | Minimum: 1 Maximum: 100 Default: "20" |
| conn_lossy_total_rexmt_threshold | Conn lossy total rexmt threshold A connection between client and Avi is considered lossy when more than this percentage of packets are retransmitted. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50. |
integer | Minimum: 1 Maximum: 100 Default: "50" |
| conn_lossy_zero_win_size_event_threshold | Conn lossy zero win size event threshold A client connection is considered lossy when percentage of times a packet could not be trasmitted due to TCP zero window is above this threshold. Allowed values are 0-100. Unit is PERCENT. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2. |
integer | Minimum: 0 Maximum: 100 Default: "2" |
| conn_server_lossy_ooo_threshold | Conn server lossy ooo threshold A connection between Avi and server is considered lossy when more than this percentage of out of order packets are received. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50. |
integer | Minimum: 1 Maximum: 100 Default: "50" |
| conn_server_lossy_timeo_rexmt_threshold | Conn server lossy timeo rexmt threshold A connection between Avi and server is considered lossy when more than this percentage of packets are retransmitted due to timeout. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20. |
integer | Minimum: 1 Maximum: 100 Default: "20" |
| conn_server_lossy_total_rexmt_threshold | Conn server lossy total rexmt threshold A connection between Avi and server is considered lossy when more than this percentage of packets are retransmitted. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50. |
integer | Minimum: 1 Maximum: 100 Default: "50" |
| conn_server_lossy_zero_win_size_event_threshold | Conn server lossy zero win size event threshold A server connection is considered lossy when percentage of times a packet could not be trasmitted due to TCP zero window is above this threshold. Allowed values are 0-100. Unit is PERCENT. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2. |
integer | Minimum: 0 Maximum: 100 Default: "2" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_adaptive_config | Enable adaptive config Enable adaptive configuration for optimizing resource usage. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| enable_advanced_analytics | Enable advanced analytics Enables Advanced Analytics features like Anomaly detection. If set to false, anomaly computation (and associated rules/events) for VS, Pool and Server metrics will be deactivated. However, setting it to false reduces cpu and memory requirements for Analytics subsystem. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_ondemand_metrics | Enable ondemand metrics Virtual Service (VS) metrics are processed only when there is live data traffic on the VS. In case, VS is idle for a period of time as specified by ondemand_metrics_idle_timeout then metrics processing is suspended for that VS. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| enable_se_analytics | Enable se analytics Enable node (service engine) level analytics forvs metrics. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| enable_server_analytics | Enable server analytics Enables analytics on backend servers. This may be desired in container environment when there are large number of ephemeral servers. Additionally, no healthscore of servers is computed when server analytics is enabled. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| enable_vs_analytics | Enable vs analytics Enable VirtualService (frontend) Analytics. This flag enables metrics and healthscore for Virtualservice. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| exclude_client_close_before_request_as_error | Exclude client close before request as error Exclude client closed connection before an HTTP request could be completed from being classified as an error. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_dns_policy_drop_as_significant | Exclude dns policy drop as significant Exclude dns policy drops from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_gs_down_as_error | Exclude gs down as error Exclude queries to GSLB services that are operationally down from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_http_error_codes | Exclude http error codes List of HTTP status codes to be excluded from being classified as an error. Error connections or responses impacts health score, are included as significant logs, and may be classified as part of a DoS attack. |
array of integer | |
| exclude_invalid_dns_domain_as_error | Exclude invalid dns domain as error Exclude dns queries to domains outside the domains configured in the DNS application profile from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_invalid_dns_query_as_error | Exclude invalid dns query as error Exclude invalid dns queries from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_issuer_revoked_ocsp_responses_as_error | Exclude issuer revoked ocsp responses as error Exclude the Issuer-Revoked OCSP Responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| exclude_no_dns_record_as_error | Exclude no dns record as error Exclude queries to domains that did not have configured services/records from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_no_valid_gs_member_as_error | Exclude no valid gs member as error Exclude queries to GSLB services that have no available members from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_persistence_change_as_error | Exclude persistence change as error Exclude persistence server changed while load balancing' from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_revoked_ocsp_responses_as_error | Exclude revoked ocsp responses as error Exclude the Revoked OCSP certificate status responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| exclude_server_dns_error_as_error | Exclude server dns error as error Exclude server dns error response from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_server_tcp_reset_as_error | Exclude server tcp reset as error Exclude server TCP reset from errors. It is common for applications like MS Exchange. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_sip_error_codes | Exclude sip error codes List of SIP status codes to be excluded from being classified as an error. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of integer | |
| exclude_stale_ocsp_responses_as_error | Exclude stale ocsp responses as error Exclude the Stale OCSP certificate status responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| exclude_syn_retransmit_as_error | Exclude syn retransmit as error Exclude 'server unanswered syns' from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_tcp_reset_as_error | Exclude tcp reset as error Exclude TCP resets by client from the list of potential errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| exclude_unavailable_ocsp_responses_as_error | Exclude unavailable ocsp responses as error Exclude the unavailable OCSP Responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| exclude_unsupported_dns_query_as_error | Exclude unsupported dns query as error Exclude unsupported dns queries from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| healthscore_max_server_limit | Healthscore max server limit Skips health score computation of pool servers when number of servers in a pool is more than this setting. Allowed values are 0-5000. Special values are 0- 'server health score is deactivated'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Special default for Basic edition is 0, Essentials edition is 0, Enterprise is 20. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 5000 Default: "0" |
| hs_event_throttle_window | Hs event throttle window Time window (in secs) within which only unique health change events should occur. Allowed in Basic(Allowed values- 1209600) edition, Essentials(Allowed values- 1209600) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1209600. |
integer | Default: "1209600" |
| hs_max_anomaly_penalty | Hs max anomaly penalty Maximum penalty that may be deducted from health score for anomalies. Allowed values are 0-100. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Minimum: 0 Maximum: 100 Default: "10" |
| hs_max_resources_penalty | Hs max resources penalty Maximum penalty that may be deducted from health score for high resource utilization. Allowed values are 0-100. Allowed in Basic(Allowed values- 25) edition, Essentials(Allowed values- 25) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 25. |
integer | Minimum: 0 Maximum: 100 Default: "25" |
| hs_max_security_penalty | Hs max security penalty Maximum penalty that may be deducted from health score based on security assessment. Allowed values are 0-100. Allowed in Basic(Allowed values- 100) edition, Essentials(Allowed values- 100) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 100. |
integer | Minimum: 0 Maximum: 100 Default: "100" |
| hs_min_dos_rate | Hs min dos rate DoS connection rate below which the DoS security assessment will not kick in. Allowed in Basic(Allowed values- 1000) edition, Essentials(Allowed values- 1000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1000. |
integer | Default: "1000" |
| hs_performance_boost | Hs performance boost Adds free performance score credits to health score. It can be used for compensating health score for known slow applications. Allowed values are 0-100. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 100 Default: "0" |
| hs_pscore_traffic_threshold_l4_client | Hs pscore traffic threshold l4 client Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10.0. |
number | Default: "10.0" |
| hs_pscore_traffic_threshold_l4_server | Hs pscore traffic threshold l4 server Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10.0. |
number | Default: "10.0" |
| hs_security_certscore_expired | Hs security certscore expired Score assigned when the certificate has expired. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0. |
number | Default: "0.0" |
| hs_security_certscore_gt30d | Hs security certscore gt30d Score assigned when the certificate expires in more than 30 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. |
number | Default: "5.0" |
| hs_security_certscore_le07d | Hs security certscore le07d Score assigned when the certificate expires in less than or equal to 7 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 2.0) edition, Essentials(Allowed values- 2.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.0. |
number | Default: "2.0" |
| hs_security_certscore_le30d | Hs security certscore le30d Score assigned when the certificate expires in less than or equal to 30 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 4.0) edition, Essentials(Allowed values- 4.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. |
number | Default: "4.0" |
| hs_security_chain_invalidity_penalty | Hs security chain invalidity penalty Penalty for allowing certificates with invalid chain. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. |
number | Default: "1.0" |
| hs_security_cipherscore_eq000b | Hs security cipherscore eq000b Score assigned when the minimum cipher strength is 0 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0. |
number | Default: "0.0" |
| hs_security_cipherscore_ge128b | Hs security cipherscore ge128b Score assigned when the minimum cipher strength is greater than equal to 128 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. |
number | Default: "5.0" |
| hs_security_cipherscore_lt128b | Hs security cipherscore lt128b Score assigned when the minimum cipher strength is less than 128 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 3.5) edition, Essentials(Allowed values- 3.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 3.5. |
number | Default: "3.5" |
| hs_security_encalgo_score_none | Hs security encalgo score none Score assigned when no algorithm is used for encryption. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0. |
number | Default: "0.0" |
| hs_security_encalgo_score_rc4 | Hs security encalgo score rc4 Score assigned when RC4 algorithm is used for encryption. Allowed values are 0-5. Allowed in Basic(Allowed values- 2.5) edition, Essentials(Allowed values- 2.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.5. |
number | Default: "2.5" |
| hs_security_hsts_penalty | Hs security hsts penalty Penalty for not enabling HSTS. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. |
number | Default: "1.0" |
| hs_security_nonpfs_penalty | Hs security nonpfs penalty Penalty for allowing non-PFS handshakes. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. |
number | Default: "1.0" |
| hs_security_ocsp_revoked_score | Hs security ocsp revoked score Score assigned when OCSP Certificate Status is set to Revoked or Issuer Revoked. Allowed values are 0.0-5.0. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0. |
number | Default: "0.0" |
| hs_security_selfsignedcert_penalty | Hs security selfsignedcert penalty Deprecated. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. |
number | Default: "1.0" |
| hs_security_ssl30_score | Hs security ssl30 score Score assigned when supporting SSL3.0 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 3.5) edition, Essentials(Allowed values- 3.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 3.5. |
number | Default: "3.5" |
| hs_security_tls10_score | Hs security tls10 score Score assigned when supporting TLS1.0 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. |
number | Default: "5.0" |
| hs_security_tls11_score | Hs security tls11 score Score assigned when supporting TLS1.1 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. |
number | Default: "5.0" |
| hs_security_tls12_score | Hs security tls12 score Score assigned when supporting TLS1.2 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. |
number | Default: "5.0" |
| hs_security_tls13_score | Hs security tls13 score Score assigned when supporting TLS1.3 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. |
number | |
| hs_security_weak_signature_algo_penalty | Hs security weak signature algo penalty Penalty for allowing weak signature algorithm(s). Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. |
number | Default: "1.0" |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| ondemand_metrics_idle_timeout | Ondemand metrics idle timeout This flag sets the time duration of no live data traffic after which Virtual Service metrics processing is suspended. It is applicable only when enable_ondemand_metrics is set to false. Unit is SECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 1800. |
integer | Default: "1800" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| ranges | Ranges List of HTTP status code ranges to be excluded from being classified as an error. |
array of ALBHTTPStatusRange | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBAnalyticsProfile | string | |
| resp_code_block | Resp code block Block of HTTP response codes to be excluded from being classified as an error. Enum options - AP_HTTP_RSP_4XX, AP_HTTP_RSP_5XX. |
array of ALBAnalyticsProfileRespCodeBlock | |
| sensitive_log_profile | Sensitive log profile Rules applied to the HTTP application log for filtering sensitive information. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBSensitiveLogProfile | |
| sip_log_depth | Sip log depth Maximum number of SIP messages added in logs for a SIP transaction. By default, this value is 20. Allowed values are 1-1000. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20. |
integer | Minimum: 1 Maximum: 1000 Default: "20" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBAnalyticsProfileApiResponse (schema)
AnalyticsProfileApiResponse
AnalyticsProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of AnalyticsProfile Array of AnalyticsProfile |
array of ALBAnalyticsProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBAnalyticsProfileRespCodeBlock (schema)
AnalyticsProfileRespCodeBlock type
Valid ENUM values for ALBAnalyticsProfileRespCodeBlock
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAnalyticsProfileRespCodeBlock | AnalyticsProfileRespCodeBlock type Valid ENUM values for ALBAnalyticsProfileRespCodeBlock |
string | Enum: AP_HTTP_RSP_4XX, AP_HTTP_RSP_5XX |
ALBAppCookiePersistenceProfile (schema)
AppCookiePersistenceProfile
Advanced load balancer AppCookiePersistenceProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| encryption_key | Encryption key Key to use for cookie encryption. |
string | |
| prst_hdr_name | Prst hdr name Header or cookie name for application cookie persistence. |
string | Required |
| timeout | Timeout The length of time after a client's connections have closed before expiring the client's persistence to a server. Allowed values are 1-720. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 20. |
integer | Minimum: 1 Maximum: 720 Default: "20" |
ALBAppLearningConfidenceLabel (schema)
AppLearningConfidenceLabel type
Valid ENUM values for ALBAppLearningConfidenceLabel
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAppLearningConfidenceLabel | AppLearningConfidenceLabel type Valid ENUM values for ALBAppLearningConfidenceLabel |
string | Enum: CONFIDENCE_VERY_HIGH, CONFIDENCE_HIGH, CONFIDENCE_PROBABLE, CONFIDENCE_LOW, CONFIDENCE_NONE |
ALBAppLearningConfidenceOverride (schema)
AppLearningConfidenceOverride
Advanced load balancer AppLearningConfidenceOverride object
| Name | Description | Type | Notes |
|---|---|---|---|
| confid_high_value | Confid high value Confidence threshold for label CONFIDENCE_HIGH. Default value when not specified in API or module is interpreted by ALB Controller as 9500. |
integer | Default: "9500" |
| confid_low_value | Confid low value Confidence threshold for label CONFIDENCE_LOW. Default value when not specified in API or module is interpreted by ALB Controller as 7500. |
integer | Default: "7500" |
| confid_probable_value | Confid probable value Confidence threshold for label CONFIDENCE_PROBABLE. Default value when not specified in API or module is interpreted by ALB Controller as 9000. |
integer | Default: "9000" |
| confid_very_high_value | Confid very high value Confidence threshold for label CONFIDENCE_VERY_HIGH. Default value when not specified in API or module is interpreted by ALB Controller as 9999. |
integer | Default: "9999" |
ALBAppLearningParams (schema)
AppLearningParams
Advanced load balancer AppLearningParams object
| Name | Description | Type | Notes |
|---|---|---|---|
| enable_per_uri_learning | Enable per uri learning Learn the params per URI path. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| max_params | Max params Maximum number of params to learn for an application. Allowed values are 10-1000. Default value when not specified in API or module is interpreted by ALB Controller as 100. |
integer | Minimum: 10 Maximum: 1000 Default: "100" |
| max_uris | Max uris Maximum number of URI paths to learn for an application. Allowed values are 10-10000. Default value when not specified in API or module is interpreted by ALB Controller as 500. |
integer | Minimum: 10 Maximum: 10000 Default: "500" |
| min_hits_to_learn | Min hits to learn Minimum number of occurances required for a Param to qualify for learning. Default value when not specified in API or module is interpreted by ALB Controller as 10000. |
integer | Default: "10000" |
| sampling_percent | Sampling percent Percent of the requests subjected to Application learning. Allowed values are 1-100. Unit is PERCENT. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Minimum: 1 Maximum: 100 Default: "1" |
| update_interval | Update interval Frequency with which SE publishes Application learning data to controller. Allowed values are 1-60. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30. |
integer | Minimum: 1 Maximum: 60 Default: "30" |
ALBApplicationPersistenceProfile (schema)
ApplicationPersistenceProfile
Advanced load balancer ApplicationPersistenceProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| app_cookie_persistence_profile | App cookie persistence profile Specifies the Application Cookie Persistence profile parameters. |
ALBAppCookiePersistenceProfile | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| hdr_persistence_profile | Hdr persistence profile Specifies the custom HTTP Header Persistence profile parameters. |
ALBHdrPersistenceProfile | |
| http_cookie_persistence_profile | Http cookie persistence profile Specifies the HTTP Cookie Persistence profile parameters. |
ALBHttpCookiePersistenceProfile | |
| id | Unique identifier of this resource | string | Sortable |
| ip_persistence_profile | Ip persistence profile Specifies the Client IP Persistence profile parameters. |
ALBIPPersistenceProfile | |
| is_federated | Is federated This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| persistence_type | Persistence type Method used to persist clients to the same server for a duration of time or a session. Enum options - PERSISTENCE_TYPE_CLIENT_IP_ADDRESS, PERSISTENCE_TYPE_HTTP_COOKIE, PERSISTENCE_TYPE_TLS, PERSISTENCE_TYPE_CLIENT_IPV6_ADDRESS, PERSISTENCE_TYPE_CUSTOM_HTTP_HEADER, PERSISTENCE_TYPE_APP_COOKIE, PERSISTENCE_TYPE_GSLB_SITE. Allowed in Basic(Allowed values- PERSISTENCE_TYPE_CLIENT_IP_ADDRESS,PERSISTENCE_TYPE_HTTP_COOKIE) edition, Essentials(Allowed values- PERSISTENCE_TYPE_CLIENT_IP_ADDRESS,PERSISTENCE_TYPE_HTTP_COOKIE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PERSISTENCE_TYPE_CLIENT_IP_ADDRESS. |
ALBPersistenceProfileType | Required Default: "PERSISTENCE_TYPE_CLIENT_IP_ADDRESS" |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBApplicationPersistenceProfile | string | |
| server_hm_down_recovery | Server hm down recovery Specifies behavior when a persistent server has been marked down by a health monitor. Enum options - HM_DOWN_PICK_NEW_SERVER, HM_DOWN_ABORT_CONNECTION, HM_DOWN_CONTINUE_PERSISTENT_SERVER. Allowed in Basic(Allowed values- HM_DOWN_PICK_NEW_SERVER) edition, Essentials(Allowed values- HM_DOWN_PICK_NEW_SERVER) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as HM_DOWN_PICK_NEW_SERVER. |
ALBPersistentServerHMDownRecovery | Default: "HM_DOWN_PICK_NEW_SERVER" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBApplicationPersistenceProfileApiResponse (schema)
ApplicationPersistenceProfileApiResponse
ApplicationPersistenceProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of ApplicationPersistenceProfile Array of ApplicationPersistenceProfile |
array of ALBApplicationPersistenceProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBApplicationProfile (schema)
ApplicationProfile
Advanced load balancer ApplicationProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cloud_config_cksum | Cloud config cksum Checksum of application profiles. Internally set by cloud connector. |
string | |
| created_by | Created by Name of the application profile creator. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_service_profile | Dns service profile Specifies various DNS service related controls for virtual service. |
ALBDnsServiceApplicationProfile | |
| dos_rl_profile | Dos rl profile Specifies various security related controls for virtual service. |
ALBDosRateLimitProfile | |
| http_profile | Http profile Specifies the HTTP application proxy profile parameters. |
ALBHTTPApplicationProfile | |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| preserve_client_ip | Preserve client ip Specifies if client IP needs to be preserved for backend connection. Not compatible with Connection Multiplexing. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| preserve_client_port | Preserve client port Specifies if we need to preserve client port while preserving client IP for backend connections. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| preserve_dest_ip_port | Preserve dest ip port Specifies if destination IP and port needs to be preserved for backend connection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBApplicationProfile | string | |
| sip_service_profile | Sip service profile Specifies various SIP service related controls for virtual service. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBSipServiceApplicationProfile | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_app_profile | Tcp app profile Specifies the TCP application proxy profile parameters. |
ALBTCPApplicationProfile | |
| type | Type Specifies which application layer proxy is enabled for the virtual service. Enum options - APPLICATION_PROFILE_TYPE_L4, APPLICATION_PROFILE_TYPE_HTTP, APPLICATION_PROFILE_TYPE_SYSLOG, APPLICATION_PROFILE_TYPE_DNS, APPLICATION_PROFILE_TYPE_SSL, APPLICATION_PROFILE_TYPE_SIP. Allowed in Basic(Allowed values- APPLICATION_PROFILE_TYPE_L4,APPLICATION_PROFILE_TYPE_HTTP) edition, Essentials(Allowed values- APPLICATION_PROFILE_TYPE_L4) edition, Enterprise edition. |
ALBApplicationProfileType | Required |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBApplicationProfileApiResponse (schema)
ApplicationProfileApiResponse
ApplicationProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of ApplicationProfile Array of ApplicationProfile |
array of ALBApplicationProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBApplicationProfileType (schema)
ApplicationProfileType type
Valid ENUM values for ALBApplicationProfileType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBApplicationProfileType | ApplicationProfileType type Valid ENUM values for ALBApplicationProfileType |
string | Enum: APPLICATION_PROFILE_TYPE_L4, APPLICATION_PROFILE_TYPE_HTTP, APPLICATION_PROFILE_TYPE_SYSLOG, APPLICATION_PROFILE_TYPE_DNS, APPLICATION_PROFILE_TYPE_SSL, APPLICATION_PROFILE_TYPE_SIP |
ALBAttackMitigationAction (schema)
AttackMitigationAction
Advanced load balancer AttackMitigationAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| deny | Deny Deny the attack packets further processing and drop them. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBAttackType (schema)
AttackType type
Valid ENUM values for ALBAttackType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAttackType | AttackType type Valid ENUM values for ALBAttackType |
string | Enum: LAND, SMURF, ICMP_PING_FLOOD, UNKOWN_PROTOCOL, TEARDROP, IP_FRAG_OVERRUN, IP_FRAG_TOOSMALL, IP_FRAG_FULL, IP_FRAG_INCOMPLETE, PORT_SCAN, TCP_NON_SYN_FLOOD_OLD, SYN_FLOOD, BAD_RST_FLOOD, MALFORMED_FLOOD, FAKE_SESSION, ZERO_WINDOW_STRESS, SMALL_WINDOW_STRESS, DOS_HTTP_TIMEOUT, DOS_HTTP_ERROR, DOS_HTTP_ABORT, DOS_SSL_ERROR, DOS_APP_ERROR, DOS_REQ_IP_RL_DROP, DOS_REQ_URI_RL_DROP, DOS_REQ_URI_SCAN_BAD_RL_DROP, DOS_REQ_URI_SCAN_UNKNOWN_RL_DROP, DOS_REQ_IP_URI_RL_DROP, DOS_CONN_IP_RL_DROP, DOS_SLOW_URL, TCP_NON_SYN_FLOOD, DOS_REQ_CIP_SCAN_BAD_RL_DROP, DOS_REQ_CIP_SCAN_UNKNOWN_RL_DROP, DOS_REQ_IP_RL_DROP_BAD, DOS_REQ_URI_RL_DROP_BAD, DOS_REQ_IP_URI_RL_DROP_BAD, POLICY_DROPS, DOS_CONN_RL_DROP, DOS_REQ_RL_DROP, DOS_REQ_HDR_RL_DROP, DOS_REQ_CUSTOM_RL_DROP, DNS_ATTACK_REFLECTION |
ALBAuthAttributeMatch (schema)
AuthAttributeMatch
Advanced load balancer AuthAttributeMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| attribute_name | Attribute name Attribute name whose values will be looked up in the access lists. |
string | Required |
| attribute_value_list | Attribute value list Attribute Values used to determine access when authentication applies. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBStringMatch | Required |
ALBAuthLdapSearchScope (schema)
AuthLdapSearchScope type
Valid ENUM values for ALBAuthLdapSearchScope
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthLdapSearchScope | AuthLdapSearchScope type Valid ENUM values for ALBAuthLdapSearchScope |
string | Enum: AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE |
ALBAuthLdapSecurityMode (schema)
AuthLdapSecurityMode type
Valid ENUM values for ALBAuthLdapSecurityMode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthLdapSecurityMode | AuthLdapSecurityMode type Valid ENUM values for ALBAuthLdapSecurityMode |
string | Enum: AUTH_LDAP_SECURE_NONE, AUTH_LDAP_SECURE_USE_LDAPS |
ALBAuthProfile (schema)
AuthProfile
Advanced load balancer AuthProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| http | Http HTTP user authentication params. |
ALBAuthProfileHTTPClientParams | |
| id | Unique identifier of this resource | string | Sortable |
| ldap | Ldap LDAP server and directory settings. |
ALBLdapAuthSettings | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBAuthProfile | string | |
| saml | Saml SAML settings. |
ALBSamlSettings | |
| tacacs_plus | Tacacs plus TACACS+ settings. |
ALBTacacsPlusAuthSettings | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Type Type of the Auth Profile. Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS, AUTH_PROFILE_JWT. |
ALBAuthProfileType | Required |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBAuthProfileApiResponse (schema)
AuthProfileApiResponse
AuthProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of AuthProfile Array of AuthProfile |
array of ALBAuthProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBAuthProfileHTTPClientParams (schema)
AuthProfileHTTPClientParams
Advanced load balancer AuthProfileHTTPClientParams object
| Name | Description | Type | Notes |
|---|---|---|---|
| cache_expiration_time | Cache expiration time The max allowed length of time a clients authentication is cached. Allowed values are 1-30. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 5. |
integer | Minimum: 1 Maximum: 30 Default: "5" |
| request_header | Request header Insert an HTTP header. This field is used to define the header name. The value of the header is set to the client's HTTP Auth user ID. |
string | |
| require_user_groups | Require user groups A user should be a member of these groups. Each group is defined by the DN. For example, CN=testgroup,OU=groups,dc=example,dc=avinetworks,DC=com. |
array of string |
ALBAuthProfileType (schema)
AuthProfileType type
Valid ENUM values for ALBAuthProfileType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthProfileType | AuthProfileType type Valid ENUM values for ALBAuthProfileType |
string | Enum: AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS, AUTH_PROFILE_JWT |
ALBAuthSamlEntityType (schema)
AuthSamlEntityType type
Valid ENUM values for ALBAuthSamlEntityType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthSamlEntityType | AuthSamlEntityType type Valid ENUM values for ALBAuthSamlEntityType |
string | Enum: AUTH_SAML_CLUSTER_VIP, AUTH_SAML_DNS_FQDN, AUTH_SAML_APP_VS |
ALBAuthTacacsPlusAttributeValuePair (schema)
AuthTacacsPlusAttributeValuePair
Advanced load balancer AuthTacacsPlusAttributeValuePair object
| Name | Description | Type | Notes |
|---|---|---|---|
| mandatory | Mandatory mandatory. |
boolean | |
| name | Name attribute name. |
string | |
| value | Value attribute value. |
string |
ALBAuthTacacsPlusService (schema)
AuthTacacsPlusService type
Valid ENUM values for ALBAuthTacacsPlusService
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthTacacsPlusService | AuthTacacsPlusService type Valid ENUM values for ALBAuthTacacsPlusService |
string | Enum: AUTH_TACACS_PLUS_SERVICE_NONE, AUTH_TACACS_PLUS_SERVICE_LOGIN, AUTH_TACACS_PLUS_SERVICE_ENABLE, AUTH_TACACS_PLUS_SERVICE_PPP, AUTH_TACACS_PLUS_SERVICE_ARAP, AUTH_TACACS_PLUS_SERVICE_PT, AUTH_TACACS_PLUS_SERVICE_RCMD, AUTH_TACACS_PLUS_SERVICE_X25, AUTH_TACACS_PLUS_SERVICE_NASI, AUTH_TACACS_PLUS_SERVICE_FWPROXY |
ALBAuthToken (schema)
Auth Token
ALB Auth Token
| Name | Description | Type | Notes |
|---|---|---|---|
| expires_at | Expiry time of the token Expiry time of the token will be set by LCM at the time of Enforcement Point Creation. |
string | |
| hours | hours Hours to validate the token |
string | Required |
| token | Token for Avi Controller Token for Avi Controller. |
string | |
| username | username controller username. |
string | Required |
ALBAuthenticationAction (schema)
AuthenticationAction
Advanced load balancer AuthenticationAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| type | Type Authentication Action to be taken for a matched Rule. Enum options - SKIP_AUTHENTICATION, USE_DEFAULT_AUTHENTICATION. Default value when not specified in API or module is interpreted by ALB Controller as USE_DEFAULT_AUTHENTICATION. |
ALBAuthenticationActionEnum | Default: "USE_DEFAULT_AUTHENTICATION" |
ALBAuthenticationActionEnum (schema)
AuthenticationActionEnum type
Valid ENUM values for ALBAuthenticationActionEnum
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthenticationActionEnum | AuthenticationActionEnum type Valid ENUM values for ALBAuthenticationActionEnum |
string | Enum: SKIP_AUTHENTICATION, USE_DEFAULT_AUTHENTICATION |
ALBAuthenticationMatch (schema)
AuthenticationMatch
Advanced load balancer AuthenticationMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip | Client ip Configure client ip addresses. |
ALBIpAddrMatch | |
| host_hdr | Host hdr Configure the host header. |
ALBHostHdrMatch | |
| path | Path Configure request paths. |
ALBPathMatch |
ALBAuthenticationPolicy (schema)
AuthenticationPolicy
Advanced load balancer AuthenticationPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| authn_rules | Authn rules Add rules to apply auth profile to specific targets. |
array of ALBAuthenticationRule | |
| default_auth_profile_path | Default auth profile path Auth Profile to use for validating users. It is a reference to an object of type AuthProfile. |
string | Required |
ALBAuthenticationRule (schema)
AuthenticationRule
Advanced load balancer AuthenticationRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Enable or disable authentication for matched targets. |
ALBAuthenticationAction | |
| enable | Enable Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| index | Index Index of the rule. |
integer | Required |
| match | Match Add match criteria to the rule. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBAuthenticationMatch | |
| name | Name Name of the rule. |
string | Required |
ALBAuthorizationAction (schema)
AuthorizationAction
Advanced load balancer AuthorizationAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| status_code | Status code HTTP status code to use for local response when an policy rule is matched. Enum options - HTTP_RESPONSE_STATUS_CODE_401, HTTP_RESPONSE_STATUS_CODE_403. |
ALBAuthorizationActionHttpStatusCode | |
| type | Type Defines the action taken when an authorization policy rule is matched. By default, access is allowed to the requested resource. Enum options - ALLOW_ACCESS, CLOSE_CONNECTION, HTTP_LOCAL_RESPONSE. Default value when not specified in API or module is interpreted by ALB Controller as ALLOW_ACCESS. |
ALBAuthorizationActionEnum | Default: "ALLOW_ACCESS" |
ALBAuthorizationActionEnum (schema)
AuthorizationActionEnum type
Valid ENUM values for ALBAuthorizationActionEnum
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthorizationActionEnum | AuthorizationActionEnum type Valid ENUM values for ALBAuthorizationActionEnum |
string | Enum: ALLOW_ACCESS, CLOSE_CONNECTION, HTTP_LOCAL_RESPONSE |
ALBAuthorizationActionHttpStatusCode (schema)
AuthorizationActionHttpStatusCode type
Valid ENUM values for ALBAuthorizationActionHttpStatusCode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthorizationActionHttpStatusCode | AuthorizationActionHttpStatusCode type Valid ENUM values for ALBAuthorizationActionHttpStatusCode |
string | Enum: HTTP_RESPONSE_STATUS_CODE_401, HTTP_RESPONSE_STATUS_CODE_403 |
ALBAuthorizationMatch (schema)
AuthorizationMatch
Advanced load balancer AuthorizationMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| attr_matches | Attr matches Attributes whose values need to be matched. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBAuthAttributeMatch | |
| host_hdr | Host hdr Host header value to be matched. |
ALBHostHdrMatch | |
| method | Method HTTP methods to be matched. |
ALBMethodMatch | |
| path | Path Paths/URLs to be matched. |
ALBPathMatch |
ALBAuthorizationPolicy (schema)
AuthorizationPolicy
Advanced load balancer AuthorizationPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| authz_rules | Authz rules Authorization Policy Rules. |
array of ALBAuthorizationRule |
ALBAuthorizationRule (schema)
AuthorizationRule
Advanced load balancer AuthorizationRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Authorization action when rule is matched. |
ALBAuthorizationAction | Required |
| enable | Enable Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| index | Index Index of the Authorization Policy rule. |
integer | Required |
| match | Match Authorization match criteria for the rule. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBAuthorizationMatch | Required |
| name | Name Name of the rule. |
string | Required |
ALBAutoScaleLaunchConfig (schema)
AutoScaleLaunchConfig
Advanced load balancer AutoScaleLaunchConfig object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| image_id | Image id Unique ID of the Amazon Machine Image (AMI) or OpenStack VM ID. |
string | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| mesos | Mesos Placeholder for description of property mesos of obj type AutoScaleLaunchConfig field type str type ref. |
ALBAutoScaleMesosSettings | |
| openstack | Openstack Placeholder for description of property openstack of obj type AutoScaleLaunchConfig field type str type ref. |
ALBAutoScaleOpenStackSettings | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBAutoScaleLaunchConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| use_external_asg | Use external asg If set to True, ServerAutoscalePolicy will use the autoscaling group (external_autoscaling_groups) from Pool to perform scale up and scale down. Pool should have single autoscaling group configured. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBAutoScaleLaunchConfigApiResponse (schema)
AutoScaleLaunchConfigApiResponse
AutoScaleLaunchConfigApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of AutoScaleLaunchConfig Array of AutoScaleLaunchConfig |
array of ALBAutoScaleLaunchConfig | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBAutoScaleMesosSettings (schema)
AutoScaleMesosSettings
Advanced load balancer AutoScaleMesosSettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| force | Force Apply scaleout even when there are deployments inprogress. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBAutoScaleOpenStackSettings (schema)
AutoScaleOpenStackSettings
Advanced load balancer AutoScaleOpenStackSettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| heat_scale_down_url | Heat scale down url Avi Controller will use this URL to scale downthe pool. Cloud connector will automatically update the membership. This is an alpha feature. |
string | |
| heat_scale_up_url | Heat scale up url Avi Controller will use this URL to scale upthe pool. Cloud connector will automatically update the membership. This is an alpha feature. |
string |
ALBCRL (schema)
CRL
Advanced load balancer CRL object
| Name | Description | Type | Notes |
|---|---|---|---|
| body | Body Certificate Revocation list from a given issuer in PEM format. This can either be configured directly or via the server_url. |
string | |
| common_name | Common name Common name of the issuer in the Certificate Revocation list. |
string | |
| distinguished_name | Distinguished name Distinguished name of the issuer in the Certificate Revocation list. |
string | |
| etag | Etag Cached etag to optimize the download of the CRL. |
string | |
| fingerprint | Fingerprint Fingerprint of the CRL. Used to avoid configuring duplicates. |
string | |
| last_refreshed | Last refreshed Last time CRL was refreshed by the system. This is an internal field used by the system. |
string | |
| last_update | Last update The date when this CRL was last issued. |
string | |
| next_update | Next update The date when a newer CRL will be available. Also conveys the date after which the CRL should be considered obsolete. |
string | |
| server_url | Server url URL of a server that issues the Certificate Revocation list. If this is configured, CRL will be periodically downloaded either based on the configured update interval or the next update interval in the CRL. CRL itself is stored in the body. |
string | |
| text | Text Certificate Revocation list in plain text for readability. |
string | |
| update_interval | Update interval Interval in minutes to check for CRL update. If not specified, interval will be 1 day. Allowed values are 30-525600. Unit is MIN. |
integer | Minimum: 30 Maximum: 525600 |
ALBCertificateAuthority (schema)
CertificateAuthority
Advanced load balancer CertificateAuthority object
| Name | Description | Type | Notes |
|---|---|---|---|
| ca_path | Ca path It is a reference to an object of type SSLKeyAndCertificate. |
string | |
| name | Name Name of the object. |
string |
ALBCertificateManagementProfile (schema)
CertificateManagementProfile
Advanced load balancer CertificateManagementProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBCertificateManagementProfile | string | |
| script_params | Script params Placeholder for description of property script_params of obj type CertificateManagementProfile field type str type array. |
array of ALBCustomParams | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBClientInsights (schema)
ClientInsights type
Valid ENUM values for ALBClientInsights
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBClientInsights | ClientInsights type Valid ENUM values for ALBClientInsights |
string | Enum: NO_INSIGHTS, PASSIVE, ACTIVE |
ALBClientInsightsSampling (schema)
ClientInsightsSampling
Advanced load balancer ClientInsightsSampling object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip | Client ip Client IP addresses to check when inserting RUM script. |
ALBIpAddrMatch | |
| sample_uris | Sample uris URL patterns to check when inserting RUM script. |
ALBStringMatch | |
| skip_uris | Skip uris URL patterns to avoid when inserting RUM script. |
ALBStringMatch |
ALBClientLogConfiguration (schema)
ClientLogConfiguration
Advanced load balancer ClientLogConfiguration object
| Name | Description | Type | Notes |
|---|---|---|---|
| enable_significant_log_collection | Enable significant log collection Enable significant log collection. By default, this flag is enabled, which means that Avi SEs collect significant logs and forward them to Controller for further processing. For example, these logs correspond to error conditions such as when the response code for a request is 500. Users can deactivate this flag to turn off default significant log collection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| filtered_log_processing | Filtered log processing Filtered logs are logs that match any client log filters or rules with logging enabled. Such logs are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND. |
ALBLogsProcessingType | Default: "LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND" |
| non_significant_log_processing | Non significant log processing Logs that are neither significant nor filtered, are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND. |
ALBLogsProcessingType | Default: "LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND" |
| significant_log_processing | Significant log processing Significant logs are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND. |
ALBLogsProcessingType | Default: "LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND" |
ALBClientLogFilter (schema)
ClientLogFilter
Advanced load balancer ClientLogFilter object
| Name | Description | Type | Notes |
|---|---|---|---|
| all_headers | All headers Placeholder for description of property all_headers of obj type ClientLogFilter field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| client_ip | Client ip Placeholder for description of property client_ip of obj type ClientLogFilter field type str type ref. |
ALBIpAddrMatch | |
| duration | Duration Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30. |
integer | Default: "30" |
| enabled | Enabled Placeholder for description of property enabled of obj type ClientLogFilter field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Required Default: "False" |
| index | Index Number of index. |
integer | Required |
| name | Name Name of the object. |
string | Required |
| uri | Uri Placeholder for description of property uri of obj type ClientLogFilter field type str type ref. |
ALBStringMatch |
ALBClientLogStreamingConfig (schema)
ClientLogStreamingConfig
Advanced load balancer ClientLogStreamingConfig object
| Name | Description | Type | Notes |
|---|---|---|---|
| external_server | External server IP address or hostnames (FQDNs) of destination servers. If an FQDN is provided, this should be resolvable on Avi Service Engines. Multiple servers are supported by furnishing a comma-separated list of IP addresses or host names, for example, 11.11.11.11,23.12.12.4. Optionally, a separate port can be specified for each external server in the list, for example, 11.11.11.11 234,12.12.12.12 343. |
string | Required |
| external_server_port | External server port The service port to use for the external servers. If multiple external servers have been specified, the single port number specified here will apply to all those servers for which an explicit port number has not been specified in the external server list. Default value when not specified in API or module is interpreted by ALB Controller as 514. |
integer | Default: "514" |
| format_config | Format config Configuration to specify the format of streamed logs. By default, each log is encoded in JSON format. |
ALBClientLogStreamingFormat | |
| log_types_to_send | Log types to send Type of logs to stream to the external server. Default is LOGS_ALL, i.e., send all logs. Enum options - LOGS_SIGNIFICANT_ONLY, LOGS_UDF_ONLY, LOGS_UDF_SIGNIFICANT, LOGS_ALL. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_ALL. |
ALBLogsType | Default: "LOGS_ALL" |
| max_logs_per_second | Max logs per second Maximum number of logs per second streamed to the remote server. By default, 100 logs per second are streamed. Set this to zero(0) to not enforce any limit. Default value when not specified in API or module is interpreted by ALB Controller as 100. |
integer | Default: "100" |
| protocol | Protocol Protocol to use for streaming logs. Enum options - LOG_STREAMING_PROTOCOL_UDP, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_UDP, LOG_STREAMING_PROTOCOL_TCP, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TCP, LOG_STREAMING_PROTOCOL_RAW_OVER_UDP, LOG_STREAMING_PROTOCOL_TLS, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TLS. Default value when not specified in API or module is interpreted by ALB Controller as LOG_STREAMING_PROTOCOL_UDP. |
ALBClientLogStreamingProtocol | Default: "LOG_STREAMING_PROTOCOL_UDP" |
| syslog_config | Syslog config Syslog configuration if a Syslog-based protocol is specified for streaming. |
ALBStreamingSyslogConfig |
ALBClientLogStreamingFormat (schema)
ClientLogStreamingFormat
Advanced load balancer ClientLogStreamingFormat object
| Name | Description | Type | Notes |
|---|---|---|---|
| format | Format Format for the streamed logs. Enum options - LOG_STREAMING_FORMAT_JSON_FULL, LOG_STREAMING_FORMAT_JSON_SELECTED. |
ALBLogStreamingFormatType | Required |
| included_fields | Included fields List of log fields to be streamed, when selective fields (LOG_STREAMING_FORMAT_JSON_SELECTED) option is chosen. Only top-level fields in application or connection logs are supported. |
array of string |
ALBClientLogStreamingProtocol (schema)
ClientLogStreamingProtocol type
Valid ENUM values for ALBClientLogStreamingProtocol
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBClientLogStreamingProtocol | ClientLogStreamingProtocol type Valid ENUM values for ALBClientLogStreamingProtocol |
string | Enum: LOG_STREAMING_PROTOCOL_UDP, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_UDP, LOG_STREAMING_PROTOCOL_TCP, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TCP, LOG_STREAMING_PROTOCOL_RAW_OVER_UDP, LOG_STREAMING_PROTOCOL_TLS, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TLS |
ALBCloneServer (schema)
CloneServer
Advanced load balancer CloneServer object
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_address | Ip address IP Address of the Clone Server. |
ALBIpAddr | |
| mac | Mac MAC Address of the Clone Server. |
string | |
| network_name | Network name Network to clone the traffic to. It is a reference to an object of type Network. |
string | |
| subnet | Subnet Subnet of the network to clone the traffic to. |
ALBIpAddrPrefix |
ALBCloudType (schema)
CloudType type
Valid ENUM values for ALBCloudType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBCloudType | CloudType type Valid ENUM values for ALBCloudType |
string | Enum: CLOUD_NONE, CLOUD_VCENTER, CLOUD_OPENSTACK, CLOUD_AWS, CLOUD_VCA, CLOUD_APIC, CLOUD_MESOS, CLOUD_LINUXSERVER, CLOUD_DOCKER_UCP, CLOUD_RANCHER, CLOUD_OSHIFT_K8S, CLOUD_AZURE, CLOUD_GCP, CLOUD_NSXT |
ALBComparisonOperator (schema)
ComparisonOperator type
Valid ENUM values for ALBComparisonOperator
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBComparisonOperator | ComparisonOperator type Valid ENUM values for ALBComparisonOperator |
string | Enum: CO_EQ, CO_GT, CO_GE, CO_LT, CO_LE, CO_NE |
ALBCompressionFilter (schema)
CompressionFilter
Advanced load balancer CompressionFilter object
| Name | Description | Type | Notes |
|---|---|---|---|
| devices_path | Devices path It is a reference to an object of type StringGroup. |
string | |
| index | Index Number of index. |
integer | Required |
| ip_addr_prefixes | Ip addr prefixes Placeholder for description of property ip_addr_prefixes of obj type CompressionFilter field type str type array. |
array of ALBIpAddrPrefix | |
| ip_addr_ranges | Ip addr ranges Placeholder for description of property ip_addr_ranges of obj type CompressionFilter field type str type array. |
array of ALBIpAddrRange | |
| ip_addrs | Ip addrs Placeholder for description of property ip_addrs of obj type CompressionFilter field type str type array. |
array of ALBIpAddr | |
| ip_addrs_path | Ip addrs path It is a reference to an object of type IpAddrGroup. |
string | |
| level | Level Enum options - AGGRESSIVE_COMPRESSION, NORMAL_COMPRESSION, NO_COMPRESSION. Default value when not specified in API or module is interpreted by ALB Controller as NORMAL_COMPRESSION. |
ALBCompressionFilterLevel | Required Default: "NORMAL_COMPRESSION" |
| match | Match Whether to apply Filter when group criteria is matched or not. Enum options - IS_IN, IS_NOT_IN. Default value when not specified in API or module is interpreted by ALB Controller as IS_IN. |
ALBMatchOperation | Default: "IS_IN" |
| name | Name Name of the object. |
string | Required |
| user_agent | User agent Placeholder for description of property user_agent of obj type CompressionFilter field type str type array. |
array of string |
ALBCompressionFilterLevel (schema)
CompressionFilterLevel type
Valid ENUM values for ALBCompressionFilterLevel
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBCompressionFilterLevel | CompressionFilterLevel type Valid ENUM values for ALBCompressionFilterLevel |
string | Enum: AGGRESSIVE_COMPRESSION, NORMAL_COMPRESSION, NO_COMPRESSION |
ALBCompressionProfile (schema)
CompressionProfile
Advanced load balancer CompressionProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| compressible_content_path | Compressible content path Compress only content types listed in this string group. Content types not present in this list are not compressed. It is a reference to an object of type StringGroup. |
string | |
| compression | Compression Compress HTTP response content if it wasn't already compressed. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Required Default: "False" |
| filter | Filter Custom filters used when auto compression is not selected. |
array of ALBCompressionFilter | |
| remove_accept_encoding_header | Remove accept encoding header Offload compression from the servers to AVI. Saves compute cycles on the servers. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Required Default: "True" |
| type | Type Compress content automatically or add custom filters to define compressible content and compression levels. Enum options - AUTO_COMPRESSION, CUSTOM_COMPRESSION. Default value when not specified in API or module is interpreted by ALB Controller as AUTO_COMPRESSION. |
ALBCompressionType | Required Default: "AUTO_COMPRESSION" |
ALBCompressionType (schema)
CompressionType type
Valid ENUM values for ALBCompressionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBCompressionType | CompressionType type Valid ENUM values for ALBCompressionType |
string | Enum: AUTO_COMPRESSION, CUSTOM_COMPRESSION |
ALBCongestionAlgo (schema)
CongestionAlgo type
Valid ENUM values for ALBCongestionAlgo
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBCongestionAlgo | CongestionAlgo type Valid ENUM values for ALBCongestionAlgo |
string | Enum: CC_ALGO_NEW_RENO, CC_ALGO_CUBIC, CC_ALGO_HTCP |
ALBConnPoolProperties (schema)
ConnPoolProperties
Advanced load balancer ConnPoolProperties object
| Name | Description | Type | Notes |
|---|---|---|---|
| upstream_connpool_conn_idle_tmo | Upstream connpool conn idle tmo Connection idle timeout. Allowed in Basic(Allowed values- 60000) edition, Essentials(Allowed values- 60000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 60000. |
integer | Default: "60000" |
| upstream_connpool_conn_life_tmo | Upstream connpool conn life tmo Connection life timeout. Allowed in Basic(Allowed values- 600000) edition, Essentials(Allowed values- 600000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 600000. |
integer | Default: "600000" |
| upstream_connpool_conn_max_reuse | Upstream connpool conn max reuse Maximum number of times a connection can be reused. Special values are 0- 'unlimited'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| upstream_connpool_server_max_cache | Upstream connpool server max cache Maximum number of connections a server can cache. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
ALBContentRewriteProfile (schema)
ContentRewriteProfile
Advanced load balancer ContentRewriteProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| response_rewrite_enabled | Response rewrite enabled Enable rewrite on response body. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| rewritable_content_path | Rewritable content path Rewrite only content types listed in this string group. Content types not present in this list are not rewritten. It is a reference to an object of type StringGroup. |
string | |
| rsp_match_replace_pair | Rsp match replace pair Strings to be matched and replaced with on the response body. This should be configured when response_rewrite_enabled is set to true. |
array of ALBMatchReplacePair |
ALBControllerClusterInfo (schema)
Advanced Load Balancer controller cluster info
Advanced Load Balancer controller cluster information about nodes in the cluster and cluster information.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_name | Advanced Load Balancer controller cluster name Advanced Load Balancer controller cluster name. |
string | Readonly |
| cluster_state | Advanced Load Balancer controller cluster state Advanced Load Balancer controller cluster state. |
string | Readonly |
| cluster_uuid | ID of the cluster used to recognize it ID of the Cluster maintained internally. Note: This is automatically generated and cannot be modified. |
string | Readonly |
| error | Advanced Load Balancer controller cluster error Advanced Load Balancer controller cluster error information, if any. |
AlbControllerClusterRuntimeError | Readonly |
| nodes | Advanced Load Balancer controller node information | array of ALBControllerNodeInfo | |
| reason | Advanced Load Balancer cluster state not STABLE reason. Advanced Load Balancer cluster state not STABLE reason. |
string | Readonly |
| version | Advanced Load Balancer controller cluster version Advanced Load Balancer controller cluster version. |
string | Readonly |
| virtual_ip | Advanced Load Balancer controller cluster VIP Advanced Load Balancer controller cluster virtual_ip. |
IPAddress | Readonly |
ALBControllerClusterNodeVMFormFactor (schema)
Supported VM form factor for Advanced Load Balancer controller
Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBControllerClusterNodeVMFormFactor | Supported VM form factor for Advanced Load Balancer controller Specifies the desired "size" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM. |
string | Enum: SMALL, MEDIUM, LARGE |
ALBControllerClusterTrigger (schema)
Advanced Load Balancer controller node clustering trigger response
Advanced Load Balancer controller node clustering trigger response.
| Name | Description | Type | Notes |
|---|---|---|---|
| status | Advanced Load Balancer controller node clustering trigger status Advanced Load Balancer controller node clustering trigger status. |
string | Readonly |
ALBControllerConfiguration (schema)
ALBControllerConfiguration
Alb Controller config details
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_ip | Cluster IP of Advanced Load Balancer controller cluster The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well. |
IPAddress | Required |
| dns_servers | DNS servers. List of DNS servers. |
array of IPv4Address | |
| infra_admin_password | Advanced Load Balancer controller admin password Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length. |
string | Required |
| infra_admin_username | Username Username for server authentication. |
string | Required |
| ntp_servers | NTP servers. List of NTP servers. |
array of HostnameOrIPv4Address | |
| owned_by | owned_by The policy initiates workflow by LCM/VCF |
string | Required Enum: LCM, VCF |
ALBControllerNodeFormFactor (schema)
Advanced Load Balancer controller node form factor
Advanced Load Balancer node form factor.
| Name | Description | Type | Notes |
|---|---|---|---|
| disk | Disk size of the Advanced Load Balancer controller node in Bytes Disk size of the Advanced Load Balancer controller node in Bytes. |
integer | Readonly |
| memory | Memory size of the Advanced Load Balancer controller node in Bytes Memory size of the Advanced Load Balancer controller node in Bytes. |
integer | Readonly |
| type | Advanced Load Balancer controller node form factor type Advanced Load Balancer controller node form factor type. |
ALBControllerClusterNodeVMFormFactor | Readonly |
| vcpu | Number of virtual cpus on the Advanced Load Balancer controller node Number of virtual cpus on the Advanced Load Balancer controller node. |
integer | Readonly |
ALBControllerNodeFormFactors (schema)
Advanced Load Balancer controller form factors list result
| Name | Description | Type | Notes |
|---|---|---|---|
| form_factors | Advanced Load Balancer controller form factor list | array of ALBControllerNodeFormFactor |
ALBControllerNodeInfo (schema)
Information for Advanced Load Balancer controller nodes
Advanced Load Balancer controller node information like node IP and node name.
| Name | Description | Type | Notes |
|---|---|---|---|
| is_dhcp | Is DHCP based IP assignment Advanced Load Balancer controller node IP configuration is static or DHCP. |
boolean | Readonly |
| node_ip | Advanced Load Balancer controller node IP Advanced Load Balancer controller node IP. |
IPAddress | Readonly |
| node_name | Advanced Load Balancer controller node name Advanced Load Balancer controller node name. |
string | Readonly |
| node_role | Advanced Load Balancer controller node role Advanced Load Balancer controller node role in cluster. |
string | Readonly |
| node_start_time | Advanced Load Balancer controller node start time Advanced Load Balancer controller node start time in its local timezone. |
EpochMsTimestamp | Readonly |
| node_state | Advanced Load Balancer controller node state Advanced Load Balancer controller node current state in the cluster. |
string | Readonly |
| vm_id | ID of VM used to recognize it ID of the VM maintained internally. Note: This is automatically generated and cannot be modified. |
string | Readonly |
ALBControllerNodeParameters (schema)
List parameters for Advanced Load Balancer controller nodes
Parameters for listing the Advanced Load Balancer controller nodes.
| Name | Description | Type | Notes |
|---|---|---|---|
| state | the current state of the Advanced Load Balancer controller VM If state is pending then pending requests for Advanced Load Balancer controller VMs are shown. If state is deployed then deployed requests for Advanced Load Balancer controller VMs are shown. else show all the Advanced Load Balancer controller deployment requests. |
string | Enum: DEPLOYED, PENDING |
ALBControllerNodeUserSettings (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| admin_password | Advanced Load Balancer controller admin password Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length. |
string | Required |
| admin_ssh_key | Admin User SSH key To configure ssh into the Advanced Load Balancer controller, this property is required. |
string |
ALBControllerNodeVMClusterConfig (schema)
Info for Advanced Load Balancer controller node cluster configuration
Contains the cluster configuration for a Advanced Load Balancer controller node VM cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cluster_ip | Cluster IP of Advanced Load Balancer controller cluster The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well. |
IPAddress | Required |
| cluster_name | Cluster name of Advanced Load Balancer controller cluster The cluster name of the Advanced Load Balancer controller node cluster. |
string | |
| cluster_uuid | ID of the Advanced Load Balancer controller cluster used to recognize it ID of the Cluster maintained internally. This is different from cluster_uuid internal to Advanced Load Balancer controller. Note: This is automatically generated and cannot be modified. |
string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ALBControllerNodeVMClusterConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ALBControllerNodeVMDeletionParameters (schema)
Parameters for deleting a deployed Advanced Load Balancer Controller
Parameters for deletion of a Advanced Load Balancer controller node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| force_delete | Delete by force If true, the VM will be undeployed even if it cannot be removed from its cluster. |
boolean | |
| inaccessible | Delete when controller is inaccessible If inaccessible is provided along with force_delete and if this is the last node then deployment request will be deleted from NSX even if Policy objects are present. |
string |
ALBControllerNodeVMDeploymentConfig (schema)
Configuration for deploying Advanced Load Balancer controller node VM
Contains info used to configure the VM on deployment.
This is an abstract type. Concrete child types:
AlbControllerVsphereClusterNodeVmDeploymentConfig
| Name | Description | Type | Notes |
|---|---|---|---|
| placement_type | Type of deployment Specifies the config for the platform through which to deploy the VM. |
string | Required Enum: AlbControllerVsphereClusterNodeVmDeploymentConfig |
ALBControllerNodeVMDeploymentProgressState (schema)
Deployment progress of Advanced Load Balancer controller VM
Deployment progress state of Advanced Load Balancer controller VM. This Object contains name of current deployment step and overall progress percentage.
| Name | Description | Type | Notes |
|---|---|---|---|
| current_step_title | Name of the current step Name of the current running step of deployment |
string | Readonly |
| progress | Progress percentage Overall progress percentage of deployment completed |
integer | Readonly |
ALBControllerNodeVMDeploymentRequest (schema)
Info for Advanced Load Balancer controller node deployment request
Contains the deployment information for a Advanced Load Balancer controller node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| deployment_config | Deployment config for Advanced Load Balancer controller node VM Deployment information and basic configuration for the Advanced Load Balancer controller. |
ALBControllerNodeVMDeploymentConfig (Abstract type: pass one of the following concrete types) AlbControllerVsphereClusterNodeVmDeploymentConfig |
Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| form_factor | Form factor for Advanced Load Balancer controller VMs. Specifies the desired "size" of the VM |
ALBControllerClusterNodeVMFormFactor | Default: "MEDIUM" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ALBControllerNodeVMDeploymentRequest | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| user_settings | User settings for the VM SSH key and password for the Advanced Load Balancer controller node VM. Note: SSH key settings will be honored only during VM deployment. |
ALBControllerNodeUserSettings | Required |
| vm_id | ID of Advanced Load Balancer controller VM used to recognize it ID of the VM maintained internally. Note: This is automatically generated and cannot be modified. |
string | Readonly |
ALBControllerNodeVMDeploymentRequestList (schema)
ALBControllerNodeVMDeploymentRequest list
List of Advanced Load Balancer Controller Deployment Requests.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of existing Advanced Load Balancer Controller Deployment Requests. |
array of ALBControllerNodeVMDeploymentRequest | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBControllerNodeVMDeploymentStatusReport (schema)
Report of a VM's deployment status
Contains up-to-date information relating to an auto-deployed VM, including
its status and (potentially) an error message.
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_progress_state | Deployment progress state of node VM Detailed progress state of node VM deployment realization. |
ALBControllerNodeVMDeploymentProgressState | Readonly |
| failure_code | Error code for failure In case of auto-deployment-related failure, the code for the error will be stored here. |
integer | |
| failure_message | Error message for failure In case of auto-deployment-related failure, an error message will be stored here. |
string | |
| status | Auto-deployed VM's deployment status Status of the addition or deletion of an auto-deployed Advanced Load Balancer controller node VM. |
string | Required Enum: NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, VM_POWER_ON_SUCCESSFUL, VM_REGISTRATION_IN_PROGRESS, VM_REGISTRATION_SUCCESSFUL, VM_REGISTRATION_FAILED, VM_WAITING_TO_COME_ONLINE, VM_ONLINE_FAILED, VM_CONFIGURATION_IN_PROGRESS, VM_CONFIGURATION_SUCCESSFUL, VM_CONFIGURATION_FAILED, VM_CLUSTERING_QUEUED, VM_CLUSTERING_IN_PROGRESS, VM_CLUSTERING_SUCCESSFUL, VM_CLUSTERING_FAILED, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, WAITING_TO_UNDEPLOY_VM, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, UNKNOWN_STATE |
ALBControllerNodeVMUpdateParameters (schema)
Parameters for updating Advanced Load Balancer Controller request
Parameters for updating Advanced Load Balancer Controller node VM password,
DNS and NTP related configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| running_config | Update Advanced Load Balancer Controller runtime config as well If true, then the configuration will be updated in the running Advanced Load Balancer Controllers as well. |
boolean |
ALBControllerVersion (schema)
ALBControllerVersion
ALB Controller Version
| Name | Description | Type | Notes |
|---|---|---|---|
| alb_api_version | Alb API Version It is ALB API version supported by NSX-ALB. |
string | |
| alb_controller_version | Alb Controller Version It is ALB Controller version deployed by NSX-ALB. |
string |
ALBCookieMatch (schema)
CookieMatch
Advanced load balancer CookieMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_case | Match case Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. |
ALBMatchCase | Default: "INSENSITIVE" |
| match_criteria | Match criteria Criterion to use for matching the cookie in the HTTP request. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. |
ALBHdrMatchOperation | Required |
| name | Name Name of the cookie. |
string | Required |
| value | Value String value in the cookie. |
string |
ALBCustomParams (schema)
CustomParams
Advanced load balancer CustomParams object
| Name | Description | Type | Notes |
|---|---|---|---|
| is_dynamic | Is dynamic Placeholder for description of property is_dynamic of obj type CustomParams field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| is_sensitive | Is sensitive Placeholder for description of property is_sensitive of obj type CustomParams field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| name | Name Name of the object. |
string | Required |
| value | Value value of CustomParams. |
string |
ALBDiscoveredNetwork (schema)
DiscoveredNetwork
Advanced load balancer DiscoveredNetwork object
| Name | Description | Type | Notes |
|---|---|---|---|
| network_name | Network name Discovered network for this IP. It is a reference to an object of type Network. |
string | Required |
| subnet | Subnet Discovered subnet for this IP. |
array of ALBIpAddrPrefix | |
| subnet6 | Subnet6 Discovered IPv6 subnet for this IP. |
array of ALBIpAddrPrefix |
ALBDnsAAAARdata (schema)
DnsAAAARdata
Advanced load balancer DnsAAAARdata object
| Name | Description | Type | Notes |
|---|---|---|---|
| ip6_address | Ip6 address IPv6 address for FQDN. |
ALBIpAddr | Required |
ALBDnsARdata (schema)
DnsARdata
Advanced load balancer DnsARdata object
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_address | Ip address IP address for FQDN. |
ALBIpAddr | Required |
ALBDnsAttack (schema)
DnsAttack
Advanced load balancer DnsAttack object
| Name | Description | Type | Notes |
|---|---|---|---|
| attack_vector | Attack vector The DNS attack vector. Enum options - DNS_REFLECTION, DNS_NXDOMAIN, DNS_AMPLIFICATION_EGRESS. |
ALBDnsAttackVector | Required |
| enabled | Enabled Enable or disable the mitigation of the attack vector. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| max_mitigation_age | Max mitigation age Time in minutes after which mitigation will be deactivated. Allowed values are 1-4294967295. Special values are 0- 'blocked for ever'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 60. |
integer | Minimum: 0 Maximum: 4294967295 Default: "60" |
| mitigation_action | Mitigation action Mitigation action to perform for this DNS attack vector. |
ALBAttackMitigationAction | |
| threshold | Threshold Threshold, in terms of DNS packet per second, for the DNS attack vector. |
integer |
ALBDnsAttackVector (schema)
DnsAttackVector type
Valid ENUM values for ALBDnsAttackVector
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsAttackVector | DnsAttackVector type Valid ENUM values for ALBDnsAttackVector |
string | Enum: DNS_REFLECTION, DNS_NXDOMAIN, DNS_AMPLIFICATION_EGRESS |
ALBDnsAttacks (schema)
DnsAttacks
Advanced load balancer DnsAttacks object
| Name | Description | Type | Notes |
|---|---|---|---|
| attacks | Attacks Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. |
array of ALBDnsAttack | |
| oper_mode | Oper mode Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION. |
ALBOperationMode |
ALBDnsClientIpMatch (schema)
DnsClientIpMatch
Advanced load balancer DnsClientIpMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip | Client ip IP addresses to match against client IP. |
ALBIpAddrMatch | Required |
| use_edns_client_subnet_ip | Use edns client subnet ip Use the IP address from the EDNS client subnet option, if available, as the source IP address of the client. It should be noted that the edns subnet IP may not be a /32 IP address. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBDnsCnameRdata (schema)
DnsCnameRdata
Advanced load balancer DnsCnameRdata object
| Name | Description | Type | Notes |
|---|---|---|---|
| cname | Cname Canonical name. |
string | Required |
ALBDnsErrorResponseType (schema)
DnsErrorResponseType type
Valid ENUM values for ALBDnsErrorResponseType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsErrorResponseType | DnsErrorResponseType type Valid ENUM values for ALBDnsErrorResponseType |
string | Enum: DNS_ERROR_RESPONSE_ERROR, DNS_ERROR_RESPONSE_NONE |
ALBDnsGeoLocationMatch (schema)
DnsGeoLocationMatch
Advanced load balancer DnsGeoLocationMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| geolocation_name | Geolocation name Geographical location of the client IP to be used in the match. This location is of the format Country/State/City e.g. US/CA/Santa Clara. |
string | |
| geolocation_tag | Geolocation tag Geolocation tag for the client IP. This could be any string value for the client IP, e.g. client IPs from US East Coast geolocation would be tagged as 'East Coast'. |
string | |
| match_criteria | Match criteria Criterion to use for matching the client IP's geographical location. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| use_edns_client_subnet_ip | Use edns client subnet ip Use the IP address from the EDNS client subnet option, if available, to derive geo location of the DNS query. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBDnsInfo (schema)
DnsInfo
Advanced load balancer DnsInfo object
| Name | Description | Type | Notes |
|---|---|---|---|
| algorithm | Algorithm Specifies the algorithm to pick the IP address(es) to be returned, when multiple entries are configured. This does not apply if num_records_in_response is 0. Default is consistent hash. Enum options - DNS_RECORD_RESPONSE_ROUND_ROBIN, DNS_RECORD_RESPONSE_CONSISTENT_HASH. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_RESPONSE_CONSISTENT_HASH. |
ALBDnsRecordResponseAlgorithm | Default: "DNS_RECORD_RESPONSE_CONSISTENT_HASH" |
| cname | Cname Canonical name in CNAME record. |
ALBDnsCnameRdata | |
| fqdn | Fqdn Fully qualified domain name. |
string | |
| metadata | Metadata Any metadata associated with this record. |
string | |
| num_records_in_response | Num records in response Specifies the number of records returned for this FQDN. Enter 0 to return all records. Default is 0. Allowed values are 0-20. Special values are 0- 'Return all records'. |
integer | Minimum: 0 Maximum: 20 |
| ttl | Ttl Time to live for fqdn record. Default value is chosen from DNS profile for this cloud if no value provided. |
integer | |
| type | Type DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_A. |
ALBDnsRecordType | Default: "DNS_RECORD_A" |
ALBDnsMessageSection (schema)
DnsMessageSection type
Valid ENUM values for ALBDnsMessageSection
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsMessageSection | DnsMessageSection type Valid ENUM values for ALBDnsMessageSection |
string | Enum: DNS_MESSAGE_SECTION_QUESTION, DNS_MESSAGE_SECTION_ANSWER, DNS_MESSAGE_SECTION_AUTHORITY, DNS_MESSAGE_SECTION_ADDITIONAL |
ALBDnsMxRdata (schema)
DnsMxRdata
Advanced load balancer DnsMxRdata object
| Name | Description | Type | Notes |
|---|---|---|---|
| host | Host Fully qualified domain name of a mailserver. The host name maps directly to one or more address records in the DNS table, and must not point to any CNAME records (RFC 2181). |
string | Required |
| priority | Priority The priority field identifies which mail server should be preferred. Allowed values are 0-65535. |
integer | Required Minimum: 0 Maximum: 65535 |
ALBDnsNsRdata (schema)
DnsNsRdata
Advanced load balancer DnsNsRdata object
| Name | Description | Type | Notes |
|---|---|---|---|
| ip6_address | Ip6 address IPv6 address for Name Server. |
ALBIpAddr | |
| ip_address | Ip address IP address for Name Server. |
ALBIpAddr | |
| nsname | Nsname Name Server name. |
string | Required |
ALBDnsPolicies (schema)
DnsPolicies
Advanced load balancer DnsPolicies object
| Name | Description | Type | Notes |
|---|---|---|---|
| dns_policy_path | Dns policy path path of the dns policy. It is a reference to an object of type DnsPolicy. |
string | Required |
| index | Index Index of the dns policy. |
integer | Required |
ALBDnsPolicy (schema)
DnsPolicy
Advanced load balancer DnsPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| created_by | Created by Creator name. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBDnsPolicy | string | |
| rule | Rule DNS rules. |
array of ALBDnsRule | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBDnsPolicyApiResponse (schema)
DnsPolicyApiResponse
DnsPolicyApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of DnsPolicy Array of DnsPolicy |
array of ALBDnsPolicy | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBDnsQueryNameMatch (schema)
DnsQueryNameMatch
Advanced load balancer DnsQueryNameMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for string matching the DNS query domain name in the question section. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition. |
ALBStringOperation | Required |
| query_domain_names | Query domain names Domain name to match against that specified in the question section of the DNS query. |
array of string | |
| string_group_paths | String group paths path of the string group(s) for matching against DNS query domain name in the question section. It is a reference to an object of type StringGroup. |
array of string |
ALBDnsQueryTypeMatch (schema)
DnsQueryTypeMatch
Advanced load balancer DnsQueryTypeMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for matching the DNS query typein the question section. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| query_type | Query type DNS query types in the request query. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. |
array of ALBDnsRecordType |
ALBDnsRateLimiter (schema)
DnsRateLimiter
Advanced load balancer DnsRateLimiter object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Action to perform upon rate limiting. |
ALBDnsRuleRLAction | Required |
| rate_limiter_object | Rate limiter object Rate limiting object. |
ALBRateLimiter | Required |
ALBDnsRcode (schema)
DnsRcode type
Valid ENUM values for ALBDnsRcode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsRcode | DnsRcode type Valid ENUM values for ALBDnsRcode |
string | Enum: DNS_RCODE_NOERROR, DNS_RCODE_FORMERR, DNS_RCODE_SERVFAIL, DNS_RCODE_NXDOMAIN, DNS_RCODE_NOTIMP, DNS_RCODE_REFUSED, DNS_RCODE_YXDOMAIN, DNS_RCODE_YXRRSET, DNS_RCODE_NXRRSET, DNS_RCODE_NOTAUTH, DNS_RCODE_NOTZONE |
ALBDnsRecord (schema)
DnsRecord
Advanced load balancer DnsRecord object
| Name | Description | Type | Notes |
|---|---|---|---|
| algorithm | Algorithm Specifies the algorithm to pick the IP address(es) to be returned, when multiple entries are configured. This does not apply if num_records_in_response is 0. Default is round-robin. Enum options - DNS_RECORD_RESPONSE_ROUND_ROBIN, DNS_RECORD_RESPONSE_CONSISTENT_HASH. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_RESPONSE_ROUND_ROBIN. |
ALBDnsRecordResponseAlgorithm | Default: "DNS_RECORD_RESPONSE_ROUND_ROBIN" |
| cname | Cname Canonical name in CNAME record. |
ALBDnsCnameRdata | |
| delegated | Delegated Configured FQDNs are delegated domains (i.e. they represent a zone cut). Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| description | Description Details of DNS record. |
string | |
| fqdn | Fqdn Fully Qualified Domain Name. Minimum of 1 items required. |
array of string | Required |
| ip6_address | Ip6 address IPv6 address in AAAA record. Maximum of 4 items allowed. |
array of ALBDnsAAAARdata | |
| ip_address | Ip address IP address in A record. Maximum of 4 items allowed. |
array of ALBDnsARdata | |
| metadata | Metadata Internal metadata for the DNS record. |
string | |
| mx_records | Mx records MX record. Maximum of 4 items allowed. |
array of ALBDnsMxRdata | |
| ns | Ns Name Server information in NS record. Maximum of 13 items allowed. |
array of ALBDnsNsRdata | |
| num_records_in_response | Num records in response Specifies the number of records returned by the DNS service. Enter 0 to return all records. Default is 0. Allowed values are 0-20. Special values are 0- 'Return all records'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 20 Default: "0" |
| service_locator | Service locator Service locator info in SRV record. Maximum of 4 items allowed. |
array of ALBDnsSrvRdata | |
| ttl | Ttl Time To Live for this DNS record. |
integer | |
| txt_records | Txt records Text record. Maximum of 4 items allowed. |
array of ALBDnsTxtRdata | |
| type | Type DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. |
ALBDnsRecordType | Required |
| wildcard_match | Wildcard match Enable wild-card match of fqdn if an exact match is not found in the DNS table, the longest match is chosen by wild-carding the fqdn in the DNS request. Default is false. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
ALBDnsRecordResponseAlgorithm (schema)
DnsRecordResponseAlgorithm type
Valid ENUM values for ALBDnsRecordResponseAlgorithm
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsRecordResponseAlgorithm | DnsRecordResponseAlgorithm type Valid ENUM values for ALBDnsRecordResponseAlgorithm |
string | Enum: DNS_RECORD_RESPONSE_ROUND_ROBIN, DNS_RECORD_RESPONSE_CONSISTENT_HASH |
ALBDnsRecordType (schema)
DnsRecordType type
Valid ENUM values for ALBDnsRecordType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsRecordType | DnsRecordType type Valid ENUM values for ALBDnsRecordType |
string | Enum: DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY |
ALBDnsRrSet (schema)
DnsRrSet
Advanced load balancer DnsRrSet object
| Name | Description | Type | Notes |
|---|---|---|---|
| cname | Cname Canonical name in CNAME record. |
ALBDnsCnameRdata | |
| fqdn | Fqdn Fully Qualified Domain Name. |
string | Required |
| ip6_addresses | Ip6 addresses IPv6 address in AAAA record. |
array of ALBDnsAAAARdata | |
| ip_addresses | Ip addresses IP address in A record. |
array of ALBDnsARdata | |
| nses | Nses Name Server information in NS record. |
array of ALBDnsNsRdata | |
| ttl | Ttl Time To Live for this DNS record. Allowed values are 0-2147483647. |
integer | Required Minimum: 0 Maximum: 2147483647 |
| type | Type DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. |
ALBDnsRecordType | Required |
ALBDnsRule (schema)
DnsRule
Advanced load balancer DnsRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Action to be performed upon successful matching. |
ALBDnsRuleAction | |
| enable | Enable Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| index | Index Index of the rule. |
integer | Required |
| log | Log Log DNS query upon rule match. |
boolean | |
| match | Match Add match criteria to the rule. |
ALBDnsRuleMatchTarget | |
| name | Name Name of the rule. |
string | Required |
ALBDnsRuleAction (schema)
DnsRuleAction
Advanced load balancer DnsRuleAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| allow | Allow Allow or drop the DNS query. |
ALBDnsRuleActionAllowDrop | |
| dns_rate_limiter | Dns rate limiter Rate limits the DNS requests. |
ALBDnsRateLimiter | |
| gslb_site_selection | Gslb site selection Select a specific GSLB site for the DNS query. This action should be used only when GSLB services have been configured for the DNS virtual service. |
ALBDnsRuleActionGslbSiteSelection | |
| pool_switching | Pool switching Select a pool or pool group for the passthrough DNS query which cannot be served locally but could be served by upstream servers. |
ALBDnsRuleActionPoolSwitching | |
| response | Response Generate a response for the DNS query. |
ALBDnsRuleActionResponse |
ALBDnsRuleActionAllowDrop (schema)
DnsRuleActionAllowDrop
Advanced load balancer DnsRuleActionAllowDrop object
| Name | Description | Type | Notes |
|---|---|---|---|
| allow | Allow Allow the DNS query. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| reset_conn | Reset conn Reset the TCP connection of the DNS query, if allow is set to false to drop the query. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBDnsRuleActionGslbSiteSelection (schema)
DnsRuleActionGslbSiteSelection
Advanced load balancer DnsRuleActionGslbSiteSelection object
| Name | Description | Type | Notes |
|---|---|---|---|
| fallback_site_names | Fallback site names GSLB fallback sites to use in case the desired site is down. Maximum of 64 items allowed. |
array of string | |
| is_site_preferred | Is site preferred When set to true, GSLB site is a preferred site. This setting comes into play when the site is down, as well as no configured fallback site is available (all fallback sites are also down), then any one available site is selected based on the default algorithm for GSLB pool member selection. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| site_name | Site name GSLB site name. |
string | Required |
ALBDnsRuleActionPoolSwitching (schema)
DnsRuleActionPoolSwitching
Advanced load balancer DnsRuleActionPoolSwitching object
| Name | Description | Type | Notes |
|---|---|---|---|
| pool_group_path | Pool group path Reference of the pool group to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type PoolGroup. |
string | |
| pool_path | Pool path Reference of the pool to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type Pool. |
string |
ALBDnsRuleActionResponse (schema)
DnsRuleActionResponse
Advanced load balancer DnsRuleActionResponse object
| Name | Description | Type | Notes |
|---|---|---|---|
| authoritative | Authoritative DNS response is authoritative. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| rcode | Rcode DNS response code. Enum options - DNS_RCODE_NOERROR, DNS_RCODE_FORMERR, DNS_RCODE_SERVFAIL, DNS_RCODE_NXDOMAIN, DNS_RCODE_NOTIMP, DNS_RCODE_REFUSED, DNS_RCODE_YXDOMAIN, DNS_RCODE_YXRRSET, DNS_RCODE_NXRRSET, DNS_RCODE_NOTAUTH, DNS_RCODE_NOTZONE. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RCODE_NOERROR. |
ALBDnsRcode | Default: "DNS_RCODE_NOERROR" |
| resource_record_sets | Resource record sets DNS resource record sets - (resource record set share the DNS domain name, type, and class). |
array of ALBDnsRuleDnsRrSet | |
| truncation | Truncation DNS response is truncated. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
ALBDnsRuleDnsRrSet (schema)
DnsRuleDnsRrSet
Advanced load balancer DnsRuleDnsRrSet object
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_record_set | Resource record set DNS resource record set - (records in the resource record set share the DNS domain name, type, and class). |
ALBDnsRrSet | Required |
| section | Section DNS message section for the resource record set. Enum options - DNS_MESSAGE_SECTION_QUESTION, DNS_MESSAGE_SECTION_ANSWER, DNS_MESSAGE_SECTION_AUTHORITY, DNS_MESSAGE_SECTION_ADDITIONAL. Default value when not specified in API or module is interpreted by ALB Controller as DNS_MESSAGE_SECTION_ANSWER. |
ALBDnsMessageSection | Default: "DNS_MESSAGE_SECTION_ANSWER" |
ALBDnsRuleMatchTarget (schema)
DnsRuleMatchTarget
Advanced load balancer DnsRuleMatchTarget object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip_address | Client ip address IP addresses to match against client IP or the EDNS client subnet IP. |
ALBDnsClientIpMatch | |
| geo_location | Geo location Geographical location attribute to match against that of the client IP. |
ALBDnsGeoLocationMatch | |
| protocol | Protocol DNS transport protocol match. |
ALBDnsTransportProtocolMatch | |
| query_name | Query name Domain names to match against query name. |
ALBDnsQueryNameMatch | |
| query_type | Query type DNS query types to match against request query type. |
ALBDnsQueryTypeMatch |
ALBDnsRuleRLAction (schema)
DnsRuleRLAction
Advanced load balancer DnsRuleRLAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| type | Type Type of action to be enforced upon hitting the rate limit. Enum options - DNS_RL_ACTION_NONE, DNS_RL_ACTION_DROP_REQ. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RL_ACTION_NONE. |
ALBDnsRuleRLActionType | Default: "DNS_RL_ACTION_NONE" |
ALBDnsRuleRLActionType (schema)
DnsRuleRLActionType type
Valid ENUM values for ALBDnsRuleRLActionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsRuleRLActionType | DnsRuleRLActionType type Valid ENUM values for ALBDnsRuleRLActionType |
string | Enum: DNS_RL_ACTION_NONE, DNS_RL_ACTION_DROP_REQ |
ALBDnsServiceApplicationProfile (schema)
DnsServiceApplicationProfile
Advanced load balancer DnsServiceApplicationProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| aaaa_empty_response | Aaaa empty response Respond to AAAA queries with empty response when there are only IPV4 records. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| admin_email | Admin email Email address of the administrator responsible for this zone. This field is used in SOA records (rname) pertaining to all domain names specified as authoritative domain names. If not configured, the default value 'hostmaster' is used in SOA responses. Default value when not specified in API or module is interpreted by ALB Controller as hostmaster. |
string | Default: "hostmaster" |
| dns_over_tcp_enabled | Dns over tcp enabled Enable DNS query/response over TCP. This enables analytics for pass-through queries as well. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| dns_zones | Dns zones DNS zones hosted on this Virtual Service. Maximum of 100 items allowed. |
array of ALBDnsZone | |
| domain_names | Domain names Subdomain names serviced by this Virtual Service. These are configured as Ends-With semantics. Maximum of 100 items allowed. |
array of string | |
| ecs_stripping_enabled | Ecs stripping enabled Enable stripping of EDNS client subnet (ecs) option towards client if DNS service inserts ecs option in the DNS query towards upstream servers. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| edns | Edns Enable DNS service to be aware of EDNS (Extension mechanism for DNS). EDNS extensions are parsed and shown in logs. For GSLB services, the EDNS client subnet option can be used to influence Load Balancing. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| edns_client_subnet_prefix_len | Edns client subnet prefix len Specifies the IP address prefix length to use in the EDNS client subnet (ECS) option. When the incoming request does not have any ECS option and the prefix length is specified, an ECS option is inserted in the request passed to upstream server. If the incoming request already has an ECS option, the prefix length (and correspondingly the address) in the ECS option is updated, with the minimum of the prefix length present in the incoming and the configured prefix length, before passing the request to upstream server. Allowed values are 1-32. |
integer | Minimum: 1 Maximum: 32 |
| error_response | Error response Drop or respond to client when the DNS service encounters an error processing a client query. By default, such a request is dropped without any response, or passed through to a passthrough pool, if configured. When set to respond, an appropriate response is sent to client, e.g. NXDOMAIN response for non-existent records, empty NOERROR response for unsupported queries, etc. Enum options - DNS_ERROR_RESPONSE_ERROR, DNS_ERROR_RESPONSE_NONE. Default value when not specified in API or module is interpreted by ALB Controller as DNS_ERROR_RESPONSE_NONE. |
ALBDnsErrorResponseType | Default: "DNS_ERROR_RESPONSE_NONE" |
| name_server | Name server The or primary source of data for this zone. This field is used in SOA records (mname) pertaining to all domain names specified as authoritative domain names. If not configured, domain name is used as name server in SOA response. |
string | |
| negative_caching_ttl | Negative caching ttl Specifies the TTL value (in seconds) for SOA (Start of Authority) (corresponding to a authoritative domain owned by this DNS Virtual Service) record's minimum TTL served by the DNS Virtual Service. Allowed values are 0-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 30. |
integer | Minimum: 0 Maximum: 86400 Default: "30" |
| num_dns_ip | Num dns ip Specifies the number of IP addresses returned by the DNS Service. Enter 0 to return all IP addresses. Allowed values are 1-20. Special values are 0- 'Return all IP addresses'. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Minimum: 0 Maximum: 20 Default: "1" |
| ttl | Ttl Specifies the TTL value (in seconds) for records served by DNS Service. Allowed values are 0-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 30. |
integer | Minimum: 0 Maximum: 86400 Default: "30" |
ALBDnsSrvRdata (schema)
DnsSrvRdata
Advanced load balancer DnsSrvRdata object
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Port Service port. Allowed values are 0-65535. |
integer | Required Minimum: 0 Maximum: 65535 |
| priority | Priority Priority of the target hosting the service, low value implies higher priority for this service record. Allowed values are 0-65535. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 65535 Default: "0" |
| target | Target Canonical hostname, of the machine hosting the service, with no trailing period. 'default.host' is valid but not 'default.host.'. Default value when not specified in API or module is interpreted by ALB Controller as default.host. |
string | Default: "default.host" |
| weight | Weight Relative weight for service records with same priority, high value implies higher preference for this service record. Allowed values are 0-65535. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 65535 Default: "0" |
ALBDnsTransportProtocol (schema)
DnsTransportProtocol type
Valid ENUM values for ALBDnsTransportProtocol
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsTransportProtocol | DnsTransportProtocol type Valid ENUM values for ALBDnsTransportProtocol |
string | Enum: DNS_OVER_UDP, DNS_OVER_TCP |
ALBDnsTransportProtocolMatch (schema)
DnsTransportProtocolMatch
Advanced load balancer DnsTransportProtocolMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for matching the DNS transport protocol. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| protocol | Protocol Protocol to match against transport protocol used by DNS query. Enum options - DNS_OVER_UDP, DNS_OVER_TCP. |
ALBDnsTransportProtocol | Required |
ALBDnsTxtRdata (schema)
DnsTxtRdata
Advanced load balancer DnsTxtRdata object
| Name | Description | Type | Notes |
|---|---|---|---|
| text_str | Text str Text data associated with the FQDN. |
string | Required |
ALBDnsZone (schema)
DnsZone
Advanced load balancer DnsZone object
| Name | Description | Type | Notes |
|---|---|---|---|
| admin_email | Admin email Email address of the administrator responsible for this zone. This field is used in SOA records as rname (RFC 1035). If not configured, it is inherited from the DNS service profile. |
string | |
| domain_name | Domain name Domain name authoritatively serviced by this Virtual Service. Queries for FQDNs that are sub domains of this domain and do not have any DNS record in Avi are dropped or NXDomain response sent. For domains which are present, SOA parameters are sent in answer section of response if query type is SOA. |
string | Required |
| name_server | Name server The primary name server for this zone. This field is used in SOA records as mname (RFC 1035). If not configured, it is inherited from the DNS service profile. If even that is not configured, the domain name is used instead. |
string |
ALBDosRateLimitProfile (schema)
DosRateLimitProfile
Advanced load balancer DosRateLimitProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| dos_profile | Dos profile Profile for DoS attack detection. |
ALBDosThresholdProfile | |
| rl_profile | Rl profile Profile for Connections/Requests rate limiting. |
ALBRateLimiterProfile |
ALBDosThreshold (schema)
DosThreshold
Advanced load balancer DosThreshold object
| Name | Description | Type | Notes |
|---|---|---|---|
| attack | Attack Attack type. Enum options - LAND, SMURF, ICMP_PING_FLOOD, UNKOWN_PROTOCOL, TEARDROP, IP_FRAG_OVERRUN, IP_FRAG_TOOSMALL, IP_FRAG_FULL, IP_FRAG_INCOMPLETE, PORT_SCAN, TCP_NON_SYN_FLOOD_OLD, SYN_FLOOD, BAD_RST_FLOOD, MALFORMED_FLOOD, FAKE_SESSION, ZERO_WINDOW_STRESS, SMALL_WINDOW_STRESS, DOS_HTTP_TIMEOUT, DOS_HTTP_ERROR, DOS_HTTP_ABORT... |
ALBAttackType | Required |
| max_value | Max value Maximum number of packets or connections or requests in a given interval of time to be deemed as attack. |
integer | Required |
| min_value | Min value Minimum number of packets or connections or requests in a given interval of time to be deemed as attack. |
integer | Required |
ALBDosThresholdProfile (schema)
DosThresholdProfile
Advanced load balancer DosThresholdProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| thresh_info | Thresh info Attack type, min and max values for DoS attack detection. |
array of ALBDosThreshold | |
| thresh_period | Thresh period Timer value in seconds to collect DoS attack metrics based on threshold on the Service Engine for this Virtual Service. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 5. |
integer | Required Default: "5" |
ALBDsrProfile (schema)
DsrProfile
Advanced load balancer DsrProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| dsr_encap_type | Dsr encap type Encapsulation type to use when DSR is L3. Enum options - ENCAP_IPINIP. Default value when not specified in API or module is interpreted by ALB Controller as ENCAP_IPINIP. |
ALBEncapType | Default: "ENCAP_IPINIP" |
| dsr_type | Dsr type DSR type L2/L3. Enum options - DSR_TYPE_L2, DSR_TYPE_L3. Default value when not specified in API or module is interpreted by ALB Controller as DSR_TYPE_L3. |
ALBDsrType | Default: "DSR_TYPE_L3" |
ALBDsrType (schema)
DsrType type
Valid ENUM values for ALBDsrType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDsrType | DsrType type Valid ENUM values for ALBDsrType |
string | Enum: DSR_TYPE_L2, DSR_TYPE_L3 |
ALBEncapType (schema)
EncapType type
Valid ENUM values for ALBEncapType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBEncapType | EncapType type Valid ENUM values for ALBEncapType |
string | Enum: ENCAP_IPINIP |
ALBEquivalentLabels (schema)
EquivalentLabels
Advanced load balancer EquivalentLabels object
| Name | Description | Type | Notes |
|---|---|---|---|
| labels | Labels Equivalent labels. |
array of string |
ALBErrorPage (schema)
ErrorPage
Advanced load balancer ErrorPage object
| Name | Description | Type | Notes |
|---|---|---|---|
| enable | Enable Enable or disable the error page. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| error_page_body_path | Error page body path Custom error page body used to sent to the client. It is a reference to an object of type ErrorPageBody. |
string | |
| error_redirect | Error redirect Redirect sent to client when match. |
string | |
| index | Index Index of the error page. |
integer | |
| match | Match Add match criteria for http status codes to the error page. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBHTTPStatusMatch |
ALBErrorPageBody (schema)
ErrorPageBody
Advanced load balancer ErrorPageBody object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| error_page_body | Error page body Error page body sent to client when match. |
string | |
| format | Format Format of an error page body HTML or JSON. Enum options - ERROR_PAGE_FORMAT_HTML, ERROR_PAGE_FORMAT_JSON. Default value when not specified in API or module is interpreted by ALB Controller as ERROR_PAGE_FORMAT_HTML. |
ALBErrorPageFormat | Default: "ERROR_PAGE_FORMAT_HTML" |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBErrorPageBody | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBErrorPageBodyApiResponse (schema)
ErrorPageBodyApiResponse
ErrorPageBodyApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of ErrorPageBody Array of ErrorPageBody |
array of ALBErrorPageBody | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBErrorPageFormat (schema)
ErrorPageFormat type
Valid ENUM values for ALBErrorPageFormat
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBErrorPageFormat | ErrorPageFormat type Valid ENUM values for ALBErrorPageFormat |
string | Enum: ERROR_PAGE_FORMAT_HTML, ERROR_PAGE_FORMAT_JSON |
ALBErrorPageProfile (schema)
ErrorPageProfile
Advanced load balancer ErrorPageProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| error_pages | Error pages Defined Error Pages for HTTP status codes. |
array of ALBErrorPage | |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBErrorPageProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBErrorPageProfileApiResponse (schema)
ErrorPageProfileApiResponse
ErrorPageProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of ErrorPageProfile Array of ErrorPageProfile |
array of ALBErrorPageProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBFailAction (schema)
FailAction
Advanced load balancer FailAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| local_rsp | Local rsp Local response to HTTP requests when pool experiences a failure. |
ALBFailActionHTTPLocalResponse | |
| redirect | Redirect URL to redirect HTTP requests to when pool experiences a failure. |
ALBFailActionHTTPRedirect | |
| type | Type Enables a response to client when pool experiences a failure. By default TCP connection is closed. Enum options - FAIL_ACTION_HTTP_REDIRECT, FAIL_ACTION_HTTP_LOCAL_RSP, FAIL_ACTION_CLOSE_CONN. Allowed in Basic(Allowed values- FAIL_ACTION_CLOSE_CONN,FAIL_ACTION_HTTP_REDIRECT) edition, Essentials(Allowed values- FAIL_ACTION_CLOSE_CONN) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as FAIL_ACTION_CLOSE_CONN. |
ALBFailActionEnum | Required Default: "FAIL_ACTION_CLOSE_CONN" |
ALBFailActionEnum (schema)
FailActionEnum type
Valid ENUM values for ALBFailActionEnum
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBFailActionEnum | FailActionEnum type Valid ENUM values for ALBFailActionEnum |
string | Enum: FAIL_ACTION_HTTP_REDIRECT, FAIL_ACTION_HTTP_LOCAL_RSP, FAIL_ACTION_CLOSE_CONN |
ALBFailActionHTTPLocalResponse (schema)
FailActionHTTPLocalResponse
Advanced load balancer FailActionHTTPLocalResponse object
| Name | Description | Type | Notes |
|---|---|---|---|
| file | File Placeholder for description of property file of obj type FailActionHTTPLocalResponse field type str type ref. |
ALBHTTPLocalFile | |
| status_code | Status code Enum options - FAIL_HTTP_STATUS_CODE_200, FAIL_HTTP_STATUS_CODE_503. Default value when not specified in API or module is interpreted by ALB Controller as FAIL_HTTP_STATUS_CODE_503. |
ALBFailHttpStatusCode | Default: "FAIL_HTTP_STATUS_CODE_503" |
ALBFailActionHTTPRedirect (schema)
FailActionHTTPRedirect
Advanced load balancer FailActionHTTPRedirect object
| Name | Description | Type | Notes |
|---|---|---|---|
| host | Host host of FailActionHTTPRedirect. |
string | Required |
| path | Path path of FailActionHTTPRedirect. |
string | |
| protocol | Protocol Enum options - HTTP, HTTPS. Allowed in Basic(Allowed values- HTTP) edition, Enterprise edition. Special default for Basic edition is HTTP, Enterprise is HTTPS. Default value when not specified in API or module is interpreted by ALB Controller as HTTP. |
ALBHTTPProtocol | Default: "HTTP" |
| query | Query query of FailActionHTTPRedirect. |
string | |
| status_code | Status code Enum options - HTTP_REDIRECT_STATUS_CODE_301, HTTP_REDIRECT_STATUS_CODE_302, HTTP_REDIRECT_STATUS_CODE_307. Allowed in Basic(Allowed values- HTTP_REDIRECT_STATUS_CODE_302) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_REDIRECT_STATUS_CODE_302. |
ALBHTTPRedirectStatusCode | Default: "HTTP_REDIRECT_STATUS_CODE_302" |
ALBFailHttpStatusCode (schema)
FailHttpStatusCode type
Valid ENUM values for ALBFailHttpStatusCode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBFailHttpStatusCode | FailHttpStatusCode type Valid ENUM values for ALBFailHttpStatusCode |
string | Enum: FAIL_HTTP_STATUS_CODE_200, FAIL_HTTP_STATUS_CODE_503 |
ALBFlowLabelType (schema)
FlowLabelType type
Valid ENUM values for ALBFlowLabelType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBFlowLabelType | FlowLabelType type Valid ENUM values for ALBFlowLabelType |
string | Enum: NO_LABEL, APPLICATION_LABEL, SERVICE_LABEL |
ALBFullClientLogs (schema)
FullClientLogs
Advanced load balancer FullClientLogs object
| Name | Description | Type | Notes |
|---|---|---|---|
| duration | Duration How long should the system capture all logs, measured in minutes. Set to 0 for infinite. Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30. |
integer | Default: "30" |
| enabled | Enabled Capture all client logs including connections and requests. When deactivated, only errors will be logged. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is False. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Required Default: "False" |
| throttle | Throttle This setting limits the number of non-significant logs generated per second for this VS on each SE. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Default: "10" |
ALBGeoLocation (schema)
GeoLocation
Advanced load balancer GeoLocation object
| Name | Description | Type | Notes |
|---|---|---|---|
| latitude | Latitude Latitude of the location. This is represented as degrees.minutes. The range is from -90.0 (south) to +90.0 (north). Allowed values are -90.0-+90.0. |
number | |
| longitude | Longitude Longitude of the location. This is represented as degrees.minutes. The range is from -180.0 (west) to +180.0 (east). Allowed values are -180.0-+180.0. |
number | |
| name | Name Location name in the format Country/State/City. |
string | |
| tag | Tag Location tag string - example USEast. |
string |
ALBHSMAwsCloudHsm (schema)
HSMAwsCloudHsm
Advanced load balancer HSMAwsCloudHsm object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_config | Client config client_config of HSMAwsCloudHsm. |
string | |
| cluster_cert | Cluster cert AWS CloudHSM Cluster Certificate. |
string | |
| crypto_user_name | Crypto user name Username of the Crypto User. This will be used to access the keys on the HSM . |
string | |
| crypto_user_password | Crypto user password Password of the Crypto User. This will be used to access the keys on the HSM . |
string | |
| hsm_ip | Hsm ip IP address of the HSM in the cluster. If there are more than one HSMs, only one is sufficient. |
array of string | |
| mgmt_config | Mgmt config mgmt_config of HSMAwsCloudHsm. |
string |
ALBHSMSafenetClientInfo (schema)
HSMSafenetClientInfo
Advanced load balancer HSMSafenetClientInfo object
| Name | Description | Type | Notes |
|---|---|---|---|
| chrystoki_conf | Chrystoki conf Generated File - Chrystoki.conf . |
string | |
| client_cert | Client cert Client Certificate generated by createCert. |
string | |
| client_ip | Client ip Name prepended to client key and certificate filename. |
string | Required |
| client_priv_key | Client priv key Client Private Key generated by createCert. |
string | |
| session_major_number | Session major number Major number of the sesseion. |
integer | |
| session_minor_number | Session minor number Minor number of the sesseion. |
integer |
ALBHSMSafenetLuna (schema)
HSMSafenetLuna
Advanced load balancer HSMSafenetLuna object
| Name | Description | Type | Notes |
|---|---|---|---|
| ha_group_num | Ha group num Group Number of generated HA Group. |
integer | |
| is_ha | Is ha Set to indicate HA across more than one servers. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Required Default: "False" |
| node_info | Node info Node specific information. |
array of ALBHSMSafenetClientInfo | |
| server | Server SafeNet/Gemalto HSM Servers used for crypto operations. |
array of ALBHSMSafenetLunaServer | |
| server_pem | Server pem Generated File - server.pem. |
string | |
| use_dedicated_network | Use dedicated network If enabled, dedicated network is used to communicate with HSM,else, the management network is used. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
ALBHSMSafenetLunaServer (schema)
HSMSafenetLunaServer
Advanced load balancer HSMSafenetLunaServer object
| Name | Description | Type | Notes |
|---|---|---|---|
| index | Index Number of index. |
integer | Required |
| partition_passwd | Partition passwd Password of the partition assigned to this client. |
string | |
| partition_serial_number | Partition serial number Serial number of the partition assigned to this client. |
string | |
| remote_ip | Remote ip IP address of the Safenet/Gemalto HSM device. |
string | Required |
| server_cert | Server cert CA certificate of the server. |
string | Required |
ALBHSMThalesNetHsm (schema)
HSMThalesNetHsm
Advanced load balancer HSMThalesNetHsm object
| Name | Description | Type | Notes |
|---|---|---|---|
| esn | Esn Electronic serial number of the netHSM device. Use Thales anonkneti utility to find the netHSM ESN. |
string | Required |
| keyhash | Keyhash Hash of the key that netHSM device uses to authenticate itself. Use Thales anonkneti utility to find the netHSM keyhash. |
string | Required |
| module_id | Module id Local module id of the netHSM device. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| priority | Priority Priority class of the nethsm in an high availability setup. 1 is the highest priority and 100 is the lowest priority. Allowed values are 1-100. Default value when not specified in API or module is interpreted by ALB Controller as 100. |
integer | Required Minimum: 1 Maximum: 100 Default: "100" |
| remote_ip | Remote ip IP address of the netHSM device. |
ALBIpAddr | Required |
| remote_port | Remote port Port at which the netHSM device accepts the connection. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 9004. |
integer | Minimum: 1 Maximum: 65535 Default: "9004" |
ALBHSMThalesRFS (schema)
HSMThalesRFS
Advanced load balancer HSMThalesRFS object
| Name | Description | Type | Notes |
|---|---|---|---|
| ip | Ip IP address of the RFS server from where to sync the Thales encrypted private key. |
ALBIpAddr | Required |
| port | Port Port at which the RFS server accepts the sync request from clients for Thales encrypted private key. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 9004. |
integer | Minimum: 1 Maximum: 65535 Default: "9004" |
ALBHSMType (schema)
HSMType type
Valid ENUM values for ALBHSMType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHSMType | HSMType type Valid ENUM values for ALBHSMType |
string | Enum: HSM_TYPE_THALES_NETHSM, HSM_TYPE_SAFENET_LUNA, HSM_TYPE_AWS_CLOUDHSM |
ALBHTTP2ApplicationProfile (schema)
HTTP2ApplicationProfile
Advanced load balancer HTTP2ApplicationProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| http2_initial_window_size | Http2 initial window size The initial flow control window size in KB for HTTP/2 streams. Allowed values are 64-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 64. |
integer | Minimum: 64 Maximum: 32768 Default: "64" |
| max_http2_concurrent_streams_per_connection | Max http2 concurrent streams per connection The max number of concurrent streams over a client side HTTP/2 connection. Allowed values are 1-256. Default value when not specified in API or module is interpreted by ALB Controller as 128. |
integer | Minimum: 1 Maximum: 256 Default: "128" |
| max_http2_control_frames_per_connection | Max http2 control frames per connection The max number of control frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited control frames on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000. |
integer | Minimum: 0 Maximum: 10000 Default: "1000" |
| max_http2_empty_data_frames_per_connection | Max http2 empty data frames per connection The max number of empty data frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited empty data frames over a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000. |
integer | Minimum: 0 Maximum: 10000 Default: "1000" |
| max_http2_header_field_size | Max http2 header field size The maximum size in bytes of the compressed request header field. The limit applies equally to both name and value. Allowed values are 1-8192. Unit is BYTES. Default value when not specified in API or module is interpreted by ALB Controller as 4096. |
integer | Minimum: 1 Maximum: 8192 Default: "4096" |
| max_http2_queued_frames_to_client_per_connection | Max http2 queued frames to client per connection The max number of frames that can be queued waiting to be sent over a client side HTTP/2 connection at any given time. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited frames can be queued on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000. |
integer | Minimum: 0 Maximum: 10000 Default: "1000" |
| max_http2_requests_per_connection | Max http2 requests per connection The maximum number of requests over a client side HTTP/2 connection. Allowed values are 0-10000. Special values are 0- 'Unlimited requests on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000. |
integer | Minimum: 0 Maximum: 10000 Default: "1000" |
ALBHTTPApplicationProfile (schema)
HTTPApplicationProfile
Advanced load balancer HTTPApplicationProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| allow_dots_in_header_name | Allow dots in header name Allow use of dot (.) in HTTP header names, for instance Header.app.special PickAppVersionX. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| cache_config | Cache config HTTP Caching config to use with this HTTP Profile. |
ALBHttpCacheConfig | |
| client_body_timeout | Client body timeout The maximum length of time allowed between consecutive read operations for a client request body. The value '0' specifies no timeout. This setting generally impacts the length of time allowed for a client to send a POST. Allowed values are 0-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 30000) edition, Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000. |
integer | Minimum: 0 Maximum: 100000000 Default: "30000" |
| client_header_timeout | Client header timeout The maximum length of time allowed for a client to transmit an entire request header. This helps mitigate various forms of SlowLoris attacks. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 10000) edition, Essentials(Allowed values- 10000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10000. |
integer | Minimum: 10 Maximum: 100000000 Default: "10000" |
| client_max_body_size | Client max body size Maximum size for the client request body. This limits the size of the client data that can be uploaded/posted as part of a single HTTP Request. Default 0 => Unlimited. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| client_max_header_size | Client max header size Maximum size in Kbytes of a single HTTP header in the client request. Allowed values are 1-64. Unit is KB. Allowed in Basic(Allowed values- 12) edition, Essentials(Allowed values- 12) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 12. |
integer | Minimum: 1 Maximum: 64 Default: "12" |
| client_max_request_size | Client max request size Maximum size in Kbytes of all the client HTTP request headers. Allowed values are 1-256. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 48. |
integer | Minimum: 1 Maximum: 256 Default: "48" |
| compression_profile | Compression profile HTTP Compression settings to use with this HTTP Profile. |
ALBCompressionProfile | |
| connection_multiplexing_enabled | Connection multiplexing enabled Allows HTTP requests, not just TCP connections, to be load balanced across servers. Proxied TCP connections to servers may be reused by multiple clients to improve performance. Not compatible with Preserve Client IP. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| disable_keepalive_posts_msie6 | Disable keepalive posts msie6 Disable keep-alive client side connections for older browsers based off MS Internet Explorer 6.0 (MSIE6). For some applications, this might break NTLM authentication for older clients based off MSIE6. For such applications, set this option to false to allow keep-alive connections. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| disable_sni_hostname_check | Disable sni hostname check Disable strict check between TLS servername and HTTP Host name. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_chunk_merge | Enable chunk merge Enable chunk body merge for chunked transfer encoding response. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| enable_fire_and_forget | Enable fire and forget Enable support for fire and forget feature. If enabled, request from client is forwarded to server even if client prematurely closes the connection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_request_body_buffering | Enable request body buffering Enable request body buffering for POST requests. If enabled, max buffer size is set to lower of 32M or the value (non-zero) configured in client_max_body_size. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_request_body_metrics | Enable request body metrics Enable HTTP request body metrics. If enabled, requests from clients are parsed and relevant statistics about them are gathered. Currently, it processes HTTP POST requests with Content-Type application/x-www-form-urlencoded or multipart/form-data, and adds the number of detected parameters to the l7_client.http_params_count. This is an experimental feature and it may have performance impact. Use it when detailed information about the number of HTTP POST parameters is needed, e.g. for WAF sizing. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| fwd_close_hdr_for_bound_connections | Fwd close hdr for bound connections Forward the Connection Close header coming from backend server to the client if connection-switching is enabled, i.e. front-end and backend connections are bound together. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| hsts_enabled | Hsts enabled Inserts HTTP Strict-Transport-Security header in the HTTPS response. HSTS can help mitigate man-in-the-middle attacks by telling browsers that support HSTS that they should only access this site via HTTPS. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| hsts_max_age | Hsts max age Number of days for which the client should regard this virtual service as a known HSTS host. Allowed values are 0-10000. Allowed in Basic(Allowed values- 365) edition, Essentials(Allowed values- 365) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 365. |
integer | Minimum: 0 Maximum: 10000 Default: "365" |
| hsts_subdomains_enabled | Hsts subdomains enabled Insert the 'includeSubdomains' directive in the HTTP Strict-Transport-Security header. Adding the includeSubdomains directive signals the User-Agent that the HSTS Policy applies to this HSTS Host as well as any subdomains of the host's domain name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| http2_profile | Http2 profile Specifies the HTTP/2 specific application profile parameters. Allowed in Essentials edition, Enterprise edition. |
ALBHTTP2ApplicationProfile | |
| http_to_https | Http to https Client requests received via HTTP will be redirected to HTTPS. Allowed in Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| http_upstream_buffer_size | Http upstream buffer size Size of HTTP buffer in kB. Allowed values are 1-256. Special values are 0- 'Auto compute the size of buffer'. Unit is KB. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 256 Default: "0" |
| httponly_enabled | Httponly enabled Mark HTTP cookies as HTTPonly. This helps mitigate cross site scripting attacks as browsers will not allow these cookies to be read by third parties, such as javascript. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| keepalive_header | Keepalive header Send HTTP 'Keep-Alive' header to the client. By default, the timeout specified in the 'Keep-Alive Timeout' field will be used unless the 'Use App Keepalive Timeout' flag is set, in which case the timeout sent by the application will be honored. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| keepalive_timeout | Keepalive timeout The max idle time allowed between HTTP requests over a Keep-alive connection. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000. |
integer | Minimum: 10 Maximum: 100000000 Default: "30000" |
| max_bad_rps_cip | Max bad rps cip Maximum bad requests per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| max_bad_rps_cip_uri | Max bad rps cip uri Maximum bad requests per second per client IP and URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| max_bad_rps_uri | Max bad rps uri Maximum bad requests per second per URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| max_keepalive_requests | Max keepalive requests The max number of HTTP requests that can be sent over a Keep-Alive connection. '0' means unlimited. Allowed values are 0-1000000. Special values are 0- 'Unlimited requests on a connection'. Allowed in Basic(Allowed values- 100) edition, Essentials(Allowed values- 100) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 100. |
integer | Minimum: 0 Maximum: 1000000 Default: "100" |
| max_response_headers_size | Max response headers size Maximum size in Kbytes of all the HTTP response headers. Allowed values are 1-256. Unit is KB. Allowed in Basic(Allowed values- 48) edition, Essentials(Allowed values- 48) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 48. |
integer | Minimum: 1 Maximum: 256 Default: "48" |
| max_rps_cip | Max rps cip Maximum requests per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| max_rps_cip_uri | Max rps cip uri Maximum requests per second per client IP and URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| max_rps_unknown_cip | Max rps unknown cip Maximum unknown client IPs per second. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| max_rps_unknown_uri | Max rps unknown uri Maximum unknown URIs per second. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| max_rps_uri | Max rps uri Maximum requests per second per URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| pki_profile_path | Pki profile path Select the PKI profile to be associated with the Virtual Service. This profile defines the Certificate Authority and Revocation List. It is a reference to an object of type PKIProfile. |
string | |
| post_accept_timeout | Post accept timeout The max allowed length of time between a client establishing a TCP connection and Avi receives the first byte of the client's HTTP request. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 30000) edition, Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000. |
integer | Minimum: 10 Maximum: 100000000 Default: "30000" |
| reset_conn_http_on_ssl_port | Reset conn http on ssl port If enabled, an HTTP request on an SSL port will result in connection close instead of a 400 response. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| respond_with_100_continue | Respond with 100 continue Avi will respond with 100-Continue response if Expect 100-Continue header received from client. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| secure_cookie_enabled | Secure cookie enabled Mark server cookies with the 'Secure' attribute. Client browsers will not send a cookie marked as secure over an unencrypted connection. If Avi is terminating SSL from clients and passing it as HTTP to the server, the server may return cookies without the secure flag set. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| server_side_redirect_to_https | Server side redirect to https When terminating client SSL sessions at Avi, servers may incorrectly send redirect to clients as HTTP. This option will rewrite the server's redirect responses for this virtual service from HTTP to HTTPS. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| ssl_client_certificate_action | Ssl client certificate action Set of match/action rules that govern what happens when the client certificate request is enabled. |
ALBSSLClientCertificateAction | |
| ssl_client_certificate_mode | Ssl client certificate mode Specifies whether the client side verification is set to none, request or require. Enum options - SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE. Allowed in Basic(Allowed values- SSL_CLIENT_CERTIFICATE_NONE,SSL_CLIENT_CERTIFICATE_REQUIRE) edition, Essentials(Allowed values- SSL_CLIENT_CERTIFICATE_NONE,SSL_CLIENT_CERTIFICATE_REQUIRE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CLIENT_CERTIFICATE_NONE. |
ALBSSLClientCertificateMode | Default: "SSL_CLIENT_CERTIFICATE_NONE" |
| use_app_keepalive_timeout | Use app keepalive timeout Use 'Keep-Alive' header timeout sent by application instead of sending the HTTP Keep-Alive Timeout. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| websockets_enabled | Websockets enabled Enable Websockets proxy for traffic from clients to the virtual service. Connections to this VS start in HTTP mode. If the client requests an Upgrade to Websockets, and the server responds back with success, then the connection is upgraded to WebSockets mode. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| x_forwarded_proto_enabled | X forwarded proto enabled Insert an X-Forwarded-Proto header in the request sent to the server. When the client connects via SSL, Avi terminates the SSL, and then forwards the requests to the servers via HTTP, so the servers can determine the original protocol via this header. In this example, the value will be 'https'. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| xff_alternate_name | Xff alternate name Provide a custom name for the X-Forwarded-For header sent to the servers. Default value when not specified in API or module is interpreted by ALB Controller as X-Forwarded-For. |
string | Default: "X-Forwarded-For" |
| xff_enabled | Xff enabled The client's original IP address is inserted into an HTTP request header sent to the server. Servers may use this address for logging or other purposes, rather than Avi's source NAT address used in the Avi to server IP connection. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBHTTPClientAuthenticationParams (schema)
HTTPClientAuthenticationParams
Advanced load balancer HTTPClientAuthenticationParams object
| Name | Description | Type | Notes |
|---|---|---|---|
| auth_profile_path | Auth profile path Auth Profile to use for validating users. It is a reference to an object of type AuthProfile. |
string | |
| realm | Realm Basic authentication realm to present to a user along with the prompt for credentials. |
string | |
| request_uri_path | Request uri path Rrequest URI path when the authentication applies. |
ALBStringMatch | |
| type | Type type of client authentication. Enum options - HTTP_BASIC_AUTH. |
ALBHTTPClientAuthenticationType |
ALBHTTPClientAuthenticationType (schema)
HTTPClientAuthenticationType type
Valid ENUM values for ALBHTTPClientAuthenticationType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPClientAuthenticationType | HTTPClientAuthenticationType type Valid ENUM values for ALBHTTPClientAuthenticationType |
string | Enum: HTTP_BASIC_AUTH |
ALBHTTPCookieData (schema)
HTTPCookieData
Advanced load balancer HTTPCookieData object
| Name | Description | Type | Notes |
|---|---|---|---|
| name | Name Cookie name. |
string | |
| value | Value Cookie value. |
string |
ALBHTTPHdrAction (schema)
HTTPHdrAction
Advanced load balancer HTTPHdrAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action ADD A new header with the new value is added irrespective of the existence of an HTTP header of the given name. REPLACE A new header with the new value is added if no header of the given name exists, else existing headers with the given name are removed and a new header with the new value is added. REMOVE All the headers of the given name are removed. Enum options - HTTP_ADD_HDR, HTTP_REMOVE_HDR, HTTP_REPLACE_HDR. Allowed in Basic(Allowed values- HTTP_REMOVE_HDR,HTTP_REPLACE_HDR) edition, Essentials(Allowed values- HTTP_REMOVE_HDR,HTTP_REPLACE_HDR) edition, Enterprise edition. |
ALBHTTPHdrActionType | Required |
| cookie | Cookie Cookie information. |
ALBHTTPCookieData | |
| hdr | Hdr HTTP header information. |
ALBHTTPHdrData |
ALBHTTPHdrActionType (schema)
HTTPHdrActionType type
Valid ENUM values for ALBHTTPHdrActionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPHdrActionType | HTTPHdrActionType type Valid ENUM values for ALBHTTPHdrActionType |
string | Enum: HTTP_ADD_HDR, HTTP_REMOVE_HDR, HTTP_REPLACE_HDR |
ALBHTTPHdrData (schema)
HTTPHdrData
Advanced load balancer HTTPHdrData object
| Name | Description | Type | Notes |
|---|---|---|---|
| name | Name HTTP header name. |
string | |
| value | Value HTTP header value. |
ALBHTTPHdrValue |
ALBHTTPHdrValue (schema)
HTTPHdrValue
Advanced load balancer HTTPHdrValue object
| Name | Description | Type | Notes |
|---|---|---|---|
| val | Val HTTP header value or variable representing an HTTP header. |
string | |
| var | Var Variable. Enum options - HTTP_POLICY_VAR_CLIENT_IP, HTTP_POLICY_VAR_VS_PORT, HTTP_POLICY_VAR_VS_IP, HTTP_POLICY_VAR_HTTP_HDR, HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT, HTTP_POLICY_VAR_SSL_CLIENT_SERIAL, HTTP_POLICY_VAR_SSL_CLIENT_ISSUER, HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT, HTTP_POLICY_VAR_SSL_CLIENT_RAW, HTTP_POLICY_VAR_SSL_PROTOCOL, HTTP_POLICY_VAR_SSL_SERVER_NAME, HTTP_POLICY_VAR_USER_NAME, HTTP_POLICY_VAR_SSL_CIPHER, HTTP_POLICY_VAR_REQUEST_ID, HTTP_POLICY_VAR_SSL_CLIENT_VERSION, HTTP_POLICY_VAR_SSL_CLIENT_SIGALG, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER. |
ALBHTTPPolicyVar |
ALBHTTPLocalFile (schema)
HTTPLocalFile
Advanced load balancer HTTPLocalFile object
| Name | Description | Type | Notes |
|---|---|---|---|
| content_type | Content type Mime-type of the content in the file. |
string | Required |
| file_content | File content File content to used in the local HTTP response body. |
string | Required |
ALBHTTPLocalResponseStatusCode (schema)
HTTPLocalResponseStatusCode type
Valid ENUM values for ALBHTTPLocalResponseStatusCode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPLocalResponseStatusCode | HTTPLocalResponseStatusCode type Valid ENUM values for ALBHTTPLocalResponseStatusCode |
string | Enum: HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501 |
ALBHTTPMethod (schema)
HTTPMethod type
Valid ENUM values for ALBHTTPMethod
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPMethod | HTTPMethod type Valid ENUM values for ALBHTTPMethod |
string | Enum: HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK |
ALBHTTPPolicies (schema)
HTTPPolicies
Advanced load balancer HTTPPolicies object
| Name | Description | Type | Notes |
|---|---|---|---|
| http_policy_set_path | Http policy set path path of the virtual service HTTP policy collection. It is a reference to an object of type HTTPPolicySet. |
string | Required |
| index | Index Index of the virtual service HTTP policy collection. |
integer | Required |
ALBHTTPPolicySet (schema)
HTTPPolicySet
Advanced load balancer HTTPPolicySet object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cloud_config_cksum | Cloud config cksum Checksum of cloud configuration for Pool. Internally set by cloud connector. |
string | |
| created_by | Created by Creator name. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| http_request_policy | Http request policy HTTP request policy for the virtual service. |
ALBHTTPRequestPolicy | |
| http_response_policy | Http response policy HTTP response policy for the virtual service. |
ALBHTTPResponsePolicy | |
| http_security_policy | Http security policy HTTP security policy for the virtual service. |
ALBHTTPSecurityPolicy | |
| id | Unique identifier of this resource | string | Sortable |
| is_internal_policy | Is internal policy Placeholder for description of property is_internal_policy of obj type HTTPPolicySet field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBHTTPPolicySet | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBHTTPPolicySetApiResponse (schema)
HTTPPolicySetApiResponse
HTTPPolicySetApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of HTTPPolicySet Array of HTTPPolicySet |
array of ALBHTTPPolicySet | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBHTTPPolicyVar (schema)
HTTPPolicyVar type
Valid ENUM values for ALBHTTPPolicyVar
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPPolicyVar | HTTPPolicyVar type Valid ENUM values for ALBHTTPPolicyVar |
string | Enum: HTTP_POLICY_VAR_CLIENT_IP, HTTP_POLICY_VAR_VS_PORT, HTTP_POLICY_VAR_VS_IP, HTTP_POLICY_VAR_HTTP_HDR, HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT, HTTP_POLICY_VAR_SSL_CLIENT_SERIAL, HTTP_POLICY_VAR_SSL_CLIENT_ISSUER, HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT, HTTP_POLICY_VAR_SSL_CLIENT_RAW, HTTP_POLICY_VAR_SSL_PROTOCOL, HTTP_POLICY_VAR_SSL_SERVER_NAME, HTTP_POLICY_VAR_USER_NAME, HTTP_POLICY_VAR_SSL_CIPHER, HTTP_POLICY_VAR_REQUEST_ID, HTTP_POLICY_VAR_SSL_CLIENT_VERSION, HTTP_POLICY_VAR_SSL_CLIENT_SIGALG, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER |
ALBHTTPProtocol (schema)
HTTPProtocol type
Valid ENUM values for ALBHTTPProtocol
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPProtocol | HTTPProtocol type Valid ENUM values for ALBHTTPProtocol |
string | Enum: HTTP, HTTPS |
ALBHTTPRedirectAction (schema)
HTTPRedirectAction
Advanced load balancer HTTPRedirectAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| host | Host Host config. |
ALBURIParam | |
| keep_query | Keep query Keep or drop the query of the incoming request URI in the redirected URI. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| path | Path Path config. |
ALBURIParam | |
| port | Port Port to which redirect the request. Allowed values are 1-65535. |
integer | Minimum: 1 Maximum: 65535 |
| protocol | Protocol Protocol type. Enum options - HTTP, HTTPS. |
ALBHTTPProtocol | Required |
| status_code | Status code HTTP redirect status code. Enum options - HTTP_REDIRECT_STATUS_CODE_301, HTTP_REDIRECT_STATUS_CODE_302, HTTP_REDIRECT_STATUS_CODE_307. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_REDIRECT_STATUS_CODE_302. |
ALBHTTPRedirectStatusCode | Default: "HTTP_REDIRECT_STATUS_CODE_302" |
ALBHTTPRedirectStatusCode (schema)
HTTPRedirectStatusCode type
Valid ENUM values for ALBHTTPRedirectStatusCode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPRedirectStatusCode | HTTPRedirectStatusCode type Valid ENUM values for ALBHTTPRedirectStatusCode |
string | Enum: HTTP_REDIRECT_STATUS_CODE_301, HTTP_REDIRECT_STATUS_CODE_302, HTTP_REDIRECT_STATUS_CODE_307 |
ALBHTTPRequestPolicy (schema)
HTTPRequestPolicy
Advanced load balancer HTTPRequestPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| rules | Rules Add rules to the HTTP request policy. |
array of ALBHTTPRequestRule |
ALBHTTPRequestRule (schema)
HTTPRequestRule
Advanced load balancer HTTPRequestRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| all_headers | All headers Log all HTTP headers upon rule match. |
boolean | |
| enable | Enable Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Required Default: "True" |
| hdr_action | Hdr action HTTP header rewrite action. |
array of ALBHTTPHdrAction | |
| index | Index Index of the rule. |
integer | Required |
| log | Log Log HTTP request upon rule match. |
boolean | |
| match | Match Add match criteria to the rule. |
ALBMatchTarget | |
| name | Name Name of the rule. |
string | Required |
| redirect_action | Redirect action HTTP redirect action. |
ALBHTTPRedirectAction | |
| rewrite_url_action | Rewrite url action HTTP request URL rewrite action. |
ALBHTTPRewriteURLAction | |
| switching_action | Switching action Content switching action. |
ALBHTTPSwitchingAction |
ALBHTTPReselectRespCode (schema)
HTTPReselectRespCode
Advanced load balancer HTTPReselectRespCode object
| Name | Description | Type | Notes |
|---|---|---|---|
| codes | Codes HTTP response code to be matched. Allowed values are 400-599. |
array of integer | |
| ranges | Ranges HTTP response code ranges to match. |
array of ALBHTTPStatusRange | |
| resp_code_block | Resp code block Block of HTTP response codes to match for server reselect. Enum options - HTTP_RSP_4XX, HTTP_RSP_5XX. |
array of ALBHttpReselectRespCodeBlock |
ALBHTTPResponseCodes (schema)
HTTPResponseCodes type
Valid ENUM values for ALBHTTPResponseCodes
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPResponseCodes | HTTPResponseCodes type Valid ENUM values for ALBHTTPResponseCodes |
string | Enum: HTTP_RESPONSE_CODE_0, HTTP_RESPONSE_CODE_100, HTTP_RESPONSE_CODE_101, HTTP_RESPONSE_CODE_200, HTTP_RESPONSE_CODE_201, HTTP_RESPONSE_CODE_202, HTTP_RESPONSE_CODE_203, HTTP_RESPONSE_CODE_204, HTTP_RESPONSE_CODE_205, HTTP_RESPONSE_CODE_206, HTTP_RESPONSE_CODE_300, HTTP_RESPONSE_CODE_301, HTTP_RESPONSE_CODE_302, HTTP_RESPONSE_CODE_303, HTTP_RESPONSE_CODE_304, HTTP_RESPONSE_CODE_305, HTTP_RESPONSE_CODE_307, HTTP_RESPONSE_CODE_400, HTTP_RESPONSE_CODE_401, HTTP_RESPONSE_CODE_402, HTTP_RESPONSE_CODE_403, HTTP_RESPONSE_CODE_404, HTTP_RESPONSE_CODE_405, HTTP_RESPONSE_CODE_406, HTTP_RESPONSE_CODE_407, HTTP_RESPONSE_CODE_408, HTTP_RESPONSE_CODE_409, HTTP_RESPONSE_CODE_410, HTTP_RESPONSE_CODE_411, HTTP_RESPONSE_CODE_412, HTTP_RESPONSE_CODE_413, HTTP_RESPONSE_CODE_414, HTTP_RESPONSE_CODE_415, HTTP_RESPONSE_CODE_416, HTTP_RESPONSE_CODE_417, HTTP_RESPONSE_CODE_426, HTTP_RESPONSE_CODE_470, HTTP_RESPONSE_CODE_475, HTTP_RESPONSE_CODE_500, HTTP_RESPONSE_CODE_501, HTTP_RESPONSE_CODE_502, HTTP_RESPONSE_CODE_503, HTTP_RESPONSE_CODE_504, HTTP_RESPONSE_CODE_505 |
ALBHTTPResponsePolicy (schema)
HTTPResponsePolicy
Advanced load balancer HTTPResponsePolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| rules | Rules Add rules to the HTTP response policy. |
array of ALBHTTPResponseRule |
ALBHTTPResponseRule (schema)
HTTPResponseRule
Advanced load balancer HTTPResponseRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| all_headers | All headers Log all HTTP headers upon rule match. |
boolean | |
| enable | Enable Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Required Default: "True" |
| hdr_action | Hdr action HTTP header rewrite action. |
array of ALBHTTPHdrAction | |
| index | Index Index of the rule. |
integer | Required |
| loc_hdr_action | Loc hdr action Location header rewrite action. |
ALBHTTPRewriteLocHdrAction | |
| log | Log Log HTTP request upon rule match. |
boolean | |
| match | Match Add match criteria to the rule. |
ALBResponseMatchTarget | |
| name | Name Name of the rule. |
string | Required |
ALBHTTPRewriteLocHdrAction (schema)
HTTPRewriteLocHdrAction
Advanced load balancer HTTPRewriteLocHdrAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| host | Host Host config. |
ALBURIParam | |
| keep_query | Keep query Keep or drop the query from the server side redirect URI. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| path | Path Path config. |
ALBURIParam | |
| port | Port Port to use in the redirected URI. Allowed values are 1-65535. |
integer | Minimum: 1 Maximum: 65535 |
| protocol | Protocol HTTP protocol type. Enum options - HTTP, HTTPS. |
ALBHTTPProtocol | Required |
ALBHTTPRewriteURLAction (schema)
HTTPRewriteURLAction
Advanced load balancer HTTPRewriteURLAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| host_hdr | Host hdr Host config. |
ALBURIParam | |
| path | Path Path config. |
ALBURIParam | |
| query | Query Query config. |
ALBURIParamQuery |
ALBHTTPSecurityAction (schema)
HTTPSecurityAction
Advanced load balancer HTTPSecurityAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Type of the security action to perform. Enum options - HTTP_SECURITY_ACTION_CLOSE_CONN, HTTP_SECURITY_ACTION_SEND_RESPONSE, HTTP_SECURITY_ACTION_ALLOW, HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS, HTTP_SECURITY_ACTION_RATE_LIMIT, HTTP_SECURITY_ACTION_REQUEST_CHECK_ICAP. Allowed in Basic(Allowed values- HTTP_SECURITY_ACTION_CLOSE_CONN,HTTP_SECURITY_ACTION_SEND_RESPONSE,HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS) edition, Essentials(Allowed values- HTTP_SECURITY_ACTION_CLOSE_CONN,HTTP_SECURITY_ACTION_SEND_RESPONSE,HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS) edition, Enterprise edition. |
ALBHTTPSecurityActionType | Required |
| file | File File to be used for generating HTTP local response. |
ALBHTTPLocalFile | |
| https_port | Https port Secure SSL/TLS port to redirect the HTTP request to. Allowed values are 1-65535. |
integer | Minimum: 1 Maximum: 65535 |
| rate_profile | Rate profile Rate limiting configuration for this action. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBHTTPSecurityActionRateProfile | |
| status_code | Status code HTTP status code to use for local response. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501. |
ALBHTTPLocalResponseStatusCode |
ALBHTTPSecurityActionRateProfile (schema)
HTTPSecurityActionRateProfile
Advanced load balancer HTTPSecurityActionRateProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action The action to take when the rate limit has been reached. |
ALBRateLimiterAction | Required |
| per_client_ip | Per client ip Rate limiting should be done on a per client ip basis. |
boolean | |
| per_uri_path | Per uri path Rate limiting should be done on a per request uri path basis. |
boolean | |
| rate_limiter | Rate limiter The rate limiter used when this action is triggered. |
ALBRateLimiter | Required |
ALBHTTPSecurityActionType (schema)
HTTPSecurityActionType type
Valid ENUM values for ALBHTTPSecurityActionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPSecurityActionType | HTTPSecurityActionType type Valid ENUM values for ALBHTTPSecurityActionType |
string | Enum: HTTP_SECURITY_ACTION_CLOSE_CONN, HTTP_SECURITY_ACTION_SEND_RESPONSE, HTTP_SECURITY_ACTION_ALLOW, HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS, HTTP_SECURITY_ACTION_RATE_LIMIT, HTTP_SECURITY_ACTION_REQUEST_CHECK_ICAP |
ALBHTTPSecurityPolicy (schema)
HTTPSecurityPolicy
Advanced load balancer HTTPSecurityPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| rules | Rules Add rules to the HTTP security policy. |
array of ALBHTTPSecurityRule |
ALBHTTPSecurityRule (schema)
HTTPSecurityRule
Advanced load balancer HTTPSecurityRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Action to be performed upon successful matching. |
ALBHTTPSecurityAction | |
| enable | Enable Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Required Default: "True" |
| index | Index Index of the rule. |
integer | Required |
| log | Log Log HTTP request upon rule match. |
boolean | |
| match | Match Add match criteria to the rule. |
ALBMatchTarget | |
| name | Name Name of the rule. |
string | Required |
ALBHTTPServerReselect (schema)
HTTPServerReselect
Advanced load balancer HTTPServerReselect object
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Enabled Enable HTTP request reselect when server responds with specific response codes. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Required Default: "False" |
| num_retries | Num retries Number of times to retry an HTTP request when server responds with configured status codes. Default value when not specified in API or module is interpreted by ALB Controller as 4. |
integer | Minimum: 0 Default: "4" |
| retry_nonidempotent | Retry nonidempotent Allow retry of non-idempotent HTTP requests. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| retry_timeout | Retry timeout Timeout per retry attempt, for a given request. Value of 0 indicates default timeout. Allowed values are 0-3600000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 3600000 Default: "0" |
| svr_resp_code | Svr resp code Server response codes which will trigger an HTTP request retry. |
ALBHTTPReselectRespCode |
ALBHTTPStatusMatch (schema)
HTTPStatusMatch
Advanced load balancer HTTPStatusMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for matching the HTTP response status code(s). Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| ranges | Ranges HTTP response status code range(s). |
array of ALBHTTPStatusRange | |
| status_codes | Status codes HTTP response status code(s). |
array of integer |
ALBHTTPStatusRange (schema)
HTTPStatusRange
Advanced load balancer HTTPStatusRange object
| Name | Description | Type | Notes |
|---|---|---|---|
| begin | Begin Starting HTTP response status code. |
integer | Required |
| end | End Ending HTTP response status code. |
integer | Required |
ALBHTTPSwitchingAction (schema)
HTTPSwitchingAction
Advanced load balancer HTTPSwitchingAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Content switching action type. Enum options - HTTP_SWITCHING_SELECT_POOL, HTTP_SWITCHING_SELECT_LOCAL, HTTP_SWITCHING_SELECT_POOLGROUP. Allowed in Essentials(Allowed values- HTTP_SWITCHING_SELECT_POOL,HTTP_SWITCHING_SELECT_LOCAL) edition, Enterprise edition. |
ALBHTTPSwitchingActionType | Required |
| file | File File from which to serve local response to the request. |
ALBHTTPLocalFile | |
| pool_group_path | Pool group path path of the pool group to serve the request. It is a reference to an object of type PoolGroup. |
string | |
| pool_path | Pool path path of the pool of servers to serve the request. It is a reference to an object of type Pool. |
string | |
| server | Server Specific pool server to select. |
ALBPoolServer | |
| status_code | Status code HTTP status code to use when serving local response. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501. |
ALBHTTPLocalResponseStatusCode |
ALBHTTPSwitchingActionType (schema)
HTTPSwitchingActionType type
Valid ENUM values for ALBHTTPSwitchingActionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPSwitchingActionType | HTTPSwitchingActionType type Valid ENUM values for ALBHTTPSwitchingActionType |
string | Enum: HTTP_SWITCHING_SELECT_POOL, HTTP_SWITCHING_SELECT_LOCAL, HTTP_SWITCHING_SELECT_POOLGROUP |
ALBHTTPVersion (schema)
HTTPVersion type
Valid ENUM values for ALBHTTPVersion
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPVersion | HTTPVersion type Valid ENUM values for ALBHTTPVersion |
string | Enum: ZERO_NINE, ONE_ZERO, ONE_ONE, TWO_ZERO |
ALBHTTPVersionMatch (schema)
HTTPVersionMatch
Advanced load balancer HTTPVersionMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for HTTP version matching the version used in the HTTP request. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| versions | Versions HTTP protocol version. Enum options - ZERO_NINE, ONE_ZERO, ONE_ONE, TWO_ZERO. Minimum of 1 items required. Maximum of 8 items allowed. Allowed in Basic(Allowed values- ONE_ZERO,ONE_ONE) edition, Essentials(Allowed values- ONE_ZERO,ONE_ONE) edition, Enterprise edition. |
array of ALBHTTPVersion | Required |
ALBHardwareSecurityModule (schema)
HardwareSecurityModule
Advanced load balancer HardwareSecurityModule object
| Name | Description | Type | Notes |
|---|---|---|---|
| cloudhsm | Cloudhsm AWS CloudHSM specific configuration. |
ALBHSMAwsCloudHsm | |
| nethsm | Nethsm Thales netHSM specific configuration. |
array of ALBHSMThalesNetHsm | |
| rfs | Rfs Thales Remote File Server (RFS), used for the netHSMs, configuration. |
ALBHSMThalesRFS | |
| sluna | Sluna Safenet/Gemalto Luna/Gem specific configuration. |
ALBHSMSafenetLuna | |
| type | Type HSM type to use. Enum options - HSM_TYPE_THALES_NETHSM, HSM_TYPE_SAFENET_LUNA, HSM_TYPE_AWS_CLOUDHSM. |
ALBHSMType | Required |
ALBHardwareSecurityModuleGroup (schema)
HardwareSecurityModuleGroup
Advanced load balancer HardwareSecurityModuleGroup object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| hsm | Hsm Hardware Security Module configuration. |
ALBHardwareSecurityModule | Required |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBHardwareSecurityModuleGroup | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBHardwareSecurityModuleGroupApiResponse (schema)
HardwareSecurityModuleGroupApiResponse
HardwareSecurityModuleGroupApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of HardwareSecurityModuleGroup Array of HardwareSecurityModuleGroup |
array of ALBHardwareSecurityModuleGroup | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBHdrMatch (schema)
HdrMatch
Advanced load balancer HdrMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| hdr | Hdr Name of the HTTP header whose value is to be matched. |
string | Required |
| match_case | Match case Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. |
ALBMatchCase | Default: "INSENSITIVE" |
| match_criteria | Match criteria Criterion to use for matching headers in the HTTP request. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. |
ALBHdrMatchOperation | Required |
| value | Value String values to match in the HTTP header. |
array of string |
ALBHdrMatchOperation (schema)
HdrMatchOperation type
Valid ENUM values for ALBHdrMatchOperation
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHdrMatchOperation | HdrMatchOperation type Valid ENUM values for ALBHdrMatchOperation |
string | Enum: HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL |
ALBHdrPersistenceProfile (schema)
HdrPersistenceProfile
Advanced load balancer HdrPersistenceProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| prst_hdr_name | Prst hdr name Header name for custom header persistence. |
string |
ALBHealthMonitor (schema)
HealthMonitor
Advanced load balancer HealthMonitor object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| allow_duplicate_monitors | Allow duplicate monitors By default, multiple instances of the same healthmonitor to the same server are suppressed intelligently. In rare cases, the monitor may have specific constructs that go beyond the server keys (ip, port, etc.) during which such suppression is not desired. Use this knob to allow duplicates. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. |
boolean | |
| authentication | Authentication Authentication information for username/password. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBHealthMonitorAuthInfo | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| disable_quickstart | Disable quickstart During addition of a server or healthmonitors or during bootup, Avi performs sequential health checks rather than waiting for send-interval to kick in, to mark the server up as soon as possible. This knob may be used to turn this feature off. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. |
boolean | |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_monitor | Dns monitor Placeholder for description of property dns_monitor of obj type HealthMonitor field type str type ref. |
ALBHealthMonitorDNS | |
| external_monitor | External monitor Placeholder for description of property external_monitor of obj type HealthMonitor field type str type ref. |
ALBHealthMonitorExternal | |
| failed_checks | Failed checks Number of continuous failed health checks before the server is marked down. Allowed values are 1-50. Default value when not specified in API or module is interpreted by ALB Controller as 2. |
integer | Minimum: 1 Maximum: 50 Default: "2" |
| http_monitor | Http monitor Placeholder for description of property http_monitor of obj type HealthMonitor field type str type ref. |
ALBHealthMonitorHttp | |
| https_monitor | Https monitor Placeholder for description of property https_monitor of obj type HealthMonitor field type str type ref. |
ALBHealthMonitorHttp | |
| id | Unique identifier of this resource | string | Sortable |
| imap_monitor | Imap monitor Health monitor for IMAP. |
ALBHealthMonitorImap | |
| imaps_monitor | Imaps monitor Health monitor for IMAPS. |
ALBHealthMonitorImap | |
| is_federated | Is federated This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| monitor_port | Monitor port Use this port instead of the port defined for the server in the Pool. If the monitor succeeds to this port, the load balanced traffic will still be sent to the port of the server defined within the Pool. Allowed values are 1-65535. Special values are 0 - 'Use server port'. |
integer | Minimum: 0 Maximum: 65535 |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| pop3_monitor | Pop3 monitor Health monitor for POP3. |
ALBHealthMonitorPop3 | |
| pop3s_monitor | Pop3s monitor Health monitor for POP3S. |
ALBHealthMonitorPop3 | |
| radius_monitor | Radius monitor Health monitor for Radius. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBHealthMonitorRadius | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| receive_timeout | Receive timeout A valid response from the server is expected within the receive timeout window. This timeout must be less than the send interval. If server status is regularly flapping up and down, consider increasing this value. Allowed values are 1-2400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 4. |
integer | Minimum: 1 Maximum: 2400 Default: "4" |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBHealthMonitor | string | |
| send_interval | Send interval Frequency, in seconds, that monitors are sent to a server. Allowed values are 1-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Minimum: 1 Maximum: 3600 Default: "10" |
| sip_monitor | Sip monitor Health monitor for SIP. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBHealthMonitorSIP | |
| smtp_monitor | Smtp monitor Health monitor for SMTP. |
ALBHealthMonitorSmtp | |
| smtps_monitor | Smtps monitor Health monitor for SMTPS. |
ALBHealthMonitorSmtp | |
| successful_checks | Successful checks Number of continuous successful health checks before server is marked up. Allowed values are 1-50. Default value when not specified in API or module is interpreted by ALB Controller as 2. |
integer | Minimum: 1 Maximum: 50 Default: "2" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_monitor | Tcp monitor Placeholder for description of property tcp_monitor of obj type HealthMonitor field type str type ref. |
ALBHealthMonitorTcp | |
| type | Type Type of the health monitor. Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP, HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB, HEALTH_MONITOR_SIP, HEALTH_MONITOR_RADIUS, HEALTH_MONITOR_SMTP, HEALTH_MONITOR_SMTPS, HEALTH_MONITOR_POP3, HEALTH_MONITOR_POP3S, HEALTH_MONITOR_IMAP, HEALTH_MONITOR_IMAPS. Allowed in Basic(Allowed values- HEALTH_MONITOR_PING,HEALTH_MONITOR_TCP,HEALTH_MONITOR_UDP,HEALTH_MONITOR_HTTP,HEALTH_MONITOR_HTTPS) edition, Essentials(Allowed values- HEALTH_MONITOR_PING,HEALTH_MONITOR_TCP,HEALTH_MONITOR_UDP) edition, Enterprise edition. |
ALBHealthMonitorType | Required |
| udp_monitor | Udp monitor Placeholder for description of property udp_monitor of obj type HealthMonitor field type str type ref. |
ALBHealthMonitorUdp | |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBHealthMonitorApiResponse (schema)
HealthMonitorApiResponse
HealthMonitorApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of HealthMonitor Array of HealthMonitor |
array of ALBHealthMonitor | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBHealthMonitorAuthInfo (schema)
HealthMonitorAuthInfo
Advanced load balancer HealthMonitorAuthInfo object
| Name | Description | Type | Notes |
|---|---|---|---|
| password | Password Password for server authentication. |
string | Required |
| username | Username Username for server authentication. |
string | Required |
ALBHealthMonitorAuthType (schema)
HealthMonitorAuthType type
Valid ENUM values for ALBHealthMonitorAuthType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHealthMonitorAuthType | HealthMonitorAuthType type Valid ENUM values for ALBHealthMonitorAuthType |
string | Enum: AUTH_BASIC, AUTH_NTLM |
ALBHealthMonitorDNS (schema)
HealthMonitorDNS
Advanced load balancer HealthMonitorDNS object
| Name | Description | Type | Notes |
|---|---|---|---|
| qtype | Qtype Query_Type Response has atleast one answer of which the resource record type matches the query type Any_Type Response should contain atleast one answer AnyThing An empty answer is enough. Enum options - DNS_QUERY_TYPE, DNS_ANY_TYPE, DNS_ANY_THING. Default value when not specified in API or module is interpreted by ALB Controller as DNS_QUERY_TYPE. |
ALBHealthMonitorDNSQueryType | Default: "DNS_QUERY_TYPE" |
| query_name | Query name The DNS monitor will query the DNS server for the fully qualified name in this field. |
string | Required |
| rcode | Rcode When No Error is selected, a DNS query will be marked failed is any error code is returned by the server. With Any selected, the monitor ignores error code in the responses. Enum options - RCODE_NO_ERROR, RCODE_ANYTHING. Default value when not specified in API or module is interpreted by ALB Controller as RCODE_NO_ERROR. |
ALBHealthMonitorDNSRcode | Default: "RCODE_NO_ERROR" |
| record_type | Record type Resource record type used in the healthmonitor DNS query, only A or AAAA type supported. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_A. |
ALBDnsRecordType | Default: "DNS_RECORD_A" |
| response_string | Response string The resource record of the queried DNS server's response for the Request Name must include the IP address defined in this field. |
string |
ALBHealthMonitorDNSQueryType (schema)
HealthMonitorDNSQueryType type
Valid ENUM values for ALBHealthMonitorDNSQueryType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHealthMonitorDNSQueryType | HealthMonitorDNSQueryType type Valid ENUM values for ALBHealthMonitorDNSQueryType |
string | Enum: DNS_QUERY_TYPE, DNS_ANY_TYPE, DNS_ANY_THING |
ALBHealthMonitorDNSRcode (schema)
HealthMonitorDNSRcode type
Valid ENUM values for ALBHealthMonitorDNSRcode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHealthMonitorDNSRcode | HealthMonitorDNSRcode type Valid ENUM values for ALBHealthMonitorDNSRcode |
string | Enum: RCODE_NO_ERROR, RCODE_ANYTHING |
ALBHealthMonitorExternal (schema)
HealthMonitorExternal
Advanced load balancer HealthMonitorExternal object
| Name | Description | Type | Notes |
|---|---|---|---|
| command_code | Command code Command script provided inline. |
string | Required |
| command_parameters | Command parameters Optional arguments to feed into the script. |
string | |
| command_path | Command path Path of external health monitor script. |
string | |
| command_variables | Command variables Environment variables to be fed into the script. |
string |
ALBHealthMonitorHttp (schema)
HealthMonitorHttp
Advanced load balancer HealthMonitorHttp object
| Name | Description | Type | Notes |
|---|---|---|---|
| auth_type | Auth type Type of the authentication method. Enum options - AUTH_BASIC, AUTH_NTLM. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBHealthMonitorAuthType | |
| exact_http_request | Exact http request Use the exact http_request string as specified by user, without any automatic insert of headers like Host header. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| http_request | Http request Send an HTTP request to the server. The default GET / HTTP/1.0 may be extended with additional headers or information. For instance, GET /index.htm HTTP/1.1 Host www.site.com Connection Close. Default value when not specified in API or module is interpreted by ALB Controller as GET / HTTP/1.0. |
string | Default: "GET / HTTP/1.0" |
| http_request_body | Http request body HTTP request body. |
string | |
| http_response | Http response Match for a keyword in the first 2Kb of the server header and body response. |
string | |
| http_response_code | Http response code List of HTTP response codes to match as successful. Default is 2xx. Enum options - HTTP_ANY, HTTP_1XX, HTTP_2XX, HTTP_3XX, HTTP_4XX, HTTP_5XX. Minimum of 1 items required. |
array of ALBHttpResponseCode | Required |
| maintenance_code | Maintenance code Match or look for this HTTP response code indicating server maintenance. A successful match results in the server being marked down. Allowed values are 101-599. Maximum of 4 items allowed. |
array of integer | |
| maintenance_response | Maintenance response Match or look for this keyword in the first 2KB of server header and body response indicating server maintenance. A successful match results in the server being marked down. |
string | |
| response_size | Response size Expected http/https response page size. Allowed values are 2048-16384. |
integer | Minimum: 2048 Maximum: 16384 |
| ssl_attributes | Ssl attributes SSL attributes for HTTPS health monitor. |
ALBHealthMonitorSSLAttributes |
ALBHealthMonitorImap (schema)
HealthMonitorImap
Advanced load balancer HealthMonitorImap object
| Name | Description | Type | Notes |
|---|---|---|---|
| folder | Folder Folder to access. |
string | |
| ssl_attributes | Ssl attributes SSL attributes for IMAPS monitor. |
ALBHealthMonitorSSLAttributes |
ALBHealthMonitorPop3 (schema)
HealthMonitorPop3
Advanced load balancer HealthMonitorPop3 object
| Name | Description | Type | Notes |
|---|---|---|---|
| ssl_attributes | Ssl attributes SSL attributes for POP3S monitor. |
ALBHealthMonitorSSLAttributes |
ALBHealthMonitorRadius (schema)
HealthMonitorRadius
Advanced load balancer HealthMonitorRadius object
| Name | Description | Type | Notes |
|---|---|---|---|
| password | Password Radius monitor will query Radius server with this password. |
string | Required |
| shared_secret | Shared secret Radius monitor will query Radius server with this shared secret. |
string | Required |
| username | Username Radius monitor will query Radius server with this username. |
string | Required |
ALBHealthMonitorSIP (schema)
HealthMonitorSIP
Advanced load balancer HealthMonitorSIP object
| Name | Description | Type | Notes |
|---|---|---|---|
| sip_monitor_transport | Sip monitor transport Specify the transport protocol TCP or UDP, to be used for SIP health monitor. The default transport is UDP. Enum options - SIP_UDP_PROTO, SIP_TCP_PROTO. Default value when not specified in API or module is interpreted by ALB Controller as SIP_UDP_PROTO. |
ALBSipMonTransport | Default: "SIP_UDP_PROTO" |
| sip_request_code | Sip request code Specify the SIP request to be sent to the server. By default, SIP OPTIONS request will be sent. Enum options - SIP_OPTIONS. Default value when not specified in API or module is interpreted by ALB Controller as SIP_OPTIONS. |
ALBSipRequestCode | Default: "SIP_OPTIONS" |
| sip_response | Sip response Match for a keyword in the first 2KB of the server header and body response. By default, it matches for SIP/2.0. Default value when not specified in API or module is interpreted by ALB Controller as SIP/2.0. |
string | Default: "SIP/2.0" |
ALBHealthMonitorSSLAttributes (schema)
HealthMonitorSSLAttributes
Advanced load balancer HealthMonitorSSLAttributes object
| Name | Description | Type | Notes |
|---|---|---|---|
| pki_profile_path | Pki profile path PKI profile used to validate the SSL certificate presented by a server. It is a reference to an object of type PKIProfile. |
string | |
| server_name | Server name Fully qualified DNS hostname which will be used in the TLS SNI extension in server connections indicating SNI is enabled. |
string | |
| ssl_key_and_certificate_path | Ssl key and certificate path Service engines will present this SSL certificate to the server. It is a reference to an object of type SSLKeyAndCertificate. |
string | |
| ssl_profile_path | Ssl profile path SSL profile defines ciphers and SSL versions to be used for healthmonitor traffic to the back-end servers. It is a reference to an object of type SSLProfile. |
string | Required |
ALBHealthMonitorSmtp (schema)
HealthMonitorSmtp
Advanced load balancer HealthMonitorSmtp object
| Name | Description | Type | Notes |
|---|---|---|---|
| domainname | Domainname Sender domain name. |
string | |
| mail_data | Mail data Mail data. |
string | |
| recipients_ids | Recipients ids Mail recipients. |
array of string | |
| sender_id | Sender id Mail sender. |
string | |
| ssl_attributes | Ssl attributes SSL attributes for SMTPS monitor. |
ALBHealthMonitorSSLAttributes |
ALBHealthMonitorTcp (schema)
HealthMonitorTcp
Advanced load balancer HealthMonitorTcp object
| Name | Description | Type | Notes |
|---|---|---|---|
| maintenance_response | Maintenance response Match or look for this keyword in the first 2KB of server's response indicating server maintenance. A successful match results in the server being marked down. |
string | |
| tcp_half_open | Tcp half open Configure TCP health monitor to use half-open TCP connections to monitor the health of backend servers thereby avoiding consumption of a full fledged server side connection and the overhead and logs associated with it. This method is light-weight as it makes use of listener in server's kernel layer to measure the health and a child socket or user thread is not created on the server side. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| tcp_request | Tcp request Request data to send after completing the TCP handshake. |
string | |
| tcp_response | Tcp response Match for the desired keyword in the first 2Kb of the server's TCP response. If this field is left blank, no server response is required. |
string |
ALBHealthMonitorType (schema)
HealthMonitorType type
Valid ENUM values for ALBHealthMonitorType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHealthMonitorType | HealthMonitorType type Valid ENUM values for ALBHealthMonitorType |
string | Enum: HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP, HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB, HEALTH_MONITOR_SIP, HEALTH_MONITOR_RADIUS, HEALTH_MONITOR_SMTP, HEALTH_MONITOR_SMTPS, HEALTH_MONITOR_POP3, HEALTH_MONITOR_POP3S, HEALTH_MONITOR_IMAP, HEALTH_MONITOR_IMAPS |
ALBHealthMonitorUdp (schema)
HealthMonitorUdp
Advanced load balancer HealthMonitorUdp object
| Name | Description | Type | Notes |
|---|---|---|---|
| maintenance_response | Maintenance response Match or look for this keyword in the first 2KB of server's response indicating server maintenance. A successful match results in the server being marked down. |
string | |
| udp_request | Udp request Send UDP request. |
string | |
| udp_response | Udp response Match for keyword in the UDP response. |
string |
ALBHostHdrMatch (schema)
HostHdrMatch
Advanced load balancer HostHdrMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_case | Match case Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. |
ALBMatchCase | Default: "INSENSITIVE" |
| match_criteria | Match criteria Criterion to use for the host header value match. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. |
ALBHdrMatchOperation | Required |
| value | Value String value(s) in the host header. |
array of string |
ALBHttpCacheConfig (schema)
HttpCacheConfig
Advanced load balancer HttpCacheConfig object
| Name | Description | Type | Notes |
|---|---|---|---|
| age_header | Age header Add an Age header to content served from cache, which indicates to the client the number of seconds the object has been in the cache. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| aggressive | Aggressive Enable/disable caching objects without Cache-Control headers. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| date_header | Date header If a Date header was not added by the server, add a Date header to the object served from cache. This indicates to the client when the object was originally sent by the server to the cache. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| default_expire | Default expire Default expiration time of cache objects received from the server without a Cache-Control expiration header. This value may be overwritten by the Heuristic Expire setting. Default value when not specified in API or module is interpreted by ALB Controller as 600. |
integer | Default: "600" |
| enabled | Enabled Enable/disable HTTP object caching.When enabling caching for the first time, SE Group app_cache_percent must be set to allocate shared memory required for caching (A service engine restart is needed after setting/resetting the SE group value). Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| heuristic_expire | Heuristic expire If a response object from the server does not include the Cache-Control header, but does include a Last-Modified header, the system will use this time to calculate the Cache-Control expiration. If unable to solicit an Last-Modified header, then the system will fall back to the Cache Expire Time value. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| ignore_request_cache_control | Ignore request cache control Ignore client's cache control headers when fetching or storing from and to the cache. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| max_cache_size | Max cache size Max size, in bytes, of the cache. The default, zero, indicates auto configuration. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| max_object_size | Max object size Maximum size of an object to store in the cache. Default value when not specified in API or module is interpreted by ALB Controller as 4194304. |
integer | Default: "4194304" |
| mime_types_block_group_paths | Mime types block group paths Blocklist string group of non-cacheable mime types. It is a reference to an object of type StringGroup. |
array of string | |
| mime_types_block_lists | Mime types block lists Blocklist of non-cacheable mime types. |
array of string | |
| mime_types_group_paths | Mime types group paths Allowlist string group of cacheable mime types. If both Cacheable Mime Types string list and string group are empty, this defaults to (STAR)/(STAR). It is a reference to an object of type StringGroup. |
array of string | |
| mime_types_list | Mime types list Allowlist of cacheable mime types. If both Cacheable Mime Types string list and string group are empty, this defaults to (STAR)/(STAR). |
array of string | |
| min_object_size | Min object size Minimum size of an object to store in the cache. Default value when not specified in API or module is interpreted by ALB Controller as 100. |
integer | Default: "100" |
| query_cacheable | Query cacheable Allow caching of objects whose URI included a query argument. When disabled, these objects are not cached. When enabled, the request must match the URI query to be considered a hit. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| uri_non_cacheable | Uri non cacheable Non-cacheable URI configuration with match criteria. |
ALBPathMatch | |
| xcache_header | Xcache header Add an X-Cache header to content served from cache, which indicates to the client that the object was served from an intermediate cache. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBHttpCookiePersistenceKey (schema)
HttpCookiePersistenceKey
Advanced load balancer HttpCookiePersistenceKey object
| Name | Description | Type | Notes |
|---|---|---|---|
| aes_key | Aes key aes_key of HttpCookiePersistenceKey. |
string | |
| hmac_key | Hmac key hmac_key of HttpCookiePersistenceKey. |
string | |
| name | Name name to use for cookie encryption. |
string |
ALBHttpCookiePersistenceProfile (schema)
HttpCookiePersistenceProfile
Advanced load balancer HttpCookiePersistenceProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| always_send_cookie | Always send cookie If no persistence cookie was received from the client, always send it. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| cookie_name | Cookie name HTTP cookie name for cookie persistence. |
string | |
| encryption_key | Encryption key Key name to use for cookie encryption. |
string | |
| key | Key Placeholder for description of property key of obj type HttpCookiePersistenceProfile field type str type array. |
array of ALBHttpCookiePersistenceKey | |
| timeout | Timeout The maximum lifetime of any session cookie. No value or 'zero' indicates no timeout. Allowed values are 1-14400. Special values are 0- 'No Timeout'. Unit is MIN. |
integer | Minimum: 0 Maximum: 14400 |
ALBHttpReselectRespCodeBlock (schema)
HttpReselectRespCodeBlock type
Valid ENUM values for ALBHttpReselectRespCodeBlock
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHttpReselectRespCodeBlock | HttpReselectRespCodeBlock type Valid ENUM values for ALBHttpReselectRespCodeBlock |
string | Enum: HTTP_RSP_4XX, HTTP_RSP_5XX |
ALBHttpResponseCode (schema)
HttpResponseCode type
Valid ENUM values for ALBHttpResponseCode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHttpResponseCode | HttpResponseCode type Valid ENUM values for ALBHttpResponseCode |
string | Enum: HTTP_ANY, HTTP_1XX, HTTP_2XX, HTTP_3XX, HTTP_4XX, HTTP_5XX |
ALBIPNetworkSubnet (schema)
IPNetworkSubnet
Advanced load balancer IPNetworkSubnet object
| Name | Description | Type | Notes |
|---|---|---|---|
| network_name | Network name Network for VirtualService IP allocation with Vantage as the IPAM provider. Network should be created before this is configured. It is a reference to an object of type Network. |
string | |
| subnet | Subnet Subnet for VirtualService IP allocation with Vantage or Infoblox as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed. |
ALBIpAddrPrefix | |
| subnet6 | Subnet6 Subnet for VirtualService IPv6 allocation with Vantage or Infoblox as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBIpAddrPrefix | |
| subnet6_uuid | Subnet6 uuid Subnet UUID or Name or Prefix for VirtualService IPv6 allocation with AWS or OpenStack as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| subnet_uuid | Subnet uuid Subnet UUID or Name or Prefix for VirtualService IP allocation with AWS or OpenStack as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed. |
string |
ALBIPPersistenceProfile (schema)
IPPersistenceProfile
Advanced load balancer IPPersistenceProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_mask | Ip mask Mask to be applied on client IP. This may be used to persist clients from a subnet to the same server. When set to 0, all requests are sent to the same server. Allowed values are 0-128. Allowed in Basic edition, Essentials edition, Enterprise edition. |
integer | Minimum: 0 Maximum: 128 |
| ip_persistent_timeout | Ip persistent timeout The length of time after a client's connections have closed before expiring the client's persistence to a server. Allowed values are 1-720. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 5. |
integer | Minimum: 1 Maximum: 720 Default: "5" |
ALBIdleConnectionType (schema)
IdleConnectionType type
Valid ENUM values for ALBIdleConnectionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBIdleConnectionType | IdleConnectionType type Valid ENUM values for ALBIdleConnectionType |
string | Enum: KEEP_ALIVE, CLOSE_IDLE |
ALBIpAddr (schema)
IpAddr
Advanced load balancer IpAddr object
| Name | Description | Type | Notes |
|---|---|---|---|
| addr | Addr IP address. |
string | Required |
| type | Type Enum options - V4, DNS, V6. |
ALBIpAddrType | Required |
ALBIpAddrGroup (schema)
IpAddrGroup
Advanced load balancer IpAddrGroup object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| addrs | Addrs Configure IP address(es). |
array of ALBIpAddr | |
| apic_epg_name | Apic epg name Populate IP addresses from members of this Cisco APIC EPG. |
string | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| country_codes | Country codes Populate the IP address ranges from the geo database for this country. |
array of string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip_ports | Ip ports Configure (IP address, port) tuple(s). |
array of ALBIpAddrPort | |
| marathon_app_name | Marathon app name Populate IP addresses from tasks of this Marathon app. |
string | |
| marathon_service_port | Marathon service port Task port associated with marathon service port. If Marathon app has multiple service ports, this is required. Else, the first task port is used. |
integer | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| prefixes | Prefixes Configure IP address prefix(es). |
array of ALBIpAddrPrefix | |
| ranges | Ranges Configure IP address range(s). |
array of ALBIpAddrRange | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBIpAddrGroup | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBIpAddrGroupApiResponse (schema)
IpAddrGroupApiResponse
IpAddrGroupApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of IpAddrGroup Array of IpAddrGroup |
array of ALBIpAddrGroup | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBIpAddrMatch (schema)
IpAddrMatch
Advanced load balancer IpAddrMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| addrs | Addrs IP address(es). |
array of ALBIpAddr | |
| group_paths | Group paths path of IP address group(s). It is a reference to an object of type IpAddrGroup. |
array of string | |
| match_criteria | Match criteria Criterion to use for IP address matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| prefixes | Prefixes IP address prefix(es). |
array of ALBIpAddrPrefix | |
| ranges | Ranges IP address range(s). |
array of ALBIpAddrRange |
ALBIpAddrPort (schema)
IpAddrPort
Advanced load balancer IpAddrPort object
| Name | Description | Type | Notes |
|---|---|---|---|
| hostname | Hostname Hostname of server. One of IP address or hostname should be set. |
string | |
| ip | Ip IP Address of host. One of IP address or hostname should be set. |
ALBIpAddr | |
| name | Name Name of the object. |
string | |
| port | Port Port number of server. Allowed values are 1-65535. |
integer | Required Minimum: 1 Maximum: 65535 |
ALBIpAddrPrefix (schema)
IpAddrPrefix
Advanced load balancer IpAddrPrefix object
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_addr | Ip addr Placeholder for description of property ip_addr of obj type IpAddrPrefix field type str type ref. |
ALBIpAddr | Required |
| mask | Mask Number of mask. |
integer | Required |
ALBIpAddrRange (schema)
IpAddrRange
Advanced load balancer IpAddrRange object
| Name | Description | Type | Notes |
|---|---|---|---|
| begin | Begin Starting IP address of the range. |
ALBIpAddr | Required |
| end | End Ending IP address of the range. |
ALBIpAddr | Required |
ALBIpAddrType (schema)
IpAddrType type
Valid ENUM values for ALBIpAddrType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBIpAddrType | IpAddrType type Valid ENUM values for ALBIpAddrType |
string | Enum: V4, DNS, V6 |
ALBIpAddressVersions (schema)
IpAddressVersions type
Valid ENUM values for ALBIpAddressVersions
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBIpAddressVersions | IpAddressVersions type Valid ENUM values for ALBIpAddressVersions |
string | Enum: V4_ONLY, V6_ONLY, V4_V6 |
ALBKeyValue (schema)
KeyValue
Advanced load balancer KeyValue object
| Name | Description | Type | Notes |
|---|---|---|---|
| key | Key Key. |
string | Required |
| value | Value Value. |
string |
ALBL4ConnectionPolicy (schema)
L4ConnectionPolicy
Advanced load balancer L4ConnectionPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| rules | Rules Rules to apply when a new transport connection is setup. |
array of ALBL4Rule |
ALBL4Policies (schema)
L4Policies
Advanced load balancer L4Policies object
| Name | Description | Type | Notes |
|---|---|---|---|
| index | Index Index of the virtual service L4 policy set. |
integer | Required |
| l4_policy_set_path | L4 policy set path ID of the virtual service L4 policy set. It is a reference to an object of type L4PolicySet. |
string | Required |
ALBL4PolicySet (schema)
L4PolicySet
Advanced load balancer L4PolicySet object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| created_by | Created by Creator name. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| is_internal_policy | Is internal policy Placeholder for description of property is_internal_policy of obj type L4PolicySet field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| l4_connection_policy | L4 connection policy Policy to apply when a new transport connection is setup. |
ALBL4ConnectionPolicy | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBL4PolicySet | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBL4PolicySetApiResponse (schema)
L4PolicySetApiResponse
L4PolicySetApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of L4PolicySet Array of L4PolicySet |
array of ALBL4PolicySet | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBL4Rule (schema)
L4Rule
Advanced load balancer L4Rule object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Action to be performed upon successful rule match. |
ALBL4RuleAction | |
| enable | Enable Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| index | Index Index of the rule. |
integer | Required |
| match | Match Match criteria of the rule. |
ALBL4RuleMatchTarget | |
| name | Name Name of the rule. |
string | Required |
ALBL4RuleAction (schema)
L4RuleAction
Advanced load balancer L4RuleAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| select_pool | Select pool Indicates pool or pool-group selection on rule match. |
ALBL4RuleActionSelectPool |
ALBL4RuleActionSelectPool (schema)
L4RuleActionSelectPool
Advanced load balancer L4RuleActionSelectPool object
| Name | Description | Type | Notes |
|---|---|---|---|
| action_type | Action type Indicates action to take on rule match. Enum options - L4_RULE_ACTION_SELECT_POOL, L4_RULE_ACTION_SELECT_POOLGROUP. Allowed in Basic(Allowed values- L4_RULE_ACTION_SELECT_POOL) edition, Essentials(Allowed values- L4_RULE_ACTION_SELECT_POOL) edition, Enterprise edition. |
ALBL4RuleActionSelectPoolType | Required |
| pool_group_path | Pool group path ID of the pool group to serve the request. It is a reference to an object of type PoolGroup. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| pool_path | Pool path ID of the pool of servers to serve the request. It is a reference to an object of type Pool. |
string |
ALBL4RuleActionSelectPoolType (schema)
L4RuleActionSelectPoolType type
Valid ENUM values for ALBL4RuleActionSelectPoolType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBL4RuleActionSelectPoolType | L4RuleActionSelectPoolType type Valid ENUM values for ALBL4RuleActionSelectPoolType |
string | Enum: L4_RULE_ACTION_SELECT_POOL, L4_RULE_ACTION_SELECT_POOLGROUP |
ALBL4RuleMatchTarget (schema)
L4RuleMatchTarget
Advanced load balancer L4RuleMatchTarget object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip | Client ip IP addresses to match against client IP. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBIpAddrMatch | |
| port | Port Port number to match against Virtual Service listner port. |
ALBL4RulePortMatch | |
| protocol | Protocol TCP/UDP/ICMP protocol to match against transport protocol. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBL4RuleProtocolMatch |
ALBL4RulePortMatch (schema)
L4RulePortMatch
Advanced load balancer L4RulePortMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for Virtual Service port matching. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| port_ranges | Port ranges Range of TCP/UDP port numbers of the Virtual Service. |
array of ALBPortRange | |
| ports | Ports Virtual Service's listening port(s). Allowed values are 1-65535. |
array of integer |
ALBL4RuleProtocolMatch (schema)
L4RuleProtocolMatch
Advanced load balancer L4RuleProtocolMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for transport protocol matching. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| protocol | Protocol Transport protocol to match. Enum options - PROTOCOL_ICMP, PROTOCOL_TCP, PROTOCOL_UDP. |
ALBProtocol | Required |
ALBLbAlgorithm (schema)
LbAlgorithm type
Valid ENUM values for ALBLbAlgorithm
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBLbAlgorithm | LbAlgorithm type Valid ENUM values for ALBLbAlgorithm |
string | Enum: LB_ALGORITHM_LEAST_CONNECTIONS, LB_ALGORITHM_ROUND_ROBIN, LB_ALGORITHM_FASTEST_RESPONSE, LB_ALGORITHM_CONSISTENT_HASH, LB_ALGORITHM_LEAST_LOAD, LB_ALGORITHM_FEWEST_SERVERS, LB_ALGORITHM_RANDOM, LB_ALGORITHM_FEWEST_TASKS, LB_ALGORITHM_NEAREST_SERVER, LB_ALGORITHM_CORE_AFFINITY, LB_ALGORITHM_TOPOLOGY |
ALBLbAlgorithmConsistentHash (schema)
LbAlgorithmConsistentHash type
Valid ENUM values for ALBLbAlgorithmConsistentHash
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBLbAlgorithmConsistentHash | LbAlgorithmConsistentHash type Valid ENUM values for ALBLbAlgorithmConsistentHash |
string | Enum: LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS, LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT, LB_ALGORITHM_CONSISTENT_HASH_URI, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_HEADER, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_STRING, LB_ALGORITHM_CONSISTENT_HASH_CALLID |
ALBLdapAuthSettings (schema)
LdapAuthSettings
Advanced load balancer LdapAuthSettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| base_dn | Base dn The LDAP base DN. For example, avinetworks.com would be DC=avinetworks,DC=com. |
string | |
| bind_as_administrator | Bind as administrator LDAP administrator credentials are used to search for users and group memberships. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| email_attribute | Email attribute LDAP attribute that refers to user email. Default value when not specified in API or module is interpreted by ALB Controller as email. |
string | Default: "email" |
| full_name_attribute | Full name attribute LDAP attribute that refers to user's full name. Default value when not specified in API or module is interpreted by ALB Controller as name. |
string | Default: "name" |
| port | Port Query the LDAP servers on this port. Default value when not specified in API or module is interpreted by ALB Controller as 389. |
integer | Default: "389" |
| security_mode | Security mode LDAP connection security mode. Enum options - AUTH_LDAP_SECURE_NONE, AUTH_LDAP_SECURE_USE_LDAPS. |
ALBAuthLdapSecurityMode | |
| server | Server LDAP server IP address or Hostname. Use IP address if an auth profile is used to configure Virtual Service. Minimum of 1 items required. |
array of string | Required |
| settings | Settings LDAP full directory configuration with administrator credentials. |
ALBLdapDirectorySettings | |
| user_bind | User bind LDAP anonymous bind configuration. |
ALBLdapUserBindSettings |
ALBLdapDirectorySettings (schema)
LdapDirectorySettings
Advanced load balancer LdapDirectorySettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| admin_bind_dn | Admin bind dn LDAP Admin User DN. Administrator credentials are required to search for users under user search DN or groups under group search DN. |
string | |
| group_filter | Group filter Group filter is used to identify groups during search. Default value when not specified in API or module is interpreted by ALB Controller as (objectClass=(STAR)). |
string | Default: "(objectClass=*)" |
| group_member_attribute | Group member attribute LDAP group attribute that identifies each of the group members. Default value when not specified in API or module is interpreted by ALB Controller as member. |
string | Default: "member" |
| group_member_is_full_dn | Group member is full dn Group member entries contain full DNs instead of just user id attribute values. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| group_search_dn | Group search dn LDAP group search DN is the root of search for a given group in the LDAP directory. Only matching groups present in this LDAP directory sub-tree will be checked for user membership. |
string | |
| group_search_scope | Group search scope LDAP group search scope defines how deep to search for the group starting from the group search DN. Enum options - AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_LDAP_SCOPE_SUBTREE. |
ALBAuthLdapSearchScope | Default: "AUTH_LDAP_SCOPE_SUBTREE" |
| ignore_referrals | Ignore referrals During user or group search, ignore searching referrals. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| password | Password LDAP Admin User Password. |
string | |
| user_attributes | User attributes LDAP user attributes to fetch on a successful user bind. |
array of string | |
| user_id_attribute | User id attribute LDAP user id attribute is the login attribute that uniquely identifies a single user record. |
string | |
| user_search_dn | User search dn LDAP user search DN is the root of search for a given user in the LDAP directory. Only user records present in this LDAP directory sub-tree will be validated. |
string | |
| user_search_scope | User search scope LDAP user search scope defines how deep to search for the user starting from user search DN. Enum options - AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_LDAP_SCOPE_ONE. |
ALBAuthLdapSearchScope | Default: "AUTH_LDAP_SCOPE_ONE" |
ALBLdapUserBindSettings (schema)
LdapUserBindSettings
Advanced load balancer LdapUserBindSettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| dn_template | Dn template LDAP user DN pattern is used to bind LDAP user after replacing the user token with real username. |
string | |
| token | Token LDAP token is replaced with real user name in the user DN pattern. Default value when not specified in API or module is interpreted by ALB Controller as |
string | Default: " |
| user_attributes | User attributes LDAP user attributes to fetch on a successful user bind. |
array of string | |
| user_id_attribute | User id attribute LDAP user id attribute is the login attribute that uniquely identifies a single user record. |
string |
ALBLocationHdrMatch (schema)
LocationHdrMatch
Advanced load balancer LocationHdrMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_case | Match case Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. |
ALBMatchCase | Default: "INSENSITIVE" |
| match_criteria | Match criteria Criterion to use for matching location header value in the HTTP response. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. |
ALBHdrMatchOperation | Required |
| value | Value String value(s) in the location header. |
array of string |
ALBLogAction (schema)
LogAction type
Valid ENUM values for ALBLogAction
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBLogAction | LogAction type Valid ENUM values for ALBLogAction |
string | Enum: LOG_FIELD_REMOVE, LOG_FIELD_MASKOFF |
ALBLogStreamingFormatType (schema)
LogStreamingFormatType type
Valid ENUM values for ALBLogStreamingFormatType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBLogStreamingFormatType | LogStreamingFormatType type Valid ENUM values for ALBLogStreamingFormatType |
string | Enum: LOG_STREAMING_FORMAT_JSON_FULL, LOG_STREAMING_FORMAT_JSON_SELECTED |
ALBLogsProcessingType (schema)
LogsProcessingType type
Valid ENUM values for ALBLogsProcessingType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBLogsProcessingType | LogsProcessingType type Valid ENUM values for ALBLogsProcessingType |
string | Enum: LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND |
ALBLogsType (schema)
LogsType type
Valid ENUM values for ALBLogsType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBLogsType | LogsType type Valid ENUM values for ALBLogsType |
string | Enum: LOGS_SIGNIFICANT_ONLY, LOGS_UDF_ONLY, LOGS_UDF_SIGNIFICANT, LOGS_ALL |
ALBMatchCase (schema)
MatchCase type
Valid ENUM values for ALBMatchCase
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBMatchCase | MatchCase type Valid ENUM values for ALBMatchCase |
string | Enum: SENSITIVE, INSENSITIVE |
ALBMatchOperation (schema)
MatchOperation type
Valid ENUM values for ALBMatchOperation
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBMatchOperation | MatchOperation type Valid ENUM values for ALBMatchOperation |
string | Enum: IS_IN, IS_NOT_IN |
ALBMatchReplacePair (schema)
MatchReplacePair
Advanced load balancer MatchReplacePair object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_string | Match string String to be matched. |
string | Required |
| replacement_string | Replacement string Replacement string. |
ALBReplaceStringVar |
ALBMatchTarget (schema)
MatchTarget
Advanced load balancer MatchTarget object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip | Client ip Configure client ip addresses. |
ALBIpAddrMatch | |
| cookie | Cookie Configure HTTP cookie(s). |
ALBCookieMatch | |
| hdrs | Hdrs Configure HTTP header(s). |
array of ALBHdrMatch | |
| host_hdr | Host hdr Configure the host header. |
ALBHostHdrMatch | |
| method | Method Configure HTTP methods. |
ALBMethodMatch | |
| path | Path Configure request paths. |
ALBPathMatch | |
| protocol | Protocol Configure the type of HTTP protocol. |
ALBProtocolMatch | |
| query | Query Configure request query. |
ALBQueryMatch | |
| version | Version Configure versions of the HTTP protocol. |
ALBHTTPVersionMatch | |
| vs_port | Vs port Configure virtual service ports. |
ALBPortMatch |
ALBMethodMatch (schema)
MethodMatch
Advanced load balancer MethodMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for HTTP method matching the method in the HTTP request. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| methods | Methods Configure HTTP method(s). Enum options - HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK. Minimum of 1 items required. Maximum of 16 items allowed. Allowed in Basic(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS) edition, Essentials(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS) edition, Enterprise edition. |
array of ALBHTTPMethod | Required |
ALBMetricsRealTimeUpdate (schema)
MetricsRealTimeUpdate
Advanced load balancer MetricsRealTimeUpdate object
| Name | Description | Type | Notes |
|---|---|---|---|
| duration | Duration Real time metrics collection duration in minutes. 0 for infinite. Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30. |
integer | Default: "30" |
| enabled | Enabled Enables real time metrics collection. When deactivated, 6 hour view is the most granular the system will track. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Required Default: "False" |
ALBMicroServiceMatch (schema)
MicroServiceMatch
Advanced load balancer MicroServiceMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for Micro Service matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
ALBNetworkFilter (schema)
NetworkFilter
Advanced load balancer NetworkFilter object
| Name | Description | Type | Notes |
|---|---|---|---|
| server_filter | Server filter server_filter of NetworkFilter. |
string |
ALBNetworkProfile (schema)
NetworkProfile
Advanced load balancer NetworkProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| connection_mirror | Connection mirror When enabled, Avi mirrors all TCP fastpath connections to standby. Applicable only in Legacy HA Mode. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| profile | Profile Placeholder for description of property profile of obj type NetworkProfile field type str type ref. |
ALBNetworkProfileUnion | Required |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBNetworkProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBNetworkProfileApiResponse (schema)
NetworkProfileApiResponse
NetworkProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of NetworkProfile Array of NetworkProfile |
array of ALBNetworkProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBNetworkProfileUnion (schema)
NetworkProfileUnion
Advanced load balancer NetworkProfileUnion object
| Name | Description | Type | Notes |
|---|---|---|---|
| tcp_fast_path_profile | Tcp fast path profile Placeholder for description of property tcp_fast_path_profile of obj type NetworkProfileUnion field type str type ref. |
ALBTCPFastPathProfile | |
| tcp_proxy_profile | Tcp proxy profile Placeholder for description of property tcp_proxy_profile of obj type NetworkProfileUnion field type str type ref. |
ALBTCPProxyProfile | |
| type | Type Configure one of either proxy or fast path profiles. Enum options - PROTOCOL_TYPE_TCP_PROXY, PROTOCOL_TYPE_TCP_FAST_PATH, PROTOCOL_TYPE_UDP_FAST_PATH, PROTOCOL_TYPE_UDP_PROXY. Allowed in Basic(Allowed values- PROTOCOL_TYPE_TCP_PROXY,PROTOCOL_TYPE_TCP_FAST_PATH,PROTOCOL_TYPE_UDP_FAST_PATH) edition, Essentials(Allowed values- PROTOCOL_TYPE_TCP_FAST_PATH,PROTOCOL_TYPE_UDP_FAST_PATH) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PROTOCOL_TYPE_TCP_PROXY. |
ALBProtocolType | Required Default: "PROTOCOL_TYPE_TCP_PROXY" |
| udp_fast_path_profile | Udp fast path profile Placeholder for description of property udp_fast_path_profile of obj type NetworkProfileUnion field type str type ref. |
ALBUDPFastPathProfile | |
| udp_proxy_profile | Udp proxy profile Configure UDP Proxy network profile. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBUDPProxyProfile |
ALBNetworkSecurityMatchTarget (schema)
NetworkSecurityMatchTarget
Advanced load balancer NetworkSecurityMatchTarget object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip | Client ip Placeholder for description of property client_ip of obj type NetworkSecurityMatchTarget field type str type ref. |
ALBIpAddrMatch | |
| microservice | Microservice Placeholder for description of property microservice of obj type NetworkSecurityMatchTarget field type str type ref. |
ALBMicroServiceMatch | |
| vs_port | Vs port Placeholder for description of property vs_port of obj type NetworkSecurityMatchTarget field type str type ref. |
ALBPortMatch |
ALBNetworkSecurityPolicy (schema)
NetworkSecurityPolicy
Advanced load balancer NetworkSecurityPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cloud_config_cksum | Cloud config cksum Checksum of cloud configuration for Network Sec Policy. Internally set by cloud connector. |
string | |
| created_by | Created by Creator name. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBNetworkSecurityPolicy | string | |
| rules | Rules Placeholder for description of property rules of obj type NetworkSecurityPolicy field type str type array. |
array of ALBNetworkSecurityRule | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBNetworkSecurityPolicyActionRLParam (schema)
NetworkSecurityPolicyActionRLParam
Advanced load balancer NetworkSecurityPolicyActionRLParam object
| Name | Description | Type | Notes |
|---|---|---|---|
| burst_size | Burst size Maximum number of connections or requests or packets to be rate limited instantaneously. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Required Default: "0" |
| max_rate | Max rate Maximum number of connections or requests or packets per second. Allowed values are 1-4294967295. |
integer | Required Minimum: 1 Maximum: 4294967295 |
ALBNetworkSecurityPolicyActionType (schema)
NetworkSecurityPolicyActionType type
Valid ENUM values for ALBNetworkSecurityPolicyActionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBNetworkSecurityPolicyActionType | NetworkSecurityPolicyActionType type Valid ENUM values for ALBNetworkSecurityPolicyActionType |
string | Enum: NETWORK_SECURITY_POLICY_ACTION_TYPE_ALLOW, NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY, NETWORK_SECURITY_POLICY_ACTION_TYPE_RATE_LIMIT |
ALBNetworkSecurityPolicyApiResponse (schema)
NetworkSecurityPolicyApiResponse
NetworkSecurityPolicyApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of NetworkSecurityPolicy Array of NetworkSecurityPolicy |
array of ALBNetworkSecurityPolicy | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBNetworkSecurityRule (schema)
NetworkSecurityRule
Advanced load balancer NetworkSecurityRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Enum options - NETWORK_SECURITY_POLICY_ACTION_TYPE_ALLOW, NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY, NETWORK_SECURITY_POLICY_ACTION_TYPE_RATE_LIMIT. Allowed in Basic(Allowed values- NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY) edition, Essentials(Allowed values- NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY) edition, Enterprise edition. |
ALBNetworkSecurityPolicyActionType | Required |
| age | Age Time in minutes after which rule will be deleted. Allowed values are 1-4294967295. Special values are 0- 'blocked for ever'. Unit is MIN. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 4294967295 Default: "0" |
| created_by | Created by Creator name. |
string | |
| enable | Enable Placeholder for description of property enable of obj type NetworkSecurityRule field type str type boolean. |
boolean | Required |
| index | Index Number of index. |
integer | Required |
| log | Log Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| match | Match Placeholder for description of property match of obj type NetworkSecurityRule field type str type ref. |
ALBNetworkSecurityMatchTarget | Required |
| name | Name Name of the object. |
string | Required |
| rl_param | Rl param Placeholder for description of property rl_param of obj type NetworkSecurityRule field type str type ref. |
ALBNetworkSecurityPolicyActionRLParam |
ALBOCSPConfig (schema)
OCSPConfig
Advanced load balancer OCSPConfig object
| Name | Description | Type | Notes |
|---|---|---|---|
| failed_ocsp_jobs_retry_interval | Failed ocsp jobs retry interval Describes the Time Interval after which the next OCSP job needs to be scheduled in case of the OCSP job failures. Allowed values are 60-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 3600. |
integer | Minimum: 60 Maximum: 86400 Default: "3600" |
| max_tries | Max tries Maximum number of times the failed OCSP jobs can be scheduled. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Default: "10" |
| ocsp_req_interval | Ocsp req interval Interval between the OCSP queries. Allowed values are 60-31536000. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 86400. |
integer | Minimum: 60 Maximum: 31536000 Default: "86400" |
| ocsp_resp_timeout | Ocsp resp timeout Time in seconds that the system waits for a reply from the OCSP responder before dropping the connection. Unit is SEC. |
integer | |
| responder_url_lists | Responder url lists List of Responder URLs configured by user to do failover/override the AIA extension contained in the OCSP responder's SSL/TLS certificate. |
array of string | |
| url_action | Url action Describes the type of action to take with the Responder URLs. Enum options - OCSP_RESPONDER_URL_FAILOVER, OCSP_RESPONDER_URL_OVERRIDE. Default value when not specified in API or module is interpreted by ALB Controller as OCSP_RESPONDER_URL_FAILOVER. |
ALBOCSPResponderUrlAction | Default: "OCSP_RESPONDER_URL_FAILOVER" |
ALBOCSPResponderUrlAction (schema)
OCSPResponderUrlAction type
Valid ENUM values for ALBOCSPResponderUrlAction
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBOCSPResponderUrlAction | OCSPResponderUrlAction type Valid ENUM values for ALBOCSPResponderUrlAction |
string | Enum: OCSP_RESPONDER_URL_FAILOVER, OCSP_RESPONDER_URL_OVERRIDE |
ALBOperationMode (schema)
OperationMode type
Valid ENUM values for ALBOperationMode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBOperationMode | OperationMode type Valid ENUM values for ALBOperationMode |
string | Enum: DETECTION, MITIGATION |
ALBPGDeploymentRule (schema)
PGDeploymentRule
Advanced load balancer PGDeploymentRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| metric_id | Metric id metric_id of PGDeploymentRule. Default value when not specified in API or module is interpreted by ALB Controller as health.health_score_value. |
string | Default: "health.health_score_value" |
| operator | Operator Enum options - CO_EQ, CO_GT, CO_GE, CO_LT, CO_LE, CO_NE. Default value when not specified in API or module is interpreted by ALB Controller as CO_GE. |
ALBComparisonOperator | Default: "CO_GE" |
| threshold | Threshold metric threshold that is used as the pass fail. If it is not provided then it will simply compare it with current pool vs new pool. |
number |
ALBPKIProfile (schema)
PKIProfile
Advanced load balancer PKIProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| ca_certs | Ca certs List of Certificate Authorities (Root and Intermediate) trusted that is used for certificate validation. |
array of ALBSSLCertificate | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| created_by | Created by Creator name. |
string | |
| crl_check | Crl check When enabled, Avi will verify via CRL checks that certificates in the trust chain have not been revoked. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| crls | Crls Certificate Revocation Lists. |
array of ALBCRL | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ignore_peer_chain | Ignore peer chain When enabled, Avi will not trust Intermediate and Root certs presented by a client. Instead, only the chain certs configured in the Certificate Authority section will be used to verify trust of the client's cert. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Special default for Basic edition is true, Essentials edition is true, Enterprise is False. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| is_federated | Is federated This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBPKIProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| validate_only_leaf_crl | Validate only leaf crl When enabled, Avi will only validate the revocation status of the leaf certificate using CRL. To enable validation for the entire chain, disable this option and provide all the relevant CRLs. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBPKIProfileApiResponse (schema)
PKIProfileApiResponse
PKIProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of PKIProfile Array of PKIProfile |
array of ALBPKIProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBPathMatch (schema)
PathMatch
Advanced load balancer PathMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_case | Match case Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. |
ALBMatchCase | Default: "INSENSITIVE" |
| match_criteria | Match criteria Criterion to use for matching the path in the HTTP request URI. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as CONTAINS. |
ALBStringOperation | Required Default: "CONTAINS" |
| match_str | Match str String values. |
array of string | |
| string_group_paths | String group paths path of the string group(s). It is a reference to an object of type StringGroup. |
array of string |
ALBPerformanceLimits (schema)
PerformanceLimits
Advanced load balancer PerformanceLimits object
| Name | Description | Type | Notes |
|---|---|---|---|
| max_concurrent_connections | Max concurrent connections The maximum number of concurrent client conections allowed to the Virtual Service. |
integer | |
| max_throughput | Max throughput The maximum throughput per second for all clients allowed through the client side of the Virtual Service. |
integer |
ALBPersistenceProfileType (schema)
PersistenceProfileType type
Valid ENUM values for ALBPersistenceProfileType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPersistenceProfileType | PersistenceProfileType type Valid ENUM values for ALBPersistenceProfileType |
string | Enum: PERSISTENCE_TYPE_CLIENT_IP_ADDRESS, PERSISTENCE_TYPE_HTTP_COOKIE, PERSISTENCE_TYPE_TLS, PERSISTENCE_TYPE_CLIENT_IPV6_ADDRESS, PERSISTENCE_TYPE_CUSTOM_HTTP_HEADER, PERSISTENCE_TYPE_APP_COOKIE, PERSISTENCE_TYPE_GSLB_SITE |
ALBPersistentServerHMDownRecovery (schema)
PersistentServerHMDownRecovery type
Valid ENUM values for ALBPersistentServerHMDownRecovery
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPersistentServerHMDownRecovery | PersistentServerHMDownRecovery type Valid ENUM values for ALBPersistentServerHMDownRecovery |
string | Enum: HM_DOWN_PICK_NEW_SERVER, HM_DOWN_ABORT_CONNECTION, HM_DOWN_CONTINUE_PERSISTENT_SERVER |
ALBPlacementNetwork (schema)
PlacementNetwork
Advanced load balancer PlacementNetwork object
| Name | Description | Type | Notes |
|---|---|---|---|
| network_name | Network name It is a reference to an object of type Network. |
string | Required |
| subnet | Subnet Placeholder for description of property subnet of obj type PlacementNetwork field type str type ref. |
ALBIpAddrPrefix | Required |
ALBPool (schema)
Pool
Advanced load balancer Pool object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| analytics_policy | Analytics policy Determines analytics settings for the pool. |
ALBPoolAnalyticsPolicy | |
| analytics_profile_path | Analytics profile path Specifies settings related to analytics. It is a reference to an object of type AnalyticsProfile. |
string | |
| apic_epg_name | Apic epg name Synchronize Cisco APIC EPG members with pool servers. |
string | |
| application_persistence_profile_path | Application persistence profile path Persistence will ensure the same user sticks to the same server for a desired duration of time. It is a reference to an object of type ApplicationPersistenceProfile. |
string | |
| autoscale_launch_config_path | Autoscale launch config path If configured then Avi will trigger orchestration of pool server creation and deletion. It is a reference to an object of type AutoScaleLaunchConfig. |
string | |
| autoscale_networks | Autoscale networks Network Ids for the launch configuration. |
array of string | |
| autoscale_policy_path | Autoscale policy path Reference to Server Autoscale Policy. It is a reference to an object of type ServerAutoScalePolicy. |
string | |
| capacity_estimation | Capacity estimation Inline estimation of capacity of servers. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| capacity_estimation_ttfb_thresh | Capacity estimation ttfb thresh The maximum time-to-first-byte of a server. Allowed values are 1-5000. Special values are 0 - 'Automatic'. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 5000 Default: "0" |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cloud_config_cksum | Cloud config cksum Checksum of cloud configuration for Pool. Internally set by cloud connector. |
string | |
| cloud_name | Cloud name It is a reference to an object of type Cloud. |
string | |
| conn_pool_properties | Conn pool properties Connnection pool properties. |
ALBConnPoolProperties | |
| connection_ramp_duration | Connection ramp duration Duration for which new connections will be gradually ramped up to a server recently brought online. Useful for LB algorithms that are least connection based. Allowed values are 1-300. Special values are 0 - 'Immediate'. Unit is MIN. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Special default for Basic edition is 0, Essentials edition is 0, Enterprise is 10. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 300 Default: "0" |
| created_by | Created by Creator name. |
string | |
| default_server_port | Default server port Traffic sent to servers will use this destination server port unless overridden by the server's specific port attribute. The SSL checkbox enables Avi to server encryption. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 80. |
integer | Minimum: 1 Maximum: 65535 Default: "80" |
| delete_server_on_dns_refresh | Delete server on dns refresh Indicates whether existing IPs are disabled(false) or deleted(true) on dns hostname refreshDetail -- On a dns refresh, some IPs set on pool may no longer be returned by the resolver. These IPs are deleted from the pool when this knob is set to true. They are disabled, if the knob is set to false. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| domain_name | Domain name Comma separated list of domain names which will be used to verify the common names or subject alternative names presented by server certificates. It is performed only when common name check host_check_enabled is enabled. |
array of string | |
| east_west | East west Inherited config from VirtualService. |
boolean | |
| enable_http2 | Enable http2 Enable HTTP/2 for traffic from VirtualService to all backend servers in this pool. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enabled | Enabled Enable or disable the pool. Disabling will terminate all open connections and pause health monitors. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| external_autoscale_groups | External autoscale groups Names of external auto-scale groups for pool servers. Currently available only for AWS and Azure. |
array of string | |
| fail_action | Fail action Enable an action - Close Connection, HTTP Redirect or Local HTTP Response - when a pool failure happens. By default, a connection will be closed, in case the pool experiences a failure. |
ALBFailAction | |
| fewest_tasks_feedback_delay | Fewest tasks feedback delay Periodicity of feedback for fewest tasks server selection algorithm. Allowed values are 1-300. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Minimum: 1 Maximum: 300 Default: "10" |
| graceful_disable_timeout | Graceful disable timeout Used to gracefully disable a server. Virtual service waits for the specified time before terminating the existing connections to the servers that are disabled. Allowed values are 1-7200. Special values are 0 - 'Immediate', -1 - 'Infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Minimum: -1 Maximum: 7200 Default: "1" |
| group_paths | Group paths A list of NSX Groups where the Servers for the Pool are created . |
array of string | |
| gslb_sp_enabled | Gslb sp enabled Indicates if the pool is a site-persistence pool. Allowed in Basic edition, Essentials edition, Enterprise edition. |
boolean | |
| health_monitor_paths | Health monitor paths Verify server health by applying one or more health monitors. Active monitors generate synthetic traffic from each Service Engine and mark a server up or down based on the response. The Passive monitor listens only to client to server communication. It raises or lowers the ratio of traffic destined to a server based on successful responses. It is a reference to an object of type HealthMonitor. Maximum of 50 items allowed. |
array of string | |
| host_check_enabled | Host check enabled Enable common name check for server certificate. If enabled and no explicit domain name is specified, Avi will use the incoming host header to do the match. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| ignore_server_port | Ignore server port Ignore the server port in building the load balancing state.Applicable only for consistent hash load balancing algorithm or Disable Port translation (use_service_port) use cases. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| inline_health_monitor | Inline health monitor The Passive monitor will monitor client to server connections and requests and adjust traffic load to servers based on successful responses. This may alter the expected behavior of the LB method, such as Round Robin. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| ipaddrgroup_path | Ipaddrgroup path Use list of servers from Ip Address Group. It is a reference to an object of type IpAddrGroup. |
string | |
| lb_algorithm | Lb algorithm The load balancing algorithm will pick a server within the pool's list of available servers. Values LB_ALGORITHM_NEAREST_SERVER and LB_ALGORITHM_TOPOLOGY are only allowed for GSLB pool. Enum options - LB_ALGORITHM_LEAST_CONNECTIONS, LB_ALGORITHM_ROUND_ROBIN, LB_ALGORITHM_FASTEST_RESPONSE, LB_ALGORITHM_CONSISTENT_HASH, LB_ALGORITHM_LEAST_LOAD, LB_ALGORITHM_FEWEST_SERVERS, LB_ALGORITHM_RANDOM, LB_ALGORITHM_FEWEST_TASKS, LB_ALGORITHM_NEAREST_SERVER, LB_ALGORITHM_CORE_AFFINITY, LB_ALGORITHM_TOPOLOGY. Allowed in Basic(Allowed values- LB_ALGORITHM_LEAST_CONNECTIONS,LB_ALGORITHM_ROUND_ROBIN,LB_ALGORITHM_CONSISTENT_HASH) edition, Essentials(Allowed values- LB_ALGORITHM_LEAST_CONNECTIONS,LB_ALGORITHM_ROUND_ROBIN,LB_ALGORITHM_CONSISTENT_HASH) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LB_ALGORITHM_LEAST_CONNECTIONS. |
ALBLbAlgorithm | Default: "LB_ALGORITHM_LEAST_CONNECTIONS" |
| lb_algorithm_consistent_hash_hdr | Lb algorithm consistent hash hdr HTTP header name to be used for the hash key. |
string | |
| lb_algorithm_core_nonaffinity | Lb algorithm core nonaffinity Degree of non-affinity for core affinity based server selection. Allowed values are 1-65535. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2. |
integer | Minimum: 1 Maximum: 65535 Default: "2" |
| lb_algorithm_hash | Lb algorithm hash Criteria used as a key for determining the hash between the client and server. Enum options - LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS, LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT, LB_ALGORITHM_CONSISTENT_HASH_URI, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_HEADER, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_STRING, LB_ALGORITHM_CONSISTENT_HASH_CALLID. Allowed in Basic(Allowed values- LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS) edition, Essentials(Allowed values- LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS. |
ALBLbAlgorithmConsistentHash | Default: "LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS" |
| lookup_server_by_name | Lookup server by name Allow server lookup by name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| max_concurrent_connections_per_server | Max concurrent connections per server The maximum number of concurrent connections allowed to each server within the pool. NOTE applied value will be no less than the number of service engines that the pool is placed on. If set to 0, no limit is applied. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| max_conn_rate_per_server | Max conn rate per server Rate Limit connections to each server. |
ALBRateProfile | |
| min_health_monitors_up | Min health monitors up Minimum number of health monitors in UP state to mark server UP. Allowed in Basic edition, Essentials edition, Enterprise edition. |
integer | |
| min_servers_up | Min servers up Minimum number of servers in UP state for marking the pool UP. |
integer | |
| networks | Networks (internal-use) Networks designated as containing servers for this pool. The servers may be further narrowed down by a filter. This field is used internally by Avi, not editable by the user. |
array of ALBNetworkFilter | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| pki_profile_path | Pki profile path Avi will validate the SSL certificate present by a server against the selected PKI Profile. It is a reference to an object of type PKIProfile. |
string | |
| placement_networks | Placement networks Manually select the networks and subnets used to provide reachability to the pool's servers. Specify the Subnet using the following syntax 10-1-1-0/24. Use static routes in VRF configuration when pool servers are not directly connected but routable from the service engine. |
array of ALBPlacementNetwork | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| request_queue_depth | Request queue depth Minimum number of requests to be queued when pool is full. Allowed in Basic(Allowed values- 128) edition, Essentials(Allowed values- 128) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 128. |
integer | Default: "128" |
| request_queue_enabled | Request queue enabled Enable request queue when pool is full. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| resource_type | Must be set to the value ALBPool | string | |
| rewrite_host_header_to_server_name | Rewrite host header to server name Rewrite incoming Host Header to server name of the server to which the request is proxied. Enabling this feature rewrites Host Header for requests to all servers in the pool. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| rewrite_host_header_to_sni | Rewrite host header to sni If SNI server name is specified, rewrite incoming host header to the SNI server name. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| routing_pool | Routing pool Enable to do routing when this pool is selected to send traffic. No servers present in routing pool. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| server_name | Server name Fully qualified DNS hostname which will be used in the TLS SNI extension in server connections if SNI is enabled. If no value is specified, Avi will use the incoming host header instead. |
string | |
| server_reselect | Server reselect Server reselect configuration for HTTP requests. |
ALBHTTPServerReselect | |
| server_timeout | Server timeout Server timeout value specifies the time within which a server connection needs to be established and a request-response exchange completes between AVI and the server. Value of 0 results in using default timeout of 60 minutes. Allowed values are 0-21600000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 21600000 Default: "0" |
| servers | Servers The pool directs load balanced traffic to this list of destination servers. The servers can be configured by IP address, name, network or via IP Address Group. Maximum of 5000 items allowed. |
array of ALBServer | |
| service_metadata | Service metadata Metadata pertaining to the service provided by this Pool. In Openshift/Kubernetes environments, app metadata info is stored. Any user input to this field will be overwritten by Avi Vantage. |
string | |
| sni_enabled | Sni enabled Enable TLS SNI for server connections. If disabled, Avi will not send the SNI extension as part of the handshake. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| ssl_key_and_certificate_path | Ssl key and certificate path Service Engines will present a client SSL certificate to the server. It is a reference to an object of type SSLKeyAndCertificate. |
string | |
| ssl_profile_path | Ssl profile path When enabled, Avi re-encrypts traffic to the backend servers. The specific SSL profile defines which ciphers and SSL versions will be supported. It is a reference to an object of type SSLProfile. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tier1_path | Tier1 path This tier1_lr field should be set same as VirtualService associated for NSX-T. |
string | |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| use_service_port | Use service port Do not translate the client's destination port when sending the connection to the server. The pool or servers specified service port will still be used for health monitoring. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| vrf_name | Vrf name Virtual Routing Context that the pool is bound to. This is used to provide the isolation of the set of networks the pool is attached to. The pool inherits the Virtual Routing Conext of the Virtual Service, and this field is used only internally, and is set by pb-transform. It is a reference to an object of type VrfContext. |
string |
ALBPoolAnalyticsPolicy (schema)
PoolAnalyticsPolicy
Advanced load balancer PoolAnalyticsPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| enable_realtime_metrics | Enable realtime metrics Enable real time metrics for server and pool metrics eg. l4_server.xxx, l7_server.xxx. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
ALBPoolApiResponse (schema)
PoolApiResponse
PoolApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of Pool Array of Pool |
array of ALBPool | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBPoolDeploymentState (schema)
PoolDeploymentState type
Valid ENUM values for ALBPoolDeploymentState
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPoolDeploymentState | PoolDeploymentState type Valid ENUM values for ALBPoolDeploymentState |
string | Enum: EVALUATION_IN_PROGRESS, IN_SERVICE, OUT_OF_SERVICE, EVALUATION_FAILED |
ALBPoolGroup (schema)
PoolGroup
Advanced load balancer PoolGroup object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cloud_config_cksum | Cloud config cksum Checksum of cloud configuration for PoolGroup. Internally set by cloud connector. |
string | |
| cloud_name | Cloud name It is a reference to an object of type Cloud. |
string | |
| created_by | Created by Name of the user who created the object. |
string | |
| deactivate_primary_pool_on_down | Deactivate primary pool on down Deactivate primary pool for selection when down until it is activated by user via clear poolgroup command. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| deployment_policy_path | Deployment policy path When setup autoscale manager will automatically promote new pools into production when deployment goals are met. It is a reference to an object of type PoolGroupDeploymentPolicy. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_http2 | Enable http2 Enable HTTP/2 for traffic from VirtualService to all the backend servers in all the pools configured under this PoolGroup. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| fail_action | Fail action Enable an action - Close Connection, HTTP Redirect, or Local HTTP Response - when a pool group failure happens. By default, a connection will be closed, in case the pool group experiences a failure. |
ALBFailAction | |
| id | Unique identifier of this resource | string | Sortable |
| implicit_priority_labels | Implicit priority labels Whether an implicit set of priority labels is generated. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| members | Members List of pool group members object of type PoolGroupMember. |
array of ALBPoolGroupMember | |
| min_servers | Min servers The minimum number of servers to distribute traffic to. Allowed values are 1-65535. Special values are 0 - 'Disable'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 65535 Default: "0" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| priority_labels_path | Priority labels path path of the priority labels. If not provided, pool group member priority label will be interpreted as a number with a larger number considered higher priority. It is a reference to an object of type PriorityLabels. |
string | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBPoolGroup | string | |
| service_metadata | Service metadata Metadata pertaining to the service provided by this PoolGroup. In Openshift/Kubernetes environments, app metadata info is stored. Any user input to this field will be overwritten by Avi Vantage. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBPoolGroupApiResponse (schema)
PoolGroupApiResponse
PoolGroupApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of PoolGroup Array of PoolGroup |
array of ALBPoolGroup | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBPoolGroupDeploymentPolicy (schema)
PoolGroupDeploymentPolicy
Advanced load balancer PoolGroupDeploymentPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| auto_disable_old_prod_pools | Auto disable old prod pools It will automatically disable old production pools once there is a new production candidate. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| evaluation_duration | Evaluation duration Duration of evaluation period for automatic deployment. Allowed values are 60-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300. |
integer | Minimum: 60 Maximum: 86400 Default: "300" |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBPoolGroupDeploymentPolicy | string | |
| rules | Rules Placeholder for description of property rules of obj type PoolGroupDeploymentPolicy field type str type array. |
array of ALBPGDeploymentRule | |
| scheme | Scheme deployment scheme. Enum options - BLUE_GREEN, CANARY. Default value when not specified in API or module is interpreted by ALB Controller as BLUE_GREEN. |
ALBPoolGroupDeploymentScheme | Default: "BLUE_GREEN" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target_test_traffic_ratio | Target test traffic ratio Target traffic ratio before pool is made production. Allowed values are 1-100. Unit is RATIO. Default value when not specified in API or module is interpreted by ALB Controller as 100. |
integer | Minimum: 1 Maximum: 100 Default: "100" |
| test_traffic_ratio_rampup | Test traffic ratio rampup Ratio of the traffic that is sent to the pool under test. test ratio of 100 means blue green. Allowed values are 1-100. Default value when not specified in API or module is interpreted by ALB Controller as 100. |
integer | Minimum: 1 Maximum: 100 Default: "100" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| webhook_path | Webhook path Webhook configured with URL that Avi controller will pass back information about pool group, old and new pool information and current deployment rule results. It is a reference to an object of type Webhook. |
string |
ALBPoolGroupDeploymentPolicyApiResponse (schema)
PoolGroupDeploymentPolicyApiResponse
PoolGroupDeploymentPolicyApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of PoolGroupDeploymentPolicy Array of PoolGroupDeploymentPolicy |
array of ALBPoolGroupDeploymentPolicy | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBPoolGroupDeploymentScheme (schema)
PoolGroupDeploymentScheme type
Valid ENUM values for ALBPoolGroupDeploymentScheme
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPoolGroupDeploymentScheme | PoolGroupDeploymentScheme type Valid ENUM values for ALBPoolGroupDeploymentScheme |
string | Enum: BLUE_GREEN, CANARY |
ALBPoolGroupMember (schema)
PoolGroupMember
Advanced load balancer PoolGroupMember object
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_state | Deployment state Pool deployment state used with the PG deployment policy. Enum options - EVALUATION_IN_PROGRESS, IN_SERVICE, OUT_OF_SERVICE, EVALUATION_FAILED. |
ALBPoolDeploymentState | |
| pool_path | Pool path path of the pool. It is a reference to an object of type Pool. |
string | Required |
| priority_label | Priority label All pools with same label are treated similarly in a pool group. A pool with a higher priority is selected, as long as the pool is eligible or an explicit policy chooses a different pool. |
string | |
| ratio | Ratio Ratio of selecting eligible pools in the pool group. Allowed values are 1-1000. Special values are 0 - 'Do not select this pool for new connections'. Allowed in Basic(Allowed values- 1) edition, Essentials(Allowed values- 1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Minimum: 0 Maximum: 1000 Default: "1" |
ALBPoolServer (schema)
PoolServer
Advanced load balancer PoolServer object
| Name | Description | Type | Notes |
|---|---|---|---|
| hostname | Hostname DNS resolvable name of the server. May be used in place of the IP address. |
string | |
| ip | Ip IP address of the server in the poool. |
ALBIpAddr | Required |
| port | Port Port of the pool server listening for HTTP/HTTPS. Default value is the default port in the pool. Allowed values are 1-65535. |
integer | Minimum: 1 Maximum: 65535 |
ALBPortMatch (schema)
PortMatch
Advanced load balancer PortMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for port matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| ports | Ports Listening TCP port(s). Allowed values are 1-65535. Minimum of 1 items required. |
array of integer | Required |
ALBPortRange (schema)
PortRange
Advanced load balancer PortRange object
| Name | Description | Type | Notes |
|---|---|---|---|
| end | End TCP/UDP port range end (inclusive). Allowed values are 1-65535. |
integer | Required Minimum: 1 Maximum: 65535 |
| start | Start TCP/UDP port range start (inclusive). Allowed values are 1-65535. |
integer | Required Minimum: 1 Maximum: 65535 |
ALBPriorityLabels (schema)
PriorityLabels
Advanced load balancer PriorityLabels object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cloud_name | Cloud name It is a reference to an object of type Cloud. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| equivalent_labels | Equivalent labels Equivalent priority labels in descending order. |
array of ALBEquivalentLabels | |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBPriorityLabels | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBPriorityLabelsApiResponse (schema)
PriorityLabelsApiResponse
PriorityLabelsApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of PriorityLabels Array of PriorityLabels |
array of ALBPriorityLabels | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBProtocol (schema)
Protocol type
Valid ENUM values for ALBProtocol
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBProtocol | Protocol type Valid ENUM values for ALBProtocol |
string | Enum: PROTOCOL_ICMP, PROTOCOL_TCP, PROTOCOL_UDP |
ALBProtocolMatch (schema)
ProtocolMatch
Advanced load balancer ProtocolMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for protocol matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. |
ALBMatchOperation | Required |
| protocols | Protocols HTTP or HTTPS protocol. Enum options - HTTP, HTTPS. |
ALBHTTPProtocol | Required |
ALBProtocolParser (schema)
ProtocolParser
Advanced load balancer ProtocolParser object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| parser_code | Parser code Command script provided inline. |
string | Required |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBProtocolParser | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBProtocolParserApiResponse (schema)
ProtocolParserApiResponse
ProtocolParserApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of ProtocolParser Array of ProtocolParser |
array of ALBProtocolParser | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBProtocolType (schema)
ProtocolType type
Valid ENUM values for ALBProtocolType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBProtocolType | ProtocolType type Valid ENUM values for ALBProtocolType |
string | Enum: PROTOCOL_TYPE_TCP_PROXY, PROTOCOL_TYPE_TCP_FAST_PATH, PROTOCOL_TYPE_UDP_FAST_PATH, PROTOCOL_TYPE_UDP_PROXY |
ALBProxyProtocolVersion (schema)
ProxyProtocolVersion type
Valid ENUM values for ALBProxyProtocolVersion
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBProxyProtocolVersion | ProxyProtocolVersion type Valid ENUM values for ALBProxyProtocolVersion |
string | Enum: PROXY_PROTOCOL_VERSION_1, PROXY_PROTOCOL_VERSION_2 |
ALBQueryMatch (schema)
QueryMatch
Advanced load balancer QueryMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_case | Match case Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. |
ALBMatchCase | Default: "INSENSITIVE" |
| match_criteria | Match criteria Criterion to use for matching the query in HTTP request URI. Enum options - QUERY_MATCH_CONTAINS. |
ALBQueryMatchOperation | Required |
| match_str | Match str String value(s). |
array of string | |
| string_group_paths | String group paths path of the string group(s). It is a reference to an object of type StringGroup. |
array of string |
ALBQueryMatchOperation (schema)
QueryMatchOperation type
Valid ENUM values for ALBQueryMatchOperation
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBQueryMatchOperation | QueryMatchOperation type Valid ENUM values for ALBQueryMatchOperation |
string | Enum: QUERY_MATCH_CONTAINS |
ALBRateLimiter (schema)
RateLimiter
Advanced load balancer RateLimiter object
| Name | Description | Type | Notes |
|---|---|---|---|
| burst_sz | Burst sz Maximum number of connections, requests or packets to be let through instantaneously. If this is less than count, it will have no effect. Allowed values are 0-1000000000. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000000000 Default: "0" |
| count | Count Maximum number of connections, requests or packets permitted each period. Allowed values are 1-1000000000. Default value when not specified in API or module is interpreted by ALB Controller as 1000000000. |
integer | Minimum: 1 Maximum: 1000000000 Default: "1000000000" |
| name | Name Identifier for Rate Limit. Constructed according to context. |
string | |
| period | Period Time value in seconds to enforce rate count. Allowed values are 1-1000000000. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Minimum: 1 Maximum: 1000000000 Default: "1" |
ALBRateLimiterAction (schema)
RateLimiterAction
Advanced load balancer RateLimiterAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| file | File File to be used for HTTP Local response rate limit action. |
ALBHTTPLocalFile | |
| redirect | Redirect Parameters for HTTP Redirect rate limit action. |
ALBHTTPRedirectAction | |
| status_code | Status code HTTP status code for Local Response rate limit action. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_LOCAL_RESPONSE_STATUS_CODE_429. |
ALBHTTPLocalResponseStatusCode | Default: "HTTP_LOCAL_RESPONSE_STATUS_CODE_429" |
| type | Type Type of action to be enforced upon hitting the rate limit. Enum options - RL_ACTION_NONE, RL_ACTION_DROP_CONN, RL_ACTION_RESET_CONN, RL_ACTION_CLOSE_CONN, RL_ACTION_LOCAL_RSP, RL_ACTION_REDIRECT. Default value when not specified in API or module is interpreted by ALB Controller as RL_ACTION_NONE. |
ALBRateLimiterActionType | Default: "RL_ACTION_NONE" |
ALBRateLimiterActionType (schema)
RateLimiterActionType type
Valid ENUM values for ALBRateLimiterActionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBRateLimiterActionType | RateLimiterActionType type Valid ENUM values for ALBRateLimiterActionType |
string | Enum: RL_ACTION_NONE, RL_ACTION_DROP_CONN, RL_ACTION_RESET_CONN, RL_ACTION_CLOSE_CONN, RL_ACTION_LOCAL_RSP, RL_ACTION_REDIRECT |
ALBRateLimiterProfile (schema)
RateLimiterProfile
Advanced load balancer RateLimiterProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip_connections_rate_limit | Client ip connections rate limit Rate Limit all connections made from any single client IP address to the Virtual Service. |
ALBRateProfile | |
| client_ip_failed_requests_rate_limit | Client ip failed requests rate limit Rate Limit all requests from a client for a specified period of time once the count of failed requests from that client crosses a threshold for that period. Clients are tracked based on their IP address. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests. |
ALBRateProfile | |
| client_ip_requests_rate_limit | Client ip requests rate limit Rate Limit all HTTP requests from any single client IP address to all URLs of the Virtual Service. |
ALBRateProfile | |
| client_ip_scanners_requests_rate_limit | Client ip scanners requests rate limit Automatically track clients and classify them into 3 groups - Good, Bad, Unknown. Clients are tracked based on their IP Address. Clients are added to the Good group when the Avi Scan Detection system builds history of requests from them that complete successfully. Clients are added to Unknown group when there is insufficient history about them. Requests from such clients are rate limited to the rate specified in the RateProfile. Finally, Clients with history of failed requests are added to Bad group and their requests are rate limited with stricter thresholds than the Unknown Clients group. The Avi Scan Detection system automatically tunes itself so that the Good, Bad, and Unknown client IPs group membership changes dynamically with the changes in traffic patterns through the ADC. |
ALBRateProfile | |
| client_ip_to_uri_failed_requests_rate_limit | Client ip to uri failed requests rate limit Rate Limit all requests from a client to a URI for a specified period of time once the count of failed requests from that client to the URI crosses a threshold for that period. Clients are tracked based on their IP address. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests. |
ALBRateProfile | |
| client_ip_to_uri_requests_rate_limit | Client ip to uri requests rate limit Rate Limit all HTTP requests from any single client IP address to any single URL. |
ALBRateProfile | |
| custom_requests_rate_limit | Custom requests rate limit Rate Limit all HTTP requests that map to any custom string. |
ALBRateProfile | |
| http_header_rate_limits | Http header rate limits Rate Limit all HTTP requests from all client IP addresses that contain any single HTTP header value. |
array of ALBRateProfile | |
| uri_failed_requests_rate_limit | Uri failed requests rate limit Rate Limit all requests to a URI for a specified period of time once the count of failed requests to that URI crosses a threshold for that period. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests. |
ALBRateProfile | |
| uri_requests_rate_limit | Uri requests rate limit Rate Limit all HTTP requests from all client IP addresses to any single URL. |
ALBRateProfile | |
| uri_scanners_requests_rate_limit | Uri scanners requests rate limit Automatically track URIs and classify them into 3 groups - Good, Bad, Unknown. URIs are added to the Good group when the Avi Scan Detection system builds history of requests to URIs that complete successfully. URIs are added to Unknown group when there is insufficient history about them. Requests for such URIs are rate limited to the rate specified in the RateProfile. Finally, URIs with history of failed requests are added to Bad group and requests to them are rate limited with stricter thresholds than the Unknown URIs group. The Avi Scan Detection system automatically tunes itself so that the Good, Bad, and Unknown URIs group membership changes dynamically with the changes in traffic patterns through the ADC. |
ALBRateProfile |
ALBRateProfile (schema)
RateProfile
Advanced load balancer RateProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Action to perform upon rate limiting. |
ALBRateLimiterAction | Required |
| explicit_tracking | Explicit tracking Explicitly tracks an attacker across rate periods. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| fine_grain | Fine grain Enable fine granularity. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| http_cookie | Http cookie HTTP cookie name. |
string | |
| http_header | Http header HTTP header name. |
string | |
| rate_limiter | Rate limiter The rate limiter configuration for this rate profile. |
ALBRateLimiter |
ALBReplaceStringType (schema)
ReplaceStringType type
Valid ENUM values for ALBReplaceStringType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBReplaceStringType | ReplaceStringType type Valid ENUM values for ALBReplaceStringType |
string | Enum: DATASCRIPT_VAR, HTTP_HEADER_VAR, LITERAL_STRING |
ALBReplaceStringVar (schema)
ReplaceStringVar
Advanced load balancer ReplaceStringVar object
| Name | Description | Type | Notes |
|---|---|---|---|
| type | Type Type of replacement string - can be a variable exposed from datascript, value of an HTTP header or a custom user-input literal string. Enum options - DATASCRIPT_VAR, HTTP_HEADER_VAR, LITERAL_STRING. |
ALBReplaceStringType | |
| val | Val Value of the replacement string - name of variable exposed from datascript, name of the HTTP header or a custom user-input literal string. |
string |
ALBResponseMatchTarget (schema)
ResponseMatchTarget
Advanced load balancer ResponseMatchTarget object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip | Client ip Configure client ip addresses. |
ALBIpAddrMatch | |
| cookie | Cookie Configure HTTP cookie(s). |
ALBCookieMatch | |
| hdrs | Hdrs Configure HTTP headers. |
array of ALBHdrMatch | |
| host_hdr | Host hdr Configure the host header. |
ALBHostHdrMatch | |
| loc_hdr | Loc hdr Configure the location header. |
ALBLocationHdrMatch | |
| method | Method Configure HTTP methods. |
ALBMethodMatch | |
| path | Path Configure request paths. |
ALBPathMatch | |
| protocol | Protocol Configure the type of HTTP protocol. |
ALBProtocolMatch | |
| query | Query Configure request query. |
ALBQueryMatch | |
| rsp_hdrs | Rsp hdrs Configure the HTTP headers in response. |
array of ALBHdrMatch | |
| status | Status Configure the HTTP status code(s). |
ALBHTTPStatusMatch | |
| version | Version Configure versions of the HTTP protocol. |
ALBHTTPVersionMatch | |
| vs_port | Vs port Configure virtual service ports. |
ALBPortMatch |
ALBRoleFilterMatchLabel (schema)
RoleFilterMatchLabel
Advanced load balancer RoleFilterMatchLabel object
| Name | Description | Type | Notes |
|---|---|---|---|
| key | Key Key for filter match. |
string | Required |
| values | Values Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = (STAR) if this field is empty. |
array of string |
ALBSAMLSPConfig (schema)
SAMLSPConfig
Advanced load balancer SAMLSPConfig object
| Name | Description | Type | Notes |
|---|---|---|---|
| cookie_name | Cookie name HTTP cookie name for authenticated session. |
string | |
| cookie_timeout | Cookie timeout Cookie timeout in minutes. Allowed values are 1-1440. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 60. |
integer | Minimum: 1 Maximum: 1440 Default: "60" |
| entity_id | Entity id Globally unique SAML entityID for this node. The SAML application entity ID on the IDP should match this. |
string | Required |
| key | Key Key to generate the cookie. |
array of ALBHttpCookiePersistenceKey | |
| signing_ssl_key_and_certificate_path | Signing ssl key and certificate path SP will use this SSL certificate to sign requests going to the IdP and decrypt the assertions coming from IdP. It is a reference to an object of type SSLKeyAndCertificate. |
string | |
| single_signon_url | Single signon url SAML Single Signon URL to be programmed on the IDP. |
string | Required |
| sp_metadata | Sp metadata SAML SP metadata for this application. |
string | |
| use_idp_session_timeout | Use idp session timeout By enabling this field IdP can control how long the SP session can exist through the SessionNotOnOrAfter field in the AuthNStatement of SAML Response. |
boolean |
ALBSSLCertificate (schema)
SSLCertificate
Advanced load balancer SSLCertificate object
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate | Certificate certificate of SSLCertificate. |
string | |
| certificate_signing_request | Certificate signing request certificate_signing_request of SSLCertificate. |
string | |
| chain_verified | Chain verified Placeholder for description of property chain_verified of obj type SSLCertificate field type str type boolean. |
boolean | |
| days_until_expire | Days until expire Number of days_until_expire. Default value when not specified in API or module is interpreted by ALB Controller as 365. |
integer | Minimum: 1 Default: "365" |
| expiry_status | Expiry status Enum options - SSL_CERTIFICATE_GOOD, SSL_CERTIFICATE_EXPIRY_WARNING, SSL_CERTIFICATE_EXPIRED. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CERTIFICATE_GOOD. |
ALBSSLCertificateExpiryStatus | Default: "SSL_CERTIFICATE_GOOD" |
| fingerprint | Fingerprint fingerprint of SSLCertificate. |
string | |
| issuer | Issuer Placeholder for description of property issuer of obj type SSLCertificate field type str type ref. |
ALBSSLCertificateDescription | |
| key_params | Key params Placeholder for description of property key_params of obj type SSLCertificate field type str type ref. |
ALBSSLKeyParams | |
| not_after | Not after not_after of SSLCertificate. |
string | |
| not_before | Not before not_before of SSLCertificate. |
string | |
| public_key | Public key public_key of SSLCertificate. |
string | |
| self_signed | Self signed Placeholder for description of property self_signed of obj type SSLCertificate field type str type boolean. |
boolean | |
| serial_number | Serial number serial_number of SSLCertificate. |
string | |
| signature | Signature signature of SSLCertificate. |
string | |
| signature_algorithm | Signature algorithm signature_algorithm of SSLCertificate. |
string | |
| subject | Subject Placeholder for description of property subject of obj type SSLCertificate field type str type ref. |
ALBSSLCertificateDescription | |
| subject_alt_names | Subject alt names subjectAltName that provides additional subject identities. |
array of string | |
| text | Text text of SSLCertificate. |
string | |
| version | Version version of SSLCertificate. |
string |
ALBSSLCertificateDescription (schema)
SSLCertificateDescription
Advanced load balancer SSLCertificateDescription object
| Name | Description | Type | Notes |
|---|---|---|---|
| common_name | Common name common_name of SSLCertificateDescription. |
string | |
| country | Country country of SSLCertificateDescription. |
string | |
| distinguished_name | Distinguished name distinguished_name of SSLCertificateDescription. |
string | |
| email_address | Email address email_address of SSLCertificateDescription. |
string | |
| locality | Locality locality of SSLCertificateDescription. |
string | |
| organization | Organization organization of SSLCertificateDescription. |
string | |
| organization_unit | Organization unit organization_unit of SSLCertificateDescription. |
string | |
| state | State state of SSLCertificateDescription. |
string |
ALBSSLCertificateExpiryStatus (schema)
SSLCertificateExpiryStatus type
Valid ENUM values for ALBSSLCertificateExpiryStatus
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLCertificateExpiryStatus | SSLCertificateExpiryStatus type Valid ENUM values for ALBSSLCertificateExpiryStatus |
string | Enum: SSL_CERTIFICATE_GOOD, SSL_CERTIFICATE_EXPIRY_WARNING, SSL_CERTIFICATE_EXPIRED |
ALBSSLCertificateStatus (schema)
SSLCertificateStatus type
Valid ENUM values for ALBSSLCertificateStatus
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLCertificateStatus | SSLCertificateStatus type Valid ENUM values for ALBSSLCertificateStatus |
string | Enum: SSL_CERTIFICATE_FINISHED, SSL_CERTIFICATE_PENDING |
ALBSSLCertificateType (schema)
SSLCertificateType type
Valid ENUM values for ALBSSLCertificateType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLCertificateType | SSLCertificateType type Valid ENUM values for ALBSSLCertificateType |
string | Enum: SSL_CERTIFICATE_TYPE_VIRTUALSERVICE, SSL_CERTIFICATE_TYPE_SYSTEM, SSL_CERTIFICATE_TYPE_CA |
ALBSSLClientCertificateAction (schema)
SSLClientCertificateAction
Advanced load balancer SSLClientCertificateAction object
| Name | Description | Type | Notes |
|---|---|---|---|
| close_connection | Close connection Placeholder for description of property close_connection of obj type SSLClientCertificateAction field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| headers | Headers Placeholder for description of property headers of obj type SSLClientCertificateAction field type str type array. |
array of ALBSSLClientRequestHeader |
ALBSSLClientCertificateMode (schema)
SSLClientCertificateMode type
Valid ENUM values for ALBSSLClientCertificateMode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLClientCertificateMode | SSLClientCertificateMode type Valid ENUM values for ALBSSLClientCertificateMode |
string | Enum: SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE |
ALBSSLClientRequestHeader (schema)
SSLClientRequestHeader
Advanced load balancer SSLClientRequestHeader object
| Name | Description | Type | Notes |
|---|---|---|---|
| request_header | Request header If this header exists, reset the connection. If the ssl variable is specified, add a header with this value. |
string | |
| request_header_value | Request header value Set the request header with the value as indicated by this SSL variable. Eg. send the whole certificate in PEM format. Enum options - HTTP_POLICY_VAR_CLIENT_IP, HTTP_POLICY_VAR_VS_PORT, HTTP_POLICY_VAR_VS_IP, HTTP_POLICY_VAR_HTTP_HDR, HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT, HTTP_POLICY_VAR_SSL_CLIENT_SERIAL, HTTP_POLICY_VAR_SSL_CLIENT_ISSUER, HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT, HTTP_POLICY_VAR_SSL_CLIENT_RAW, HTTP_POLICY_VAR_SSL_PROTOCOL, HTTP_POLICY_VAR_SSL_SERVER_NAME, HTTP_POLICY_VAR_USER_NAME, HTTP_POLICY_VAR_SSL_CIPHER, HTTP_POLICY_VAR_REQUEST_ID, HTTP_POLICY_VAR_SSL_CLIENT_VERSION, HTTP_POLICY_VAR_SSL_CLIENT_SIGALG, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER. |
ALBHTTPPolicyVar |
ALBSSLFormat (schema)
SSLFormat type
Valid ENUM values for ALBSSLFormat
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLFormat | SSLFormat type Valid ENUM values for ALBSSLFormat |
string | Enum: SSL_PEM, SSL_PKCS12 |
ALBSSLKeyAlgorithm (schema)
SSLKeyAlgorithm type
Valid ENUM values for ALBSSLKeyAlgorithm
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLKeyAlgorithm | SSLKeyAlgorithm type Valid ENUM values for ALBSSLKeyAlgorithm |
string | Enum: SSL_KEY_ALGORITHM_RSA, SSL_KEY_ALGORITHM_EC |
ALBSSLKeyAndCertificate (schema)
SSLKeyAndCertificate
Advanced load balancer SSLKeyAndCertificate object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| ca_certs | Ca certs CA certificates in certificate chain. |
array of ALBCertificateAuthority | |
| certificate | Certificate Placeholder for description of property certificate of obj type SSLKeyAndCertificate field type str type ref. |
ALBSSLCertificate | Required |
| certificate_base64 | Certificate base64 States if the certificate is base64 encoded. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| created_by | Created by Creator name. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dynamic_params | Dynamic params Dynamic parameters needed for certificate management profile. |
array of ALBCustomParams | |
| enable_ocsp_stapling | Enable ocsp stapling Enables OCSP Stapling. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enckey_base64 | Enckey base64 Encrypted private key corresponding to the private key (e.g. those generated by an HSM such as Thales nShield). |
string | |
| enckey_name | Enckey name Name of the encrypted private key (e.g. those generated by an HSM such as Thales nShield). |
string | |
| format | Format Format of the Key/Certificate file. Enum options - SSL_PEM, SSL_PKCS12. Default value when not specified in API or module is interpreted by ALB Controller as SSL_PEM. |
ALBSSLFormat | Default: "SSL_PEM" |
| hardwaresecuritymodulegroup_path | Hardwaresecuritymodulegroup path It is a reference to an object of type HardwareSecurityModuleGroup. |
string | |
| id | Unique identifier of this resource | string | Sortable |
| key | Key Private key. |
string | |
| key_base64 | Key base64 States if the private key is base64 encoded. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| key_params | Key params Placeholder for description of property key_params of obj type SSLKeyAndCertificate field type str type ref. |
ALBSSLKeyParams | |
| key_passphrase | Key passphrase Passphrase used to encrypt the private key. |
string | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| ocsp_config | Ocsp config Configuration related to OCSP. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBOCSPConfig | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBSSLKeyAndCertificate | string | |
| status | Status Enum options - SSL_CERTIFICATE_FINISHED, SSL_CERTIFICATE_PENDING. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CERTIFICATE_FINISHED. |
ALBSSLCertificateStatus | Default: "SSL_CERTIFICATE_FINISHED" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Type Enum options - SSL_CERTIFICATE_TYPE_VIRTUALSERVICE, SSL_CERTIFICATE_TYPE_SYSTEM, SSL_CERTIFICATE_TYPE_CA. |
ALBSSLCertificateType | |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBSSLKeyAndCertificateApiResponse (schema)
SSLKeyAndCertificateApiResponse
SSLKeyAndCertificateApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of SSLKeyAndCertificate Array of SSLKeyAndCertificate |
array of ALBSSLKeyAndCertificate | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBSSLKeyECCurve (schema)
SSLKeyECCurve type
Valid ENUM values for ALBSSLKeyECCurve
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLKeyECCurve | SSLKeyECCurve type Valid ENUM values for ALBSSLKeyECCurve |
string | Enum: SSL_KEY_EC_CURVE_SECP256R1, SSL_KEY_EC_CURVE_SECP384R1, SSL_KEY_EC_CURVE_SECP521R1 |
ALBSSLKeyECParams (schema)
SSLKeyECParams
Advanced load balancer SSLKeyECParams object
| Name | Description | Type | Notes |
|---|---|---|---|
| curve | Curve Enum options - SSL_KEY_EC_CURVE_SECP256R1, SSL_KEY_EC_CURVE_SECP384R1, SSL_KEY_EC_CURVE_SECP521R1. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_EC_CURVE_SECP256R1. |
ALBSSLKeyECCurve | Default: "SSL_KEY_EC_CURVE_SECP256R1" |
ALBSSLKeyParams (schema)
SSLKeyParams
Advanced load balancer SSLKeyParams object
| Name | Description | Type | Notes |
|---|---|---|---|
| algorithm | Algorithm Enum options - SSL_KEY_ALGORITHM_RSA, SSL_KEY_ALGORITHM_EC. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_ALGORITHM_RSA. |
ALBSSLKeyAlgorithm | Required Default: "SSL_KEY_ALGORITHM_RSA" |
| ec_params | Ec params Placeholder for description of property ec_params of obj type SSLKeyParams field type str type ref. |
ALBSSLKeyECParams | |
| rsa_params | Rsa params Placeholder for description of property rsa_params of obj type SSLKeyParams field type str type ref. |
ALBSSLKeyRSAParams |
ALBSSLKeyRSAParams (schema)
SSLKeyRSAParams
Advanced load balancer SSLKeyRSAParams object
| Name | Description | Type | Notes |
|---|---|---|---|
| exponent | Exponent Number of exponent. Default value when not specified in API or module is interpreted by ALB Controller as 65537. |
integer | Default: "65537" |
| key_size | Key size Enum options - SSL_KEY_1024_BITS, SSL_KEY_2048_BITS, SSL_KEY_3072_BITS, SSL_KEY_4096_BITS. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_2048_BITS. |
ALBSSLRSAKeySize | Default: "SSL_KEY_2048_BITS" |
ALBSSLProfile (schema)
SSLProfile
Advanced load balancer SSLProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| accepted_ciphers | Accepted ciphers Ciphers suites represented as defined by https //www.openssl.org/docs/apps/ciphers.html. Default value when not specified in API or module is interpreted by ALB Controller as AES:3DES:RC4. |
string | Default: "AES:3DES:RC4" |
| accepted_versions | Accepted versions Set of versions accepted by the server. Minimum of 1 items required. |
array of ALBSSLVersion | Required |
| avi_tags | Avi tags Placeholder for description of property tags of obj type SSLProfile field type str type array. |
array of ALBTag | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cipher_enums | Cipher enums Enum options - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_AES_256_GCM_SHA384... Allowed in Basic(Allowed values- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA) edition, Essentials(Allowed values- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA) edition, Enterprise edition. |
array of ALBAcceptedCipherEnums | |
| ciphersuites | Ciphersuites TLS 1.3 Ciphers suites represented as defined by U(https //www.openssl.org/docs/manmaster/man1/ciphers.html). Allowed in Basic edition, Essentials edition, Enterprise edition. Special default for Basic edition is TLS_AES_256_GCM_SHA384-TLS_AES_128_GCM_SHA256, Essentials edition is TLS_AES_256_GCM_SHA384-TLS_AES_128_GCM_SHA256, Enterprise is TLS_AES_256_GCM_SHA384-TLS_CHACHA20_POLY1305_SHA256-TLS_AES_128_GCM_SHA256. Default value when not specified in API or module is interpreted by ALB Controller as TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256. |
string | Default: "TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_early_data | Enable early data Enable early data processing for TLS1.3 connections. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_ssl_session_reuse | Enable ssl session reuse Enable SSL session re-use. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| prefer_client_cipher_ordering | Prefer client cipher ordering Prefer the SSL cipher ordering presented by the client during the SSL handshake over the one specified in the SSL Profile. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBSSLProfile | string | |
| send_close_notify | Send close notify Send 'close notify' alert message for a clean shutdown of the SSL connection. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| ssl_rating | Ssl rating Placeholder for description of property ssl_rating of obj type SSLProfile field type str type ref. |
ALBSSLRating | Readonly |
| ssl_session_timeout | Ssl session timeout The amount of time in seconds before an SSL session expires. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 86400. |
integer | Default: "86400" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Type SSL Profile Type. Enum options - SSL_PROFILE_TYPE_APPLICATION, SSL_PROFILE_TYPE_SYSTEM. Default value when not specified in API or module is interpreted by ALB Controller as SSL_PROFILE_TYPE_APPLICATION. |
ALBSSLProfileType | Default: "SSL_PROFILE_TYPE_APPLICATION" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBSSLProfileApiResponse (schema)
SSLProfileApiResponse
SSLProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of SSLProfile Array of SSLProfile |
array of ALBSSLProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBSSLProfileSelector (schema)
SSLProfileSelector
Advanced load balancer SSLProfileSelector object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_ip_list | Client ip list Configure client IP address groups. |
ALBIpAddrMatch | Required |
| ssl_profile_path | Ssl profile path SSL profile for the client IP addresses listed. It is a reference to an object of type SSLProfile. |
string | Required |
ALBSSLProfileType (schema)
SSLProfileType type
Valid ENUM values for ALBSSLProfileType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLProfileType | SSLProfileType type Valid ENUM values for ALBSSLProfileType |
string | Enum: SSL_PROFILE_TYPE_APPLICATION, SSL_PROFILE_TYPE_SYSTEM |
ALBSSLRSAKeySize (schema)
SSLRSAKeySize type
Valid ENUM values for ALBSSLRSAKeySize
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLRSAKeySize | SSLRSAKeySize type Valid ENUM values for ALBSSLRSAKeySize |
string | Enum: SSL_KEY_1024_BITS, SSL_KEY_2048_BITS, SSL_KEY_3072_BITS, SSL_KEY_4096_BITS |
ALBSSLRating (schema)
SSLRating
Advanced load balancer SSLRating object
| Name | Description | Type | Notes |
|---|---|---|---|
| compatibility_rating | Compatibility rating Enum options - SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT. |
ALBSSLScore | |
| performance_rating | Performance rating Enum options - SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT. |
ALBSSLScore | |
| security_score | Security score security_score of SSLRating. |
string |
ALBSSLScore (schema)
SSLScore type
Valid ENUM values for ALBSSLScore
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLScore | SSLScore type Valid ENUM values for ALBSSLScore |
string | Enum: SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT |
ALBSSLVersion (schema)
SSLVersion
Advanced load balancer SSLVersion object
| Name | Description | Type | Notes |
|---|---|---|---|
| type | Type Enum options - SSL_VERSION_SSLV3, SSL_VERSION_TLS1, SSL_VERSION_TLS1_1, SSL_VERSION_TLS1_2, SSL_VERSION_TLS1_3. Allowed in Basic(Allowed values- SSL_VERSION_SSLV3,SSL_VERSION_TLS1,SSL_VERSION_TLS1_1,SSL_VERSION_TLS1_2) edition, Essentials(Allowed values- SSL_VERSION_SSLV3,SSL_VERSION_TLS1,SSL_VERSION_TLS1_1,SSL_VERSION_TLS1_2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_VERSION_TLS1_1. |
ALBSSLVersionType | Required Default: "SSL_VERSION_TLS1_1" |
ALBSSLVersionType (schema)
SSLVersionType type
Valid ENUM values for ALBSSLVersionType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLVersionType | SSLVersionType type Valid ENUM values for ALBSSLVersionType |
string | Enum: SSL_VERSION_SSLV3, SSL_VERSION_TLS1, SSL_VERSION_TLS1_1, SSL_VERSION_TLS1_2, SSL_VERSION_TLS1_3 |
ALBSSOPolicy (schema)
SSOPolicy
Advanced load balancer SSOPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| authentication_policy | Authentication policy Authentication Policy Settings. |
ALBAuthenticationPolicy | Required |
| authorization_policy | Authorization policy Authorization Policy Settings. |
ALBAuthorizationPolicy | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBSSOPolicy | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Type SSO Policy Type. Enum options - SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT. Default value when not specified in API or module is interpreted by ALB Controller as SSO_TYPE_SAML. |
ALBSSOPolicyType | Default: "SSO_TYPE_SAML" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBSSOPolicyApiResponse (schema)
SSOPolicyApiResponse
SSOPolicyApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of SSOPolicy Array of SSOPolicy |
array of ALBSSOPolicy | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBSSOPolicyType (schema)
SSOPolicyType type
Valid ENUM values for ALBSSOPolicyType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSOPolicyType | SSOPolicyType type Valid ENUM values for ALBSSOPolicyType |
string | Enum: SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT |
ALBSamlIdentityProviderSettings (schema)
SamlIdentityProviderSettings
Advanced load balancer SamlIdentityProviderSettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| metadata | Metadata SAML IDP metadata. |
string |
ALBSamlServiceProviderNode (schema)
SamlServiceProviderNode
Advanced load balancer SamlServiceProviderNode object
| Name | Description | Type | Notes |
|---|---|---|---|
| entity_id | Entity id Globally unique entityID for this node. Entity ID on the IDP should match this. |
string | |
| name | Name Refers to the Cluster name identifier (Virtual IP or FQDN). |
string | Required |
| signing_ssl_key_and_certificate_path | Signing ssl key and certificate path Service Engines will use this SSL certificate to sign assertions going to the IdP. It is a reference to an object of type SSLKeyAndCertificate. |
string | |
| single_signon_url | Single signon url Single Signon URL to be programmed on the IDP. |
string |
ALBSamlServiceProviderSettings (schema)
SamlServiceProviderSettings
Advanced load balancer SamlServiceProviderSettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| fqdn | Fqdn FQDN if entity type is DNS_FQDN . |
string | |
| org_display_name | Org display name Service Provider Organization Display Name. |
string | |
| org_name | Org name Service Provider Organization Name. |
string | |
| org_url | Org url Service Provider Organization URL. |
string | |
| saml_entity_type | Saml entity type Type of SAML endpoint. Enum options - AUTH_SAML_CLUSTER_VIP, AUTH_SAML_DNS_FQDN, AUTH_SAML_APP_VS. |
ALBAuthSamlEntityType | |
| sp_nodes | Sp nodes Service Provider node information. |
array of ALBSamlServiceProviderNode | |
| tech_contact_email | Tech contact email Service Provider technical contact email. |
string | |
| tech_contact_name | Tech contact name Service Provider technical contact name. |
string |
ALBSamlSettings (schema)
SamlSettings
Advanced load balancer SamlSettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| idp | Idp Configure remote Identity provider settings. |
ALBSamlIdentityProviderSettings | |
| sp | Sp Configure service provider settings for the Controller. |
ALBSamlServiceProviderSettings | Required |
ALBSeFlowDist (schema)
SeFlowDist type
Valid ENUM values for ALBSeFlowDist
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSeFlowDist | SeFlowDist type Valid ENUM values for ALBSeFlowDist |
string | Enum: LOAD_AWARE, CONSISTENT_HASH_SOURCE_IP_ADDRESS, CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT |
ALBSecurityPolicy (schema)
SecurityPolicy
Advanced load balancer SecurityPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_attacks | Dns attacks Attacks utilizing the DNS protocol operations. |
ALBDnsAttacks | |
| dns_policy_index | Dns policy index Index of the dns policy to use for the mitigation rules applied to the dns attacks. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| network_security_policy_index | Network security policy index Index of the network security policy to use for the mitigation rules applied to the attacks. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| oper_mode | Oper mode Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION. Default value when not specified in API or module is interpreted by ALB Controller as DETECTION. |
ALBOperationMode | Default: "DETECTION" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBSecurityPolicy | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBSecurityPolicyApiResponse (schema)
SecurityPolicyApiResponse
SecurityPolicyApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of SecurityPolicy Array of SecurityPolicy |
array of ALBSecurityPolicy | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBSensitiveFieldRule (schema)
SensitiveFieldRule
Advanced load balancer SensitiveFieldRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action Action for the matched log field, for instance the matched field can be removed or masked off. Enum options - LOG_FIELD_REMOVE, LOG_FIELD_MASKOFF. Default value when not specified in API or module is interpreted by ALB Controller as LOG_FIELD_REMOVE. |
ALBLogAction | Default: "LOG_FIELD_REMOVE" |
| enabled | Enabled Enable rule to match the sensitive fields. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| index | Index Index of the rule. |
integer | |
| match | Match Criterion to use for matching in the Log. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBStringMatch | |
| name | Name Name of the rule. |
string |
ALBSensitiveLogProfile (schema)
SensitiveLogProfile
Advanced load balancer SensitiveLogProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| header_field_rules | Header field rules Match sensitive header fields in HTTP application log. |
array of ALBSensitiveFieldRule | |
| uri_query_field_rules | Uri query field rules Match sensitive URI query params in HTTP application log. Query params from the URI are extracted and checked for matching sensitive parameter names. A successful match will mask the parameter values in accordance with this rule action. |
array of ALBSensitiveFieldRule | |
| waf_field_rules | Waf field rules Match sensitive WAF log fields in HTTP application log. |
array of ALBSensitiveFieldRule |
ALBServer (schema)
Server
Advanced load balancer Server object
| Name | Description | Type | Notes |
|---|---|---|---|
| autoscaling_group_name | Autoscaling group name Name of autoscaling group this server belongs to. Allowed in Essentials edition, Enterprise edition. |
string | |
| availability_zone | Availability zone Availability-zone of the server VM. |
string | |
| description | Description A description of the Server. |
string | |
| discovered_networks | Discovered networks (internal-use) Discovered networks providing reachability for server IP. This field is used internally by Avi, not editable by the user. |
array of ALBDiscoveredNetwork | |
| enabled | Enabled Enable, Disable or Graceful Disable determine if new or existing connections to the server are allowed. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| external_orchestration_id | External orchestration id UID of server in external orchestration systems. |
string | |
| external_uuid | External uuid UUID identifying VM in OpenStack and other external compute. |
string | |
| hostname | Hostname DNS resolvable name of the server. May be used in place of the IP address. |
string | |
| ip | Ip IP Address of the server. Required if there is no resolvable host name. |
ALBIpAddr | Required |
| is_static | Is static If statically learned. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| location | Location (internal-use) Geographic location of the server.Currently only for internal usage. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBGeoLocation | |
| mac_address | Mac address MAC address of server. |
string | |
| port | Port Optionally specify the servers port number. This will override the pool's default server port attribute. Allowed values are 1-65535. Special values are 0- 'use backend port in pool'. |
integer | Minimum: 0 Maximum: 65535 |
| prst_hdr_val | Prst hdr val Header value for custom header persistence. |
string | |
| ratio | Ratio Ratio of selecting eligible servers in the pool. Allowed values are 1-20. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Minimum: 1 Maximum: 20 Default: "1" |
| resolve_server_by_dns | Resolve server by dns Auto resolve server's IP using DNS name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| rewrite_host_header | Rewrite host header Rewrite incoming Host Header to server name. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| server_node | Server node Hostname of the node where the server VM or container resides. |
string | |
| verify_network | Verify network Verify server belongs to a discovered network or reachable via a discovered network. Verify reachable network isn't the OpenStack management network. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
ALBServerAutoScalePolicy (schema)
ServerAutoScalePolicy
Advanced load balancer ServerAutoScalePolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| delay_for_server_garbage_collection | Delay for server garbage collection Delay in minutes after which a down server will be removed from Pool. Value 0 disables this functionality. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| intelligent_autoscale | Intelligent autoscale Use Avi intelligent autoscale algorithm where autoscale is performed by comparing load on the pool against estimated capacity of all the servers. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| intelligent_scalein_margin | Intelligent scalein margin Maximum extra capacity as percentage of load used by the intelligent scheme. Scalein is triggered when available capacity is more than this margin. Allowed values are 1-99. Default value when not specified in API or module is interpreted by ALB Controller as 40. |
integer | Minimum: 1 Maximum: 99 Default: "40" |
| intelligent_scaleout_margin | Intelligent scaleout margin Minimum extra capacity as percentage of load used by the intelligent scheme. Scaleout is triggered when available capacity is less than this margin. Allowed values are 1-99. Default value when not specified in API or module is interpreted by ALB Controller as 20. |
integer | Minimum: 1 Maximum: 99 Default: "20" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| max_scalein_adjustment_step | Max scalein adjustment step Maximum number of servers to scalein simultaneously. The actual number of servers to scalein is chosen such that target number of servers is always more than or equal to the min_size. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Default: "1" |
| max_scaleout_adjustment_step | Max scaleout adjustment step Maximum number of servers to scaleout simultaneously. The actual number of servers to scaleout is chosen such that target number of servers is always less than or equal to the max_size. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Default: "1" |
| max_size | Max size Maximum number of servers after scaleout. Allowed values are 0-400. |
integer | Minimum: 0 Maximum: 400 |
| min_size | Min size No scale-in happens once number of operationally up servers reach min_servers. Allowed values are 0-400. |
integer | Minimum: 0 Maximum: 400 |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBServerAutoScalePolicy | string | |
| scalein_cooldown | Scalein cooldown Cooldown period during which no new scalein is triggered to allow previous scalein to successfully complete. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300. |
integer | Default: "300" |
| scaleout_cooldown | Scaleout cooldown Cooldown period during which no new scaleout is triggered to allow previous scaleout to successfully complete. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300. |
integer | Default: "300" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| use_predicted_load | Use predicted load Use predicted load rather than current load. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
ALBServerAutoScalePolicyApiResponse (schema)
ServerAutoScalePolicyApiResponse
ServerAutoScalePolicyApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of ServerAutoScalePolicy Array of ServerAutoScalePolicy |
array of ALBServerAutoScalePolicy | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBService (schema)
Service
Advanced load balancer Service object
| Name | Description | Type | Notes |
|---|---|---|---|
| enable_http2 | Enable http2 Enable HTTP2 on this port. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_ssl | Enable ssl Enable SSL termination and offload for traffic from clients. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| override_application_profile_path | Override application profile path Enable application layer specific features for the this specific service. It is a reference to an object of type ApplicationProfile. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| override_network_profile_path | Override network profile path Override the network profile for this specific service port. It is a reference to an object of type NetworkProfile. |
string | |
| port | Port The Virtual Service's port number. Allowed values are 0-65535. |
integer | Required Minimum: 0 Maximum: 65535 |
| port_range_end | Port range end The end of the Virtual Service's port number range. Allowed values are 1-65535. Special values are 0- 'single port'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 65535 Default: "0" |
ALBServicePoolSelector (schema)
ServicePoolSelector
Advanced load balancer ServicePoolSelector object
| Name | Description | Type | Notes |
|---|---|---|---|
| service_pool_group_path | Service pool group path It is a reference to an object of type PoolGroup. |
string | |
| service_pool_path | Service pool path It is a reference to an object of type Pool. |
string | |
| service_port | Service port Pool based destination port. Allowed values are 1-65535. |
integer | Required Minimum: 1 Maximum: 65535 |
| service_port_range_end | Service port range end The end of the Service port number range. Allowed values are 1-65535. Special values are 0- 'single port'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 65535 Default: "0" |
| service_protocol | Service protocol Destination protocol to match for the pool selection. If not specified, it will match any protocol. Enum options - PROTOCOL_TYPE_TCP_PROXY, PROTOCOL_TYPE_TCP_FAST_PATH, PROTOCOL_TYPE_UDP_FAST_PATH, PROTOCOL_TYPE_UDP_PROXY. |
ALBProtocolType |
ALBSidebandProfile (schema)
SidebandProfile
Advanced load balancer SidebandProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| ip | Ip IP Address of the sideband server. |
array of ALBIpAddr | |
| sideband_max_request_body_size | Sideband max request body size Maximum size of the request body that will be sent on the sideband. Allowed values are 0-16384. Unit is BYTES. Default value when not specified in API or module is interpreted by ALB Controller as 1024. |
integer | Minimum: 0 Maximum: 16384 Default: "1024" |
ALBSipMonTransport (schema)
SipMonTransport type
Valid ENUM values for ALBSipMonTransport
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSipMonTransport | SipMonTransport type Valid ENUM values for ALBSipMonTransport |
string | Enum: SIP_UDP_PROTO, SIP_TCP_PROTO |
ALBSipRequestCode (schema)
SipRequestCode type
Valid ENUM values for ALBSipRequestCode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSipRequestCode | SipRequestCode type Valid ENUM values for ALBSipRequestCode |
string | Enum: SIP_OPTIONS |
ALBSipServiceApplicationProfile (schema)
SipServiceApplicationProfile
Advanced load balancer SipServiceApplicationProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| transaction_timeout | Transaction timeout SIP transaction timeout in seconds. Allowed values are 2-512. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 32. |
integer | Minimum: 2 Maximum: 512 Default: "32" |
ALBStreamingSyslogConfig (schema)
StreamingSyslogConfig
Advanced load balancer StreamingSyslogConfig object
| Name | Description | Type | Notes |
|---|---|---|---|
| facility | Facility Facility value, as defined in RFC5424, must be between 0 and 23 inclusive. Allowed values are 0-23. Default value when not specified in API or module is interpreted by ALB Controller as 16. |
integer | Minimum: 0 Maximum: 23 Default: "16" |
| filtered_log_severity | Filtered log severity Severity code, as defined in RFC5424, for filtered logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 5. |
integer | Minimum: 0 Maximum: 7 Default: "5" |
| hostname | Hostname String to use as the hostname in the syslog messages. This string can contain only printable ASCII characters (hex 21 to hex 7E; no space allowed). Default value when not specified in API or module is interpreted by ALB Controller as AviVantage. |
string | Default: "AviVantage" |
| non_significant_log_severity | Non significant log severity Severity code, as defined in RFC5424, for non-significant logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 6. |
integer | Minimum: 0 Maximum: 7 Default: "6" |
| significant_log_severity | Significant log severity Severity code, as defined in RFC5424, for significant logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 4. |
integer | Minimum: 0 Maximum: 7 Default: "4" |
ALBStringGroup (schema)
StringGroup
Advanced load balancer StringGroup object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| kv | Kv Configure Key Value in the string group. |
array of ALBKeyValue | |
| longest_match | Longest match Enable the longest match, default is the shortest match. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBStringGroup | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Type Type of StringGroup. Enum options - SG_TYPE_STRING, SG_TYPE_KEYVAL. Default value when not specified in API or module is interpreted by ALB Controller as SG_TYPE_STRING. |
ALBStringGroupType | Required Default: "SG_TYPE_STRING" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBStringGroupApiResponse (schema)
StringGroupApiResponse
StringGroupApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of StringGroup Array of StringGroup |
array of ALBStringGroup | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBStringGroupType (schema)
StringGroupType type
Valid ENUM values for ALBStringGroupType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBStringGroupType | StringGroupType type Valid ENUM values for ALBStringGroupType |
string | Enum: SG_TYPE_STRING, SG_TYPE_KEYVAL |
ALBStringMatch (schema)
StringMatch
Advanced load balancer StringMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_criteria | Match criteria Criterion to use for string matching the HTTP request. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition. |
ALBStringOperation | Required |
| match_str | Match str String value(s). |
array of string | |
| string_group_paths | String group paths path of the string group(s). It is a reference to an object of type StringGroup. |
array of string |
ALBStringOperation (schema)
StringOperation type
Valid ENUM values for ALBStringOperation
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBStringOperation | StringOperation type Valid ENUM values for ALBStringOperation |
string | Enum: BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH |
ALBTCPApplicationProfile (schema)
TCPApplicationProfile
Advanced load balancer TCPApplicationProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| pki_profile_path | Pki profile path Select the PKI profile to be associated with the Virtual Service. This profile defines the Certificate Authority and Revocation List. It is a reference to an object of type PKIProfile. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| proxy_protocol_enabled | Proxy protocol enabled Enable/Disable the usage of proxy protocol to convey client connection information to the back-end servers. Valid only for L4 application profiles and TCP proxy. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| proxy_protocol_version | Proxy protocol version Version of proxy protocol to be used to convey client connection information to the back-end servers. Enum options - PROXY_PROTOCOL_VERSION_1, PROXY_PROTOCOL_VERSION_2. Allowed in Basic(Allowed values- PROXY_PROTOCOL_VERSION_1) edition, Essentials(Allowed values- PROXY_PROTOCOL_VERSION_1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PROXY_PROTOCOL_VERSION_1. |
ALBProxyProtocolVersion | Default: "PROXY_PROTOCOL_VERSION_1" |
| ssl_client_certificate_mode | Ssl client certificate mode Specifies whether the client side verification is set to none, request or require. Enum options - SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE. Allowed in Basic(Allowed values- SSL_CLIENT_CERTIFICATE_NONE) edition, Essentials(Allowed values- SSL_CLIENT_CERTIFICATE_NONE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CLIENT_CERTIFICATE_NONE. |
ALBSSLClientCertificateMode | Default: "SSL_CLIENT_CERTIFICATE_NONE" |
ALBTCPFastPathProfile (schema)
TCPFastPathProfile
Advanced load balancer TCPFastPathProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| dsr_profile | Dsr profile DSR profile information. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBDsrProfile | |
| enable_syn_protection | Enable syn protection When enabled, Avi will complete the 3-way handshake with the client before forwarding any packets to the server. This will protect the server from SYN flood and half open SYN connections. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| session_idle_timeout | Session idle timeout The amount of time (in sec) for which a connection needs to be idle before it is eligible to be deleted. Allowed values are 5-14400. Special values are 0 - 'infinite'. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300. |
integer | Minimum: 0 Maximum: 14400 Default: "300" |
ALBTCPProxyProfile (schema)
TCPProxyProfile
Advanced load balancer TCPProxyProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| aggressive_congestion_avoidance | Aggressive congestion avoidance Controls the our congestion window to send, normally it's 1 mss, If this option is turned on, we use 10 msses. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| auto_window_growth | Auto window growth Controls whether the windows are static or supports autogrowth. Maximum that it can grow to is limited to 4MB. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| automatic | Automatic Dynamically pick the relevant parameters for connections. Allowed in Basic(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| cc_algo | Cc algo Controls the congestion control algorithm we use. Enum options - CC_ALGO_NEW_RENO, CC_ALGO_CUBIC, CC_ALGO_HTCP. Default value when not specified in API or module is interpreted by ALB Controller as CC_ALGO_NEW_RENO. |
ALBCongestionAlgo | Default: "CC_ALGO_NEW_RENO" |
| congestion_recovery_scaling_factor | Congestion recovery scaling factor Congestion window scaling factor after recovery. Allowed values are 0-8. Default value when not specified in API or module is interpreted by ALB Controller as 2. |
integer | Minimum: 0 Maximum: 8 Default: "2" |
| idle_connection_timeout | Idle connection timeout The duration for keepalive probes or session idle timeout. Max value is 3600 seconds, min is 5. Set to 0 to allow infinite idle time. Allowed values are 5-14400. Special values are 0 - 'infinite'. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 600. |
integer | Minimum: 0 Maximum: 14400 Default: "600" |
| idle_connection_type | Idle connection type Controls the behavior of idle connections. Enum options - KEEP_ALIVE, CLOSE_IDLE. Default value when not specified in API or module is interpreted by ALB Controller as KEEP_ALIVE. |
ALBIdleConnectionType | Default: "KEEP_ALIVE" |
| ignore_time_wait | Ignore time wait A new SYN is accepted from the same 4-tuple even if there is already a connection in TIME_WAIT state. This is equivalent of setting Time Wait Delay to 0. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| ip_dscp | Ip dscp Controls the value of the Differentiated Services Code Point field inserted in the IP header. This has two options Set to a specific value, or Pass Through, which uses the incoming DSCP value. Allowed values are 0-63. Special values are MAX - 'Passthrough'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 63 Default: "0" |
| keepalive_in_halfclose_state | Keepalive in halfclose state Controls whether to keep the connection alive with keepalive messages in the TCP half close state. The interval for sending keepalive messages is 30s. If a timeout is already configured in the network profile, this will not override it. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| max_retransmissions | Max retransmissions The number of attempts at retransmit before closing the connection. Allowed values are 3-8. Default value when not specified in API or module is interpreted by ALB Controller as 8. |
integer | Minimum: 3 Maximum: 8 Default: "8" |
| max_segment_size | Max segment size Maximum TCP segment size. Allowed values are 512-9000. Special values are 0 - 'Use Interface MTU'. Unit is BYTES. |
integer | Minimum: 0 Maximum: 9000 |
| max_syn_retransmissions | Max syn retransmissions The maximum number of attempts at retransmitting a SYN packet before giving up. Allowed values are 3-8. Default value when not specified in API or module is interpreted by ALB Controller as 8. |
integer | Minimum: 3 Maximum: 8 Default: "8" |
| min_rexmt_timeout | Min rexmt timeout The minimum wait time (in millisec) to retransmit packet. Allowed values are 50-5000. Unit is MILLISECONDS. |
integer | Minimum: 50 Maximum: 5000 |
| nagles_algorithm | Nagles algorithm Consolidates small data packets to send clients fewer but larger packets. Adversely affects real time protocols such as telnet or SSH. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| reassembly_queue_size | Reassembly queue size Maximum number of TCP segments that can be queued for reassembly. Configuring this to 0 disables the feature and provides unlimited queuing. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Default: "0" |
| receive_window | Receive window Size of the receive window. Allowed values are 2-65536. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 64. |
integer | Minimum: 2 Maximum: 65536 Default: "64" |
| reorder_threshold | Reorder threshold Controls the number of duplicate acks required to trigger retransmission. Setting a higher value reduces retransmission caused by packet reordering. A larger value is recommended in public cloud environments where packet reordering is quite common. The default value is 8 in public cloud platforms (AWS, Azure, GCP), and 3 in other environments. Allowed values are 1-100. |
integer | Minimum: 1 Maximum: 100 |
| slow_start_scaling_factor | Slow start scaling factor Congestion window scaling factor during slow start. Allowed values are 0-8. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Minimum: 0 Maximum: 8 Default: "1" |
| time_wait_delay | Time wait delay The time (in millisec) to wait before closing a connection in the TIME_WAIT state. Allowed values are 500-2000. Special values are 0 - 'immediate'. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 2000. |
integer | Minimum: 0 Maximum: 2000 Default: "2000" |
| use_interface_mtu | Use interface mtu Use the interface MTU to calculate the TCP max segment size. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBTacacsPlusAuthSettings (schema)
TacacsPlusAuthSettings
Advanced load balancer TacacsPlusAuthSettings object
| Name | Description | Type | Notes |
|---|---|---|---|
| authorization_attrs | Authorization attrs TACACS+ authorization attribute value pairs. |
array of ALBAuthTacacsPlusAttributeValuePair | |
| password | Password TACACS+ server shared secret. |
string | |
| port | Port TACACS+ server listening port. Default value when not specified in API or module is interpreted by ALB Controller as 49. |
integer | Default: "49" |
| server | Server TACACS+ server IP address or FQDN. Minimum of 1 items required. |
array of string | Required |
| service | Service TACACS+ service. Enum options - AUTH_TACACS_PLUS_SERVICE_NONE, AUTH_TACACS_PLUS_SERVICE_LOGIN, AUTH_TACACS_PLUS_SERVICE_ENABLE, AUTH_TACACS_PLUS_SERVICE_PPP, AUTH_TACACS_PLUS_SERVICE_ARAP, AUTH_TACACS_PLUS_SERVICE_PT, AUTH_TACACS_PLUS_SERVICE_RCMD, AUTH_TACACS_PLUS_SERVICE_X25, AUTH_TACACS_PLUS_SERVICE_NASI, AUTH_TACACS_PLUS_SERVICE_FWPROXY. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_TACACS_PLUS_SERVICE_LOGIN. |
ALBAuthTacacsPlusService | Default: "AUTH_TACACS_PLUS_SERVICE_LOGIN" |
ALBTag (schema)
Tag
Advanced load balancer Tag object
| Name | Description | Type | Notes |
|---|---|---|---|
| type | Type Enum options - AVI_DEFINED, USER_DEFINED, VCENTER_DEFINED. Default value when not specified in API or module is interpreted by ALB Controller as USER_DEFINED. |
ALBTagType | Default: "USER_DEFINED" |
| value | Value value of Tag. |
string | Required |
ALBTagType (schema)
TagType type
Valid ENUM values for ALBTagType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBTagType | TagType type Valid ENUM values for ALBTagType |
string | Enum: AVI_DEFINED, USER_DEFINED, VCENTER_DEFINED |
ALBTrafficCloneProfile (schema)
TrafficCloneProfile
Advanced load balancer TrafficCloneProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| clone_servers | Clone servers Maximum of 10 items allowed. |
array of ALBCloneServer | |
| cloud_name | Cloud name It is a reference to an object of type Cloud. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| preserve_client_ip | Preserve client ip Specifies if client IP needs to be preserved to clone destination. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBTrafficCloneProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBTrafficCloneProfileApiResponse (schema)
TrafficCloneProfileApiResponse
TrafficCloneProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of TrafficCloneProfile Array of TrafficCloneProfile |
array of ALBTrafficCloneProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBUDPFastPathProfile (schema)
UDPFastPathProfile
Advanced load balancer UDPFastPathProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| dsr_profile | Dsr profile DSR profile information. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBDsrProfile | |
| per_pkt_loadbalance | Per pkt loadbalance When enabled, every UDP packet is considered a new transaction and may be load balanced to a different server. When disabled, packets from the same client source IP and port are sent to the same server. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| session_idle_timeout | Session idle timeout The amount of time (in sec) for which a flow needs to be idle before it is deleted. Allowed values are 2-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Minimum: 2 Maximum: 3600 Default: "10" |
| snat | Snat When disabled, Source NAT will not be performed for all client UDP packets. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBUDPProxyProfile (schema)
UDPProxyProfile
Advanced load balancer UDPProxyProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| session_idle_timeout | Session idle timeout The amount of time (in sec) for which a flow needs to be idle before it is deleted. Allowed values are 2-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10. |
integer | Minimum: 2 Maximum: 3600 Default: "10" |
ALBURIParam (schema)
URIParam
Advanced load balancer URIParam object
| Name | Description | Type | Notes |
|---|---|---|---|
| tokens | Tokens Token config either for the URI components or a constant string. Minimum of 1 items required. |
array of ALBURIParamToken | Required |
| type | Type URI param type. Enum options - URI_PARAM_TYPE_TOKENIZED. |
ALBURIParamType | Required |
ALBURIParamQuery (schema)
URIParamQuery
Advanced load balancer URIParamQuery object
| Name | Description | Type | Notes |
|---|---|---|---|
| add_string | Add string Concatenate a string to the query of the incoming request URI and then use it in the request URI going to the backend server. |
string | |
| keep_query | Keep query Use or drop the query of the incoming request URI in the request URI to the backend server. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBURIParamToken (schema)
URIParamToken
Advanced load balancer URIParamToken object
| Name | Description | Type | Notes |
|---|---|---|---|
| end_index | End index Index of the ending token in the incoming URI. Allowed values are 0-65534. Special values are 65535 - 'end of string'. |
integer | Minimum: 0 Maximum: 65535 |
| start_index | Start index Index of the starting token in the incoming URI. |
integer | |
| str_value | Str value Constant string to use as a token. |
string | |
| type | Type Token type for constructing the URI. Enum options - URI_TOKEN_TYPE_HOST, URI_TOKEN_TYPE_PATH, URI_TOKEN_TYPE_STRING, URI_TOKEN_TYPE_STRING_GROUP, URI_TOKEN_TYPE_REGEX. |
ALBURITokenType | Required |
ALBURIParamType (schema)
URIParamType type
Valid ENUM values for ALBURIParamType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBURIParamType | URIParamType type Valid ENUM values for ALBURIParamType |
string | Enum: URI_PARAM_TYPE_TOKENIZED |
ALBURITokenType (schema)
URITokenType type
Valid ENUM values for ALBURITokenType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBURITokenType | URITokenType type Valid ENUM values for ALBURITokenType |
string | Enum: URI_TOKEN_TYPE_HOST, URI_TOKEN_TYPE_PATH, URI_TOKEN_TYPE_STRING, URI_TOKEN_TYPE_STRING_GROUP, URI_TOKEN_TYPE_REGEX |
ALBVSDataScript (schema)
VSDataScript
Advanced load balancer VSDataScript object
| Name | Description | Type | Notes |
|---|---|---|---|
| evt | Evt Event triggering execution of datascript. Enum options - VS_DATASCRIPT_EVT_HTTP_REQ, VS_DATASCRIPT_EVT_HTTP_RESP, VS_DATASCRIPT_EVT_HTTP_RESP_DATA, VS_DATASCRIPT_EVT_HTTP_LB_FAILED, VS_DATASCRIPT_EVT_HTTP_REQ_DATA, VS_DATASCRIPT_EVT_HTTP_RESP_FAILED, VS_DATASCRIPT_EVT_HTTP_LB_DONE, VS_DATASCRIPT_EVT_HTTP_AUTH, VS_DATASCRIPT_EVT_HTTP_POST_AUTH, VS_DATASCRIPT_EVT_TCP_CLIENT_ACCEPT, VS_DATASCRIPT_EVT_SSL_HANDSHAKE_DONE, VS_DATASCRIPT_EVT_DNS_REQ, VS_DATASCRIPT_EVT_DNS_RESP, VS_DATASCRIPT_EVT_L4_REQUEST, VS_DATASCRIPT_EVT_L4_RESPONSE, VS_DATASCRIPT_EVT_MAX. Allowed in Basic(Allowed values- VS_DATASCRIPT_EVT_HTTP_REQ) edition, Enterprise edition. |
ALBVSDataScriptEvent | Required |
| script | Script Datascript to execute when the event triggers. |
string | Required |
ALBVSDataScriptEvent (schema)
VSDataScriptEvent type
Valid ENUM values for ALBVSDataScriptEvent
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBVSDataScriptEvent | VSDataScriptEvent type Valid ENUM values for ALBVSDataScriptEvent |
string | Enum: VS_DATASCRIPT_EVT_HTTP_REQ, VS_DATASCRIPT_EVT_HTTP_RESP, VS_DATASCRIPT_EVT_HTTP_RESP_DATA, VS_DATASCRIPT_EVT_HTTP_LB_FAILED, VS_DATASCRIPT_EVT_HTTP_REQ_DATA, VS_DATASCRIPT_EVT_HTTP_RESP_FAILED, VS_DATASCRIPT_EVT_HTTP_LB_DONE, VS_DATASCRIPT_EVT_HTTP_AUTH, VS_DATASCRIPT_EVT_HTTP_POST_AUTH, VS_DATASCRIPT_EVT_TCP_CLIENT_ACCEPT, VS_DATASCRIPT_EVT_SSL_HANDSHAKE_DONE, VS_DATASCRIPT_EVT_DNS_REQ, VS_DATASCRIPT_EVT_DNS_RESP, VS_DATASCRIPT_EVT_L4_REQUEST, VS_DATASCRIPT_EVT_L4_RESPONSE, VS_DATASCRIPT_EVT_MAX |
ALBVSDataScriptSet (schema)
VSDataScriptSet
Advanced load balancer VSDataScriptSet object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| created_by | Created by Creator name. |
string | |
| datascript | Datascript DataScripts to execute. |
array of ALBVSDataScript | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ipgroup_paths | Ipgroup paths path of IP Groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type IpAddrGroup. |
array of string | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| pool_group_paths | Pool group paths path of pool groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type PoolGroup. |
array of string | |
| pool_paths | Pool paths path of pools that could be referred by VSDataScriptSet objects. It is a reference to an object of type Pool. |
array of string | |
| protocol_parser_paths | Protocol parser paths List of protocol parsers that could be referred by VSDataScriptSet objects. It is a reference to an object of type ProtocolParser. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of string | |
| rate_limiters | Rate limiters The Rate Limit definitions needed for this DataScript. The name is composed of the Virtual Service name and the DataScript name. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRateLimiter | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBVSDataScriptSet | string | |
| string_group_paths | String group paths path of String Groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type StringGroup. |
array of string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBVSDataScriptSetApiResponse (schema)
VSDataScriptSetApiResponse
VSDataScriptSetApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of VSDataScriptSet Array of VSDataScriptSet |
array of ALBVSDataScriptSet | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBVSDataScripts (schema)
VSDataScripts
Advanced load balancer VSDataScripts object
| Name | Description | Type | Notes |
|---|---|---|---|
| index | Index Index of the virtual service datascript collection. |
integer | Required |
| vs_datascript_set_path | Vs datascript set path path of the virtual service datascript collection. It is a reference to an object of type VSDataScriptSet. |
string | Required |
ALBVip (schema)
Vip
Advanced load balancer Vip object
| Name | Description | Type | Notes |
|---|---|---|---|
| auto_allocate_floating_ip | Auto allocate floating ip Auto-allocate floating/elastic IP from the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| auto_allocate_ip | Auto allocate ip Auto-allocate VIP from the provided subnet. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| auto_allocate_ip_type | Auto allocate ip type Specifies whether to auto-allocate only a V4 address, only a V6 address, or one of each type. Enum options - V4_ONLY, V6_ONLY, V4_V6. Allowed in Basic(Allowed values- V4_ONLY) edition, Essentials(Allowed values- V4_ONLY) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as V4_ONLY. |
ALBIpAddressVersions | Default: "V4_ONLY" |
| availability_zone | Availability zone Availability-zone to place the Virtual Service. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| avi_allocated_fip | Avi allocated fip (internal-use) FIP allocated by Avi in the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| avi_allocated_vip | Avi allocated vip (internal-use) VIP allocated by Avi in the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| discovered_networks | Discovered networks Discovered networks providing reachability for client facing Vip IP. |
array of ALBDiscoveredNetwork | |
| enabled | Enabled Enable or disable the Vip. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| floating_ip | Floating ip Floating IPv4 to associate with this Vip. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBIpAddr | |
| floating_ip6 | Floating ip6 Floating IPv6 address to associate with this Vip. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBIpAddr | |
| floating_subnet6_uuid | Floating subnet6 uuid If auto_allocate_floating_ip is True and more than one floating-ip subnets exist, then the subnet for the floating IPv6 address allocation. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| floating_subnet_uuid | Floating subnet uuid If auto_allocate_floating_ip is True and more than one floating-ip subnets exist, then the subnet for the floating IP address allocation. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| ip6_address | Ip6 address IPv6 Address of the Vip. |
ALBIpAddr | |
| ip_address | Ip address IPv4 Address of the VIP. |
ALBIpAddr | |
| ipam_network_subnet | Ipam network subnet Subnet and/or Network for allocating VirtualService IP by IPAM Provider module. |
ALBIPNetworkSubnet | |
| network_name | Network name Manually override the network on which the Vip is placed. It is a reference to an object of type Network. |
string | |
| placement_networks | Placement networks Placement networks/subnets to use for vip placement. Maximum of 10 items allowed. |
array of ALBVipPlacementNetwork | |
| port_uuid | Port uuid (internal-use) Network port assigned to the Vip IP address. |
string | |
| prefix_length | Prefix length Mask applied for the Vip, non-default mask supported only for wildcard Vip. Allowed values are 0-32. Allowed in Basic(Allowed values- 32) edition, Essentials(Allowed values- 32) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 32. |
integer | Minimum: 0 Maximum: 32 Default: "32" |
| subnet | Subnet Subnet providing reachability for client facing Vip IP. |
ALBIpAddrPrefix | |
| subnet6 | Subnet6 Subnet providing reachability for client facing Vip IPv6. Allowed in Essentials edition, Enterprise edition. |
ALBIpAddrPrefix | |
| subnet6_uuid | Subnet6 uuid If auto_allocate_ip is True, then the subnet for the Vip IPv6 address allocation. This field is applicable only if the VirtualService belongs to an Openstack or AWS cloud, in which case it is mandatory, if auto_allocate is selected. Allowed in Essentials edition, Enterprise edition. |
string | |
| subnet_uuid | Subnet uuid If auto_allocate_ip is True, then the subnet for the Vip IP address allocation. This field is applicable only if the VirtualService belongs to an Openstack or AWS cloud, in which case it is mandatory, if auto_allocate is selected. |
string | |
| vip_id | Vip id Unique ID associated with the vip. |
string | Required |
ALBVipPlacementNetwork (schema)
VipPlacementNetwork
Advanced load balancer VipPlacementNetwork object
| Name | Description | Type | Notes |
|---|---|---|---|
| network_name | Network name Network to use for vip placement. It is a reference to an object of type Network. |
string | |
| subnet | Subnet IPv4 Subnet to use for vip placement. |
ALBIpAddrPrefix | |
| subnet6 | Subnet6 IPv6 subnet to use for vip placement. |
ALBIpAddrPrefix |
ALBVirtualService (schema)
VirtualService
Advanced load balancer VirtualService object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| active_standby_se_tag | Active standby se tag This configuration only applies if the VirtualService is in Legacy Active Standby HA mode and Load Distribution among Active Standby is enabled. This field is used to tag the VirtualService so that VirtualServices with the same tag will share the same Active ServiceEngine. VirtualServices with different tags will have different Active ServiceEngines. If one of the ServiceEngine's in the ServiceEngineGroup fails, all VirtualServices will end up using the same Active ServiceEngine. Redistribution of the VirtualServices can be either manual or automated when the failed ServiceEngine recovers. Redistribution is based on the auto redistribute property of the ServiceEngineGroup. Enum options - ACTIVE_STANDBY_SE_1, ACTIVE_STANDBY_SE_2. Default value when not specified in API or module is interpreted by ALB Controller as ACTIVE_STANDBY_SE_1. |
ALBActiveStandbySeTag | Default: "ACTIVE_STANDBY_SE_1" |
| advertise_down_vs | Advertise down vs Keep advertising Virtual Service via BGP even if it is marked down by health monitor. This setting takes effect for future Virtual Service flaps. To advertise current VSes that are down, please disable and re-enable the Virtual Service. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| allow_invalid_client_cert | Allow invalid client cert Process request even if invalid client certificate is presented. Datascript APIs need to be used for processing of such requests. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| analytics_policy | Analytics policy Determines analytics settings for the application. |
ALBAnalyticsPolicy | |
| analytics_profile_path | Analytics profile path Specifies settings related to analytics. It is a reference to an object of type AnalyticsProfile. |
string | |
| apic_contract_graph | Apic contract graph The name of the Contract/Graph associated with the Virtual Service. Should be in the This is applicable only for Service Integration mode with Cisco APIC Controller. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| application_profile_path | Application profile path Enable application layer specific features for the Virtual Service. It is a reference to an object of type ApplicationProfile. Special default for Essentials edition is System-L4-Application. |
string | |
| azure_availability_set | Azure availability set (internal-use)Applicable for Azure only. Azure Availability set to which this VS is associated. Internally set by the cloud connector. |
string | |
| bgp_peer_labels | Bgp peer labels Select BGP peers, using peer label, for VsVip advertisement. Maximum of 128 items allowed. |
array of string | |
| bulk_sync_kvcache | Bulk sync kvcache (This is a beta feature). Sync Key-Value cache to the new SEs when VS is scaled out. For ex SSL sessions are stored using VS's Key-Value cache. When the VS is scaled out, the SSL session information is synced to the new SE, allowing existing SSL sessions to be reused on the new SE. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| client_auth | Client auth HTTP authentication configuration for protected resources. |
ALBHTTPClientAuthenticationParams | |
| close_client_conn_on_config_update | Close client conn on config update close client connection on vs config update. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| cloud_config_cksum | Cloud config cksum Checksum of cloud configuration for VS. Internally set by cloud connector. |
string | |
| cloud_name | Cloud name It is a reference to an object of type Cloud. |
string | |
| cloud_type | Cloud type Enum options - CLOUD_NONE, CLOUD_VCENTER, CLOUD_OPENSTACK, CLOUD_AWS, CLOUD_VCA, CLOUD_APIC, CLOUD_MESOS, CLOUD_LINUXSERVER, CLOUD_DOCKER_UCP, CLOUD_RANCHER, CLOUD_OSHIFT_K8S, CLOUD_AZURE, CLOUD_GCP, CLOUD_NSXT. Allowed in Basic(Allowed values- CLOUD_NONE,CLOUD_NSXT) edition, Essentials(Allowed values- CLOUD_NONE,CLOUD_VCENTER) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as CLOUD_NONE. |
ALBCloudType | Default: "CLOUD_NONE" |
| connections_rate_limit | Connections rate limit Rate limit the incoming connections to this virtual service. |
ALBRateProfile | |
| content_rewrite | Content rewrite Profile used to match and rewrite strings in request and/or response body. |
ALBContentRewriteProfile | |
| created_by | Created by Creator name. |
string | |
| delay_fairness | Delay fairness Select the algorithm for QoS fairness. This determines how multiple Virtual Services sharing the same Service Engines will prioritize traffic over a congested network. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_info | Dns info Service discovery specific data including fully qualified domain name, type and Time-To-Live of the DNS record. Note that only one of fqdn and dns_info setting is allowed. Maximum of 1000 items allowed. |
array of ALBDnsInfo | |
| dns_policies | Dns policies DNS Policies applied on the dns traffic of the Virtual Service. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBDnsPolicies | |
| east_west_placement | East west placement Force placement on all SE's in service group (Mesos mode only). Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_autogw | Enable autogw Response traffic to clients will be sent back to the source MAC address of the connection, rather than statically sent to a default gateway. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_rhi | Enable rhi Enable Route Health Injection using the BGP Config in the vrf context. |
boolean | |
| enable_rhi_snat | Enable rhi snat Enable Route Health Injection for Source NAT'ted floating IP Address using the BGP Config in the vrf context. |
boolean | |
| enabled | Enabled Enable or disable the Virtual Service. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| error_page_profile_path | Error page profile path Error Page Profile to be used for this virtualservice.This profile is used to send the custom error page to the client generated by the proxy. It is a reference to an object of type ErrorPageProfile. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| flow_dist | Flow dist Criteria for flow distribution among SEs. Enum options - LOAD_AWARE, CONSISTENT_HASH_SOURCE_IP_ADDRESS, CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT. Allowed in Basic(Allowed values- LOAD_AWARE) edition, Essentials(Allowed values- LOAD_AWARE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LOAD_AWARE. |
ALBSeFlowDist | Default: "LOAD_AWARE" |
| flow_label_type | Flow label type Criteria for flow labelling. Enum options - NO_LABEL, APPLICATION_LABEL, SERVICE_LABEL. Default value when not specified in API or module is interpreted by ALB Controller as NO_LABEL. |
ALBFlowLabelType | Default: "NO_LABEL" |
| fqdn | Fqdn DNS resolvable, fully qualified domain name of the virtualservice. Only one of 'fqdn' and 'dns_info' configuration is allowed. |
string | |
| group_paths | Group paths A list of NSX Groups representing the Clients which can access the Virtual IP of the Virtual Service. |
array of string | |
| host_name_xlate | Host name xlate Translate the host name sent to the servers to this value. Translate the host name sent from servers back to the value used by the client. |
string | |
| http_policies | Http policies HTTP Policies applied on the data traffic of the Virtual Service. |
array of ALBHTTPPolicies | |
| id | Unique identifier of this resource | string | Sortable |
| ign_pool_net_reach | Ign pool net reach Ignore Pool servers network reachability constraints for Virtual Service placement. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| l4_policies | L4 policies L4 Policies applied to the data traffic of the Virtual Service. |
array of ALBL4Policies | |
| limit_doser | Limit doser Limit potential DoS attackers who exceed max_cps_per_client significantly to a fraction of max_cps_per_client for a while. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| max_cps_per_client | Max cps per client Maximum connections per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1000 Default: "0" |
| min_pools_up | Min pools up Minimum number of UP pools to mark VS up. |
integer | |
| network_profile_path | Network profile path Determines network settings such as protocol, TCP or UDP, and related options for the protocol. It is a reference to an object of type NetworkProfile. Special default for Essentials edition is System-TCP-Fast-Path. |
string | |
| network_security_policy_path | Network security policy path Network security policies for the Virtual Service. It is a reference to an object of type NetworkSecurityPolicy. |
string | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| performance_limits | Performance limits Optional settings that determine performance limits like max connections or bandwdith etc. |
ALBPerformanceLimits | |
| pool_group_path | Pool group path The pool group is an object that contains pools. It is a reference to an object of type PoolGroup. |
string | |
| pool_path | Pool path The pool is an object that contains destination servers and related attributes such as load-balancing and persistence. It is a reference to an object of type Pool. |
string | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remove_listening_port_on_vs_down | Remove listening port on vs down Remove listening port if VirtualService is down. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| requests_rate_limit | Requests rate limit Rate limit the incoming requests to this virtual service. |
ALBRateProfile | |
| resource_type | Must be set to the value ALBVirtualService | string | |
| saml_sp_config | Saml sp config Application-specific SAML config. Allowed in Basic edition, Essentials edition, Enterprise edition. |
ALBSAMLSPConfig | |
| se_group_name | Se group name The Service Engine Group to use for this Virtual Service. Moving to a new SE Group is disruptive to existing connections for this VS. It is a reference to an object of type ServiceEngineGroup. |
string | |
| security_policy_path | Security policy path Security policy applied on the traffic of the Virtual Service. This policy is used to perform security actions such as Distributed Denial of Service (DDoS) attack mitigation, etc. It is a reference to an object of type SecurityPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| server_network_profile_path | Server network profile path Determines the network settings profile for the server side of TCP proxied connections. Leave blank to use the same settings as the client to VS side of the connection. It is a reference to an object of type NetworkProfile. |
string | |
| service_metadata | Service metadata Metadata pertaining to the Service provided by this virtual service. In Openshift/Kubernetes environments, egress pod info is stored. Any user input to this field will be overwritten by Avi Vantage. |
string | |
| service_pool_select | Service pool select Select pool based on destination port. |
array of ALBServicePoolSelector | |
| services | Services List of Services defined for this Virtual Service. Maximum of 2048 items allowed. |
array of ALBService | |
| sideband_profile | Sideband profile Sideband configuration to be used for this virtualservice.It can be used for sending traffic to sideband VIPs for external inspection etc. |
ALBSidebandProfile | |
| snat_ip | Snat ip NAT'ted floating source IP Address(es) for upstream connection to servers. Maximum of 32 items allowed. |
array of ALBIpAddr | |
| sp_pool_paths | Sp pool paths GSLB pools used to manage site-persistence functionality. Each site-persistence pool contains the virtualservices in all the other sites, that is auto-generated by the GSLB manager. This is a read-only field for the user. It is a reference to an object of type Pool. |
array of string | |
| ssl_key_and_certificate_paths | Ssl key and certificate paths Select or create one or two certificates, EC and/or RSA, that will be presented to SSL/TLS terminated connections. It is a reference to an object of type SSLKeyAndCertificate. |
array of string | |
| ssl_profile_path | Ssl profile path Determines the set of SSL versions and ciphers to accept for SSL/TLS terminated connections. It is a reference to an object of type SSLProfile. |
string | |
| ssl_profile_selectors | Ssl profile selectors Select SSL Profile based on client IP address match. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBSSLProfileSelector | |
| ssl_sess_cache_avg_size | Ssl sess cache avg size Expected number of SSL session cache entries (may be exceeded). Allowed values are 1024-16383. Default value when not specified in API or module is interpreted by ALB Controller as 1024. |
integer | Minimum: 1024 Maximum: 16383 Default: "1024" |
| sso_policy_path | Sso policy path The SSO Policy attached to the virtualservice. It is a reference to an object of type SSOPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| static_dns_records | Static dns records List of static DNS records applied to this Virtual Service. These are static entries and no health monitoring is performed against the IP addresses. Maximum of 1000 items allowed. |
array of ALBDnsRecord | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| topology_policies | Topology policies Topology Policies applied on the dns traffic of the Virtual Service based onGSLB Topology algorithm. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBDnsPolicies | |
| traffic_clone_profile_path | Traffic clone profile path Server network or list of servers for cloning traffic. It is a reference to an object of type TrafficCloneProfile. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| traffic_enabled | Traffic enabled Knob to enable the Virtual Service traffic on its assigned service engines. This setting is effective only when the enabled flag is set to True. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| type | Type Specify if this is a normal Virtual Service, or if it is the parent or child of an SNI-enabled virtual hosted Virtual Service. Enum options - VS_TYPE_NORMAL, VS_TYPE_VH_PARENT, VS_TYPE_VH_CHILD. Allowed in Basic(Allowed values- VS_TYPE_NORMAL,VS_TYPE_VH_PARENT) edition, Essentials(Allowed values- VS_TYPE_NORMAL) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as VS_TYPE_NORMAL. |
ALBVirtualServiceType | Default: "VS_TYPE_NORMAL" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| use_bridge_ip_as_vip | Use bridge ip as vip Use Bridge IP as VIP on each Host in Mesos deployments. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| use_vip_as_snat | Use vip as snat Use the Virtual IP as the SNAT IP for health monitoring and sending traffic to the backend servers instead of the Service Engine interface IP. The caveat of enabling this option is that the VirtualService cannot be configured in an Active-Active HA mode. DNS based Multi VIP solution has to be used for HA & Non-disruptive Upgrade purposes. Allowed in Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| vh_domain_name | Vh domain name The exact name requested from the client's SNI-enabled TLS hello domain name field. If this is a match, the parent VS will forward the connection to this child VS. |
array of string | |
| vh_parent_vs_uuid | Vh parent vs uuid Specifies the Virtual Service acting as Virtual Hosting (SNI) parent. |
string | |
| vip | Vip List of Virtual Service IPs. While creating a 'Shared VS',please use vsvip_ref to point to the shared entities. |
array of ALBVip | |
| vrf_context_name | Vrf context name Virtual Routing Context that the Virtual Service is bound to. This is used to provide the isolation of the set of networks the application is attached to. It is a reference to an object of type VrfContext. |
string | |
| vs_datascripts | Vs datascripts Datascripts applied on the data traffic of the Virtual Service. |
array of ALBVSDataScripts | |
| vsvip_path | Vsvip path Mostly used during the creation of Shared VS, this field refers to entities that can be shared across Virtual Services. It is a reference to an object of type VsVip. |
string | |
| waf_policy_path | Waf policy path WAF policy for the Virtual Service. It is a reference to an object of type WafPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition. |
string | |
| weight | Weight The Quality of Service weight to assign to traffic transmitted from this Virtual Service. A higher weight will prioritize traffic versus other Virtual Services sharing the same Service Engines. Allowed values are 1-128. Allowed in Basic(Allowed values- 1) edition, Essentials(Allowed values- 1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1. |
integer | Minimum: 1 Maximum: 128 Default: "1" |
ALBVirtualServiceApiResponse (schema)
VirtualServiceApiResponse
VirtualServiceApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of VirtualService Array of VirtualService |
array of ALBVirtualService | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBVirtualServiceType (schema)
VirtualServiceType type
Valid ENUM values for ALBVirtualServiceType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBVirtualServiceType | VirtualServiceType type Valid ENUM values for ALBVirtualServiceType |
string | Enum: VS_TYPE_NORMAL, VS_TYPE_VH_PARENT, VS_TYPE_VH_CHILD |
ALBVsVip (schema)
VsVip
Advanced load balancer VsVip object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| bgp_peer_labels | Bgp peer labels Select BGP peers, using peer label, for VsVip advertisement. Maximum of 128 items allowed. |
array of string | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cloud_name | Cloud name It is a reference to an object of type Cloud. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_info | Dns info Service discovery specific data including fully qualified domain name, type and Time-To-Live of the DNS record. Maximum of 1000 items allowed. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBDnsInfo | |
| east_west_placement | East west placement Force placement on all Service Engines in the Service Engine Group (Container clouds only). Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBVsVip | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tier1_path | Tier1 path This sets the placement scope of virtualservice to given tier1 logical router in Nsx-t. |
string | |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| use_standard_alb | Use standard alb This overrides the cloud level default and needs to match the SE Group value in which it will be used if the SE Group use_standard_alb value is set. This is only used when FIP is used for VS on Azure Cloud. Allowed in Basic edition, Essentials edition, Enterprise edition. |
boolean | |
| vip | Vip List of Virtual Service IPs and other shareable entities. |
array of ALBVip | |
| vrf_context_name | Vrf context name Virtual Routing Context that the Virtual Service is bound to. This is used to provide the isolation of the set of networks the application is attached to. It is a reference to an object of type VrfContext. |
string | |
| vsvip_cloud_config_cksum | Vsvip cloud config cksum Checksum of cloud configuration for VsVip. Internally set by cloud connector. |
string |
ALBVsVipApiResponse (schema)
VsVipApiResponse
VsVipApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of VsVip Array of VsVip |
array of ALBVsVip | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBWafAction (schema)
WafAction type
Valid ENUM values for ALBWafAction
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafAction | WafAction type Valid ENUM values for ALBWafAction |
string | Enum: WAF_ACTION_NO_OP, WAF_ACTION_BLOCK, WAF_ACTION_ALLOW_PARAMETER |
ALBWafApplicationSignatures (schema)
WafApplicationSignatures
Advanced load balancer WafApplicationSignatures object
| Name | Description | Type | Notes |
|---|---|---|---|
| rule_overrides | Rule overrides Override attributes of application signature rules. |
array of ALBWafRuleOverrides | |
| ruleset_version | Ruleset version The version in use of the provided ruleset. |
string | |
| selected_applications | Selected applications List of applications for which we use the rules from the WafApplicationSignatureProvider. Maximum of 8 items allowed. |
array of string |
ALBWafCRS (schema)
WafCRS
Advanced load balancer WafCRS object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| groups | Groups WAF Rules are sorted in groups based on their characterization. Maximum of 64 items allowed. |
array of ALBWafRuleGroup | |
| id | Unique identifier of this resource | string | Sortable |
| integrity | Integrity Integrity protection value. |
string | Required |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| release_date | Release date The release date of this version in RFC 3339 / ISO 8601 format. |
string | Required |
| resource_type | Must be set to the value ALBWafCRS | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| version | Version The version of this ruleset object. |
string | Required |
ALBWafCRSApiResponse (schema)
WafCRSApiResponse
WafCRSApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of WafCRS Array of WafCRS |
array of ALBWafCRS | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBWafConfig (schema)
WafConfig
Advanced load balancer WafConfig object
| Name | Description | Type | Notes |
|---|---|---|---|
| allowed_http_versions | Allowed http versions WAF allowed HTTP Versions. Enum options - ZERO_NINE, ONE_ZERO, ONE_ONE, TWO_ZERO. Maximum of 8 items allowed. |
array of ALBHTTPVersion | |
| allowed_methods | Allowed methods WAF allowed HTTP methods. Enum options - HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK. |
array of ALBHTTPMethod | |
| allowed_request_content_types | Allowed request content types WAF allowed Content Types. Maximum of 64 items allowed. |
array of string | |
| argument_separator | Argument separator Argument seperator. Default value when not specified in API or module is interpreted by ALB Controller as &. |
string | Default: "&" |
| client_request_max_body_size | Client request max body size Maximum size for the client request body scanned by WAF. Allowed values are 1-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 32. |
integer | Minimum: 1 Maximum: 32768 Default: "32" |
| cookie_format_version | Cookie format version 0 For Netscape Cookies. 1 For version 1 cookies. Allowed values are 0-1. Default value when not specified in API or module is interpreted by ALB Controller as 0. |
integer | Minimum: 0 Maximum: 1 Default: "0" |
| ignore_incomplete_request_body_error | Ignore incomplete request body error Ignore request body parsing errors due to partial scanning. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| max_execution_time | Max execution time The maximum period of time WAF processing is allowed to take for a single request. A value of 0 (zero) means no limit and should not be chosen in production deployments. It is only used for exceptional situations where crashes of se_dp processes are acceptable. The behavior of the system if this time is exceeded depends on two other configuration settings, the WAF policy mode and the WAF failure mode. In WAF policy mode 'Detection', the request is allowed and flagged for both failure mode 'Closed' and 'Open'. In enforcement node, 'Closed' means the request is rejected, 'Open' means the request is allowed and flagged. Irrespective of these settings, no subsequent WAF rules of this or other phases will be executed once the maximum execution time has been exceeded. Allowed values are 0-5000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 50. |
integer | Minimum: 0 Maximum: 5000 Default: "50" |
| regex_match_limit | Regex match limit Limit CPU utilization for each regular expression match when processing rules. Default value when not specified in API or module is interpreted by ALB Controller as 30000. |
integer | Default: "30000" |
| regex_recursion_limit | Regex recursion limit Limit depth of recursion for each regular expression match when processing rules. Default value when not specified in API or module is interpreted by ALB Controller as 10000. |
integer | Default: "10000" |
| request_body_default_action | Request body default action WAF default action for Request Body Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:2,deny,status:403,log,auditlog. |
string | Default: "phase:2,deny,status:403,log,auditlog" |
| request_hdr_default_action | Request hdr default action WAF default action for Request Header Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:1,deny,status:403,log,auditlog. |
string | Default: "phase:1,deny,status:403,log,auditlog" |
| response_body_default_action | Response body default action WAF default action for Response Body Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:4,deny,status:403,log,auditlog. |
string | Default: "phase:4,deny,status:403,log,auditlog" |
| response_hdr_default_action | Response hdr default action WAF default action for Response Header Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:3,deny,status:403,log,auditlog. |
string | Default: "phase:3,deny,status:403,log,auditlog" |
| restricted_extensions | Restricted extensions WAF Restricted File Extensions. Maximum of 256 items allowed. |
array of string | |
| restricted_headers | Restricted headers WAF Restricted HTTP Headers. Maximum of 64 items allowed. |
array of string | |
| server_response_max_body_size | Server response max body size Maximum size for response body scanned by WAF. Allowed values are 1-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 128. |
integer | Minimum: 1 Maximum: 32768 Default: "128" |
| static_extensions | Static extensions WAF Static File Extensions. GET and HEAD requests with no query args and one of these extensions are allowed and not checked by the ruleset. Maximum of 64 items allowed. |
array of string | |
| status_code_for_rejected_requests | Status code for rejected requests HTTP status code used by WAF Positive Security Model when rejecting a request. Enum options - HTTP_RESPONSE_CODE_0, HTTP_RESPONSE_CODE_100, HTTP_RESPONSE_CODE_101, HTTP_RESPONSE_CODE_200, HTTP_RESPONSE_CODE_201, HTTP_RESPONSE_CODE_202, HTTP_RESPONSE_CODE_203, HTTP_RESPONSE_CODE_204, HTTP_RESPONSE_CODE_205, HTTP_RESPONSE_CODE_206, HTTP_RESPONSE_CODE_300, HTTP_RESPONSE_CODE_301, HTTP_RESPONSE_CODE_302, HTTP_RESPONSE_CODE_303, HTTP_RESPONSE_CODE_304, HTTP_RESPONSE_CODE_305, HTTP_RESPONSE_CODE_307, HTTP_RESPONSE_CODE_400, HTTP_RESPONSE_CODE_401, HTTP_RESPONSE_CODE_402... Default value when not specified in API or module is interpreted by ALB Controller as HTTP_RESPONSE_CODE_403. |
ALBHTTPResponseCodes | Default: "HTTP_RESPONSE_CODE_403" |
| xml_xxe_protection | Xml xxe protection Block or flag XML requests referring to External Entities. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
ALBWafDataFile (schema)
WafDataFile
Advanced load balancer WafDataFile object
| Name | Description | Type | Notes |
|---|---|---|---|
| data | Data Stringified WAF File Data. |
string | Required |
| name | Name WAF Data File Name. |
string | Required |
| type | Type WAF data file type. Enum options - WAF_DATAFILE_PM_FROM_FILE, WAF_DATAFILE_DTD, WAF_DATAFILE_XSD. Default value when not specified in API or module is interpreted by ALB Controller as WAF_DATAFILE_PM_FROM_FILE. |
ALBWafDataFileType | Default: "WAF_DATAFILE_PM_FROM_FILE" |
ALBWafDataFileType (schema)
WafDataFileType type
Valid ENUM values for ALBWafDataFileType
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafDataFileType | WafDataFileType type Valid ENUM values for ALBWafDataFileType |
string | Enum: WAF_DATAFILE_PM_FROM_FILE, WAF_DATAFILE_DTD, WAF_DATAFILE_XSD |
ALBWafExcludeListEntry (schema)
WafExcludeListEntry
Advanced load balancer WafExcludeListEntry object
| Name | Description | Type | Notes |
|---|---|---|---|
| client_subnet | Client subnet Client IP Subnet to exclude for WAF rules. |
ALBIpAddrPrefix | |
| description | Description Free-text comment about this exclusion. |
string | |
| match_element | Match element The match_element can be 'ARGS xxx', 'ARGS_GET xxx', 'ARGS_POST xxx', 'ARGS_NAMES xxx', 'FILES xxx', 'QUERY_STRING', 'REQUEST_BASENAME', 'REQUEST_BODY', 'REQUEST_URI', 'REQUEST_URI_RAW', 'REQUEST_COOKIES xxx', 'REQUEST_HEADERS xxx' or 'RESPONSE_HEADERS xxx'. These match_elements in the HTTP Transaction (if present) will be excluded when executing WAF Rules. |
string | |
| match_element_criteria | Match element criteria Criteria for match_element matching. |
ALBWafExclusionType | |
| uri_match_criteria | Uri match criteria Criteria for URI matching. |
ALBWafExclusionType | |
| uri_path | Uri path URI Path to exclude for WAF rules. |
string |
ALBWafExclusionType (schema)
WafExclusionType
Advanced load balancer WafExclusionType object
| Name | Description | Type | Notes |
|---|---|---|---|
| match_case | Match case Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as SENSITIVE. |
ALBMatchCase | Default: "SENSITIVE" |
| match_op | Match op String Operation to use for matching the Exclusion. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Default value when not specified in API or module is interpreted by ALB Controller as EQUALS. |
ALBStringOperation | Default: "EQUALS" |
ALBWafFailureMode (schema)
WafFailureMode type
Valid ENUM values for ALBWafFailureMode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafFailureMode | WafFailureMode type Valid ENUM values for ALBWafFailureMode |
string | Enum: WAF_FAILURE_MODE_OPEN, WAF_FAILURE_MODE_CLOSED |
ALBWafMode (schema)
WafMode type
Valid ENUM values for ALBWafMode
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafMode | WafMode type Valid ENUM values for ALBWafMode |
string | Enum: WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT |
ALBWafPSMLocation (schema)
WafPSMLocation
Advanced load balancer WafPSMLocation object
| Name | Description | Type | Notes |
|---|---|---|---|
| description | Description Free-text comment about this location. |
string | |
| index | Index Location index, this is used to determine the order of the locations. |
integer | Required |
| match | Match Apply these rules only if the request is matching this description. |
ALBWafPSMLocationMatch | |
| name | Name User defined name for this location, it must be unique in the group. |
string | Required |
| rules | Rules A list of rules which should be applied on this location. Maximum of 1024 items allowed. |
array of ALBWafPSMRule |
ALBWafPSMLocationMatch (schema)
WafPSMLocationMatch
Advanced load balancer WafPSMLocationMatch object
| Name | Description | Type | Notes |
|---|---|---|---|
| host | Host Apply the rules only to requests that match the specified Host header. If this is not set, the host header will not be checked. |
ALBHostHdrMatch | |
| methods | Methods Apply the rules only to requests that have the specified methods. If this is not set, the method will not be checked. |
ALBMethodMatch | |
| path | Path Apply the rules only to requests that match the specified URI. If this is not set, the path will not be checked. |
ALBPathMatch |
ALBWafPSMMatchElement (schema)
WafPSMMatchElement
Advanced load balancer WafPSMMatchElement object
| Name | Description | Type | Notes |
|---|---|---|---|
| excluded | Excluded Mark this element excluded, like in '!ARGS password'. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| index | Index Match_element index. |
integer | Required |
| name | Name The variable specification. For example ARGS or REQUEST_COOKIES. This can be a scalar like PATH_INFO. Enum options - WAF_VARIABLE_ARGS, WAF_VARIABLE_ARGS_GET, WAF_VARIABLE_ARGS_POST, WAF_VARIABLE_ARGS_NAMES, WAF_VARIABLE_REQUEST_COOKIES, WAF_VARIABLE_QUERY_STRING, WAF_VARIABLE_REQUEST_BASENAME, WAF_VARIABLE_REQUEST_URI, WAF_VARIABLE_PATH_INFO. |
ALBWafVariable | Required |
| sub_element | Sub element The name of the request collection element. This can be empty, if we address the whole collection or a scalar element. |
string |
ALBWafPSMRule (schema)
WafPSMRule
Advanced load balancer WafPSMRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| description | Description Free-text comment about this rule. |
string | |
| enable | Enable Enable or disable this rule. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| index | Index Rule index, this is used to determine the order of the rules. |
integer | Required |
| match_case | Match case The field match_value_pattern regular expression is case sensitive. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. |
ALBMatchCase | Default: "INSENSITIVE" |
| match_elements | Match elements The match elements, for example ARGS id or ARGS|!ARGS password. Maximum of 64 items allowed. |
array of ALBWafPSMMatchElement | |
| match_value_max_length | Match value max length The maximum allowed length of the match_value. If this is not set, the length will not be checked. |
integer | |
| match_value_pattern | Match value pattern A regular expression which describes the expected value. |
string | |
| mode | Mode WAF Rule mode. This can be detection or enforcement. If this is not set, the Policy mode is used. This only takes effect if the policy allows delegation. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. |
ALBWafMode | |
| name | Name Name of the rule. |
string | Required |
| paranoia_level | Paranoia level WAF Ruleset paranoia mode. This is used to select Rules based on the paranoia-level. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Default value when not specified in API or module is interpreted by ALB Controller as WAF_PARANOIA_LEVEL_LOW. |
ALBWafParanoiaLevel | Default: "WAF_PARANOIA_LEVEL_LOW" |
| rule_id | Rule id Id field which is used for log and metric generation. This id must be unique for all rules in this group. |
string | Required |
ALBWafParanoiaLevel (schema)
WafParanoiaLevel type
Valid ENUM values for ALBWafParanoiaLevel
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafParanoiaLevel | WafParanoiaLevel type Valid ENUM values for ALBWafParanoiaLevel |
string | Enum: WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME |
ALBWafPhase (schema)
WafPhase type
Valid ENUM values for ALBWafPhase
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafPhase | WafPhase type Valid ENUM values for ALBWafPhase |
string | Enum: WAF_PHASE_CONNECTION, WAF_PHASE_REQUEST_HEADER, WAF_PHASE_REQUEST_BODY, WAF_PHASE_RESPONSE_HEADER, WAF_PHASE_RESPONSE_BODY, WAF_PHASE_LOGGING |
ALBWafPolicy (schema)
WafPolicy
Advanced load balancer WafPolicy object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| allow_mode_delegation | Allow mode delegation Allow Rules to overwrite the policy mode. This must be set if the policy mode is set to enforcement. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| application_signatures | Application signatures Application Specific Signatures. |
ALBWafApplicationSignatures | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| confidence_override | Confidence override Configure thresholds for confidence labels. |
ALBAppLearningConfidenceOverride | |
| created_by | Created by Creator name. |
string | |
| crs_overrides | Crs overrides Override attributes for CRS rules. |
array of ALBWafRuleGroupOverrides | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_app_learning | Enable app learning Enable Application Learning for this WAF policy. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| enable_auto_rule_updates | Enable auto rule updates Enable Application Learning based rule updates on the WAF Profile. Rules will be programmed in dedicated WAF learning group. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| failure_mode | Failure mode WAF Policy failure mode. This can be 'Open' or 'Closed'. Enum options - WAF_FAILURE_MODE_OPEN, WAF_FAILURE_MODE_CLOSED. Default value when not specified in API or module is interpreted by ALB Controller as WAF_FAILURE_MODE_OPEN. |
ALBWafFailureMode | Default: "WAF_FAILURE_MODE_OPEN" |
| id | Unique identifier of this resource | string | Sortable |
| learning_params | Learning params Parameters for tuning Application learning. |
ALBAppLearningParams | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| min_confidence | Min confidence Minimum confidence label required for auto rule updates. Enum options - CONFIDENCE_VERY_HIGH, CONFIDENCE_HIGH, CONFIDENCE_PROBABLE, CONFIDENCE_LOW, CONFIDENCE_NONE. Default value when not specified in API or module is interpreted by ALB Controller as CONFIDENCE_VERY_HIGH. |
ALBAppLearningConfidenceLabel | Default: "CONFIDENCE_VERY_HIGH" |
| mode | Mode WAF Policy mode. This can be detection or enforcement. It can be overwritten by rules if allow_mode_delegation is set. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Default value when not specified in API or module is interpreted by ALB Controller as WAF_MODE_DETECTION_ONLY. |
ALBWafMode | Default: "WAF_MODE_DETECTION_ONLY" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| paranoia_level | Paranoia level WAF Ruleset paranoia mode. This is used to select Rules based on the paranoia-level tag. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Default value when not specified in API or module is interpreted by ALB Controller as WAF_PARANOIA_LEVEL_LOW. |
ALBWafParanoiaLevel | Default: "WAF_PARANOIA_LEVEL_LOW" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| positive_security_model | Positive security model The Positive Security Model. This is used to describe how the request or parts of the request should look like. It is executed in the Request Body Phase of Avi WAF. |
ALBWafPositiveSecurityModel | |
| post_crs_groups | Post crs groups WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced after the CRS groups. |
array of ALBWafRuleGroup | |
| pre_crs_groups | Pre crs groups WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced before the CRS groups. |
array of ALBWafRuleGroup | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBWafPolicy | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| waf_crs_path | Waf crs path WAF core ruleset used for the CRS part of this Policy. It is a reference to an object of type WafCRS. |
string | |
| waf_profile_path | Waf profile path WAF Profile for WAF policy. It is a reference to an object of type WafProfile. |
string | Required |
ALBWafPolicyApiResponse (schema)
WafPolicyApiResponse
WafPolicyApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of WafPolicy Array of WafPolicy |
array of ALBWafPolicy | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBWafPolicyPSMGroup (schema)
WafPolicyPSMGroup
Advanced load balancer WafPolicyPSMGroup object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable | Enable Enable or disable this WAF rule group. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| hit_action | Hit action If a rule in this group matches the match_value pattern, this action will be executed. Allowed actions are WAF_ACTION_NO_OP and WAF_ACTION_ALLOW_PARAMETER. Default value when not specified in API or module is interpreted by ALB Controller as WAF_ACTION_ALLOW_PARAMETER. |
ALBWafAction | Default: "WAF_ACTION_ALLOW_PARAMETER" |
| id | Unique identifier of this resource | string | Sortable |
| is_learning_group | Is learning group This field indicates that this group is used for learning. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| locations | Locations Positive Security Model locations. These are used to partition the application name space. Maximum of 16384 items allowed. |
array of ALBWafPSMLocation | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| miss_action | Miss action If a rule in this group does not match the match_value pattern, this action will be executed. Allowed actions are WAF_ACTION_NO_OP and WAF_ACTION_BLOCK. Default value when not specified in API or module is interpreted by ALB Controller as WAF_ACTION_NO_OP. |
ALBWafAction | Default: "WAF_ACTION_NO_OP" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBWafPolicyPSMGroup | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBWafPolicyPSMGroupApiResponse (schema)
WafPolicyPSMGroupApiResponse
WafPolicyPSMGroupApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of WafPolicyPSMGroup Array of WafPolicyPSMGroup |
array of ALBWafPolicyPSMGroup | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBWafPositiveSecurityModel (schema)
WafPositiveSecurityModel
Advanced load balancer WafPositiveSecurityModel object
| Name | Description | Type | Notes |
|---|---|---|---|
| group_paths | Group paths These groups should be used to separate different levels of concern. The order of the groups matters, one group may mark parts of the request as valid, so that subsequent groups will not check these parts. It is a reference to an object of type WafPolicyPSMGroup. Maximum of 64 items allowed. |
array of string |
ALBWafProfile (schema)
WafProfile
Advanced load balancer WafProfile object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| config | Config Config params for WAF. |
ALBWafConfig | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| files | Files List of Data Files Used for WAF Rules. Maximum of 64 items allowed. |
array of ALBWafDataFile | |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBWafProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ALBWafProfileApiResponse (schema)
WafProfileApiResponse
WafProfileApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of WafProfile Array of WafProfile |
array of ALBWafProfile | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBWafRule (schema)
WafRule
Advanced load balancer WafRule object
| Name | Description | Type | Notes |
|---|---|---|---|
| avi_tags | Avi tags Tags for WAF rule as per Modsec language. They are extracted from the tag actions in a Modsec rule. This field is generated from the rule itself and cannot be set by the user. Maximum of 64 items allowed. |
array of string | |
| enable | Enable Enable or disable WAF Rule Group. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| exclude_list | Exclude list Exclude list for the WAF rule. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Maximum of 64 items allowed. |
array of ALBWafExcludeListEntry | |
| index | Index Number of index. |
integer | Required |
| is_sensitive | Is sensitive The rule field is sensitive and will not be displayed. Default value when not specified in API or module is interpreted by ALB Controller as false. |
boolean | Default: "False" |
| mode | Mode WAF Rule mode. This can be detection or enforcement. If this is not set, the Policy mode is used. This only takes effect if the policy allows delegation. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. |
ALBWafMode | |
| name | Name User-friendly optional name for a rule. |
string | |
| phase | Phase The execution phase where this rule will be executed. Enum options - WAF_PHASE_CONNECTION, WAF_PHASE_REQUEST_HEADER, WAF_PHASE_REQUEST_BODY, WAF_PHASE_RESPONSE_HEADER, WAF_PHASE_RESPONSE_BODY, WAF_PHASE_LOGGING. |
ALBWafPhase | |
| rule | Rule Rule as per Modsec language. |
string | Required |
| rule_id | Rule id Identifier (id) for a rule per Modsec language. All SecRule and SecAction directives require an id. It is extracted from the id action in a Modsec rule. Rules within a single WAF Policy are required to have unique rule_ids. |
string |
ALBWafRuleGroup (schema)
WafRuleGroup
Advanced load balancer WafRuleGroup object
| Name | Description | Type | Notes |
|---|---|---|---|
| enable | Enable Enable or disable WAF Rule Group. Default value when not specified in API or module is interpreted by ALB Controller as true. |
boolean | Default: "True" |
| exclude_list | Exclude list Exclude list for the WAF rule group. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Maximum of 64 items allowed. |
array of ALBWafExcludeListEntry | |
| index | Index Number of index. |
integer | Required |
| name | Name Name of the object. |
string | Required |
| rules | Rules Rules as per Modsec language. Maximum of 1024 items allowed. |
array of ALBWafRule |
ALBWafRuleGroupOverrides (schema)
WafRuleGroupOverrides
Advanced load balancer WafRuleGroupOverrides object
| Name | Description | Type | Notes |
|---|---|---|---|
| enable | Enable Override the enable flag for this group. |
boolean | |
| exclude_list | Exclude list Replace the exclude list for this group. Maximum of 64 items allowed. |
array of ALBWafExcludeListEntry | |
| mode | Mode Override the waf mode for this group. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. |
ALBWafMode | |
| name | Name The name of the group where attributes or rules are overridden. |
string | Required |
| rule_overrides | Rule overrides Rule specific overrides. Maximum of 1024 items allowed. |
array of ALBWafRuleOverrides |
ALBWafRuleOverrides (schema)
WafRuleOverrides
Advanced load balancer WafRuleOverrides object
| Name | Description | Type | Notes |
|---|---|---|---|
| enable | Enable Override the enable flag for this rule. |
boolean | |
| exclude_list | Exclude list Replace the exclude list for this rule. Maximum of 64 items allowed. |
array of ALBWafExcludeListEntry | |
| mode | Mode Override the waf mode for this rule. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. |
ALBWafMode | |
| rule_id | Rule id The rule_id of the rule where attributes are overridden. |
string | Required |
ALBWafVariable (schema)
WafVariable type
Valid ENUM values for ALBWafVariable
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafVariable | WafVariable type Valid ENUM values for ALBWafVariable |
string | Enum: WAF_VARIABLE_ARGS, WAF_VARIABLE_ARGS_GET, WAF_VARIABLE_ARGS_POST, WAF_VARIABLE_ARGS_NAMES, WAF_VARIABLE_REQUEST_COOKIES, WAF_VARIABLE_QUERY_STRING, WAF_VARIABLE_REQUEST_BASENAME, WAF_VARIABLE_REQUEST_URI, WAF_VARIABLE_PATH_INFO |
ALBWebhook (schema)
Webhook
Advanced load balancer Webhook object
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| callback_url | Callback url Callback URL for the Webhook. |
string | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| markers | Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. |
array of ALBRoleFilterMatchLabel | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALBWebhook | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| verification_token | Verification token Verification token sent back with the callback asquery parameters. |
string |
ALBWebhookApiResponse (schema)
WebhookApiResponse
WebhookApiResponse
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | count count |
int | Default: "None" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Array of Webhook Array of Webhook |
array of ALBWebhook | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALGTypeNSService (schema)
An NSService element that represents an ALG protocol
| Name | Description | Type | Notes |
|---|---|---|---|
| alg | The Application Layer Gateway (ALG) protocol The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead. |
string | Required Enum: ORACLE_TNS, FTP, SUN_RPC_TCP, SUN_RPC_UDP, MS_RPC_TCP, MS_RPC_UDP, NBNS_BROADCAST, NBDG_BROADCAST, TFTP |
| destination_ports | The destination_port cannot be empty and must be a single value. | array of PortElement | Required Minimum items: 1 Maximum items: 15 |
| resource_type | Must be set to the value ALGTypeNSService | string | Required Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService |
| source_ports | Source ports | array of PortElement | Maximum items: 15 |
ALGTypeServiceEntry (schema)
An ServiceEntry that represents an ALG protocol
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alg | The Application Layer Gateway (ALG) protocol The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead. |
string | Required Enum: ORACLE_TNS, FTP, SUN_RPC_TCP, SUN_RPC_UDP, MS_RPC_TCP, MS_RPC_UDP, NBNS_BROADCAST, NBDG_BROADCAST, TFTP |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_ports | The destination_port cannot be empty and must be a single value. | array of PortElement | Required Minimum items: 1 Maximum items: 1 |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ALGTypeServiceEntry | string | Required Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry, NestedServiceServiceEntry |
| source_ports | array of PortElement | Maximum items: 15 | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AbstractSpace (schema)
The space in which policy is being defined
Represents the space in which the policy is being defined.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| connectivity_strategy | Connectivity strategy used by this tenant The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use "allow" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use "drop" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added. |
string | Deprecated Enum: WHITELIST, BLACKLIST, WHITELIST_ENABLE_LOGGING, BLACKLIST_ENABLE_LOGGING, NONE |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value AbstractSpace | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AcceptableComponentVersion (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| acceptable_versions | List of component versions | array of string | Required |
| component_type | Node type | string | Required Enum: HOST, EDGE, CCP, MP |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value AcceptableComponentVersion | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AcceptableComponentVersionList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| results | Acceptable version whitelist for different components | array of AcceptableComponentVersion | Required |
Action (schema)
Reaction Action
Reaction Action is the action to take when the stipulated criteria specified
in the event exist over the source. Some example actions include:
- Notify Admin (or VMC's SRE) via email.
- Populate a specific label with the IPSec VPN Session.
- Remove the IPSec VPN Session from a specific label.
This is an abstract type. Concrete child types:
PatchResources
SetFields
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Resource Type Reaction Action resource type. |
string | Required Enum: PatchResources, SetFields |
ActionRequest (schema)
Action request object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action to be performed Action required to be performed on intent |
string |
ActionableResource (schema)
Resources managed during restore process
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip_address | A resource reference on which actions can be performed | string | Format: hostname-or-ip |
| resource_type | Must be set to the value ActionableResource | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ActionableResourceListRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| instruction_id | Id of the instruction set whose instructions are to be returned | string | Required |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ActionableResourceListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List results | array of ActionableResource | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ActiveDirectoryIdentitySource (schema)
An Active Directory identity source service
An identity source service that runs Microsoft Active Directory. The service allows selected user accounts defined in Active Directory to log into and access NSX-T.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alternative_domain_names | Additional domains to be directed to this identity source After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes. |
array of string | |
| base_dn | DN of subtree for user and group searches The subtree of the LDAP identity source to search when locating users and groups. |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| domain_name | Authentication domain name The name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use. |
string | Required |
| id | Unique identifier of this resource | string | Sortable |
| ldap_servers | LDAP servers for this identity source The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported. |
array of IdentitySourceLdapServer | Maximum items: 3 |
| resource_type | Must be set to the value ActiveDirectoryIdentitySource | string | Required Enum: ActiveDirectoryIdentitySource, OpenLdapIdentitySource |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ActiveStandbySyncStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| description | Description of the status. | string | Required |
| full_sync_status | Status of full sync. | FullSyncStatus | Required |
| is_data_consistent | Indicates whether the data is consistent. Always returned as true when queried on an active Global Manager node. | boolean | Required |
| percentage_completed | Percentage estimate of synchronization progress. Ranges from 0 to 100. This value is only returned when queried on an active Global Manager node. | integer | |
| remaining_entries_to_send | Number of entries pending synchronization. This value is only returned when queried on an active Global Manager node. | integer | |
| standby_site | Name of standby site. | string | Required |
| status | Status of synchronization between active and standby Global Manager nodes. | string | Required Enum: UNAVAILABLE, ERROR, ONGOING, NOT_STARTED |
| sync_type | Type of synchronization currently in effect between active and standby Global Manager nodes. | string | Required Enum: UNAVAILABLE, DELTA_SYNC, FULL_SYNC |
AddALBControllerNodeVMInfo (schema)
Info for AddALBControllerNodeVM
Contains a list of Advanced Load Balancer controller node VM deployment requests.
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_requests | List of deployment requests Advanced Load Balancer Controller deployment requests to be deployed by NSX. |
array of ALBControllerNodeVMDeploymentRequest | Required Minimum items: 1 |
AddClusterNodeAction (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | string | Required Enum: add_cluster_node |
AddClusterNodeSpec (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| controller_role_config | AddControllerNodeSpec | ||
| display_name | Display name for the node | string | |
| external_id | External identifier of the node | string | |
| mgr_role_config | AddManagementNodeSpec |
AddClusterNodeVMInfo (schema)
Info for AddClusterNodeVM
Contains a list of cluster node VM deployment requests and optionally
a clustering configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_config | Configuration for auto-clustering of VMs post-deployment This property is deprecated since ClusteringConfig is no longer needed for auto-installation and will be ignored if provided. |
ClusteringConfig (Abstract type: pass one of the following concrete types) ClusteringConfig ControlClusteringConfig |
Deprecated |
| deployment_requests | List of deployment requests Cluster node VM deployment requests to be deployed by the Manager. |
array of ClusterNodeVMDeploymentRequest | Required Minimum items: 1 |
AddControllerNodeSpec (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_params | Clustering parameters for the node The details of the controller node required for cluster initialization or joining to an existing cluster. If this property is set, the node will be added to an existing cluster or used to create a new cluster. Otherwise no clustering operation/s will be performed. |
ClusteringInfo | |
| control_plane_server_certificate | Deprecated. Do not supply a value for this property. | string | Deprecated |
| host_msg_client_info | MsgClientInfo | Required | |
| mpa_msg_client_info | MsgClientInfo | Required | |
| node_id | Internal identifier of the node Only use this if an id for the node already exists with MP. If not specified, then the node_id will be set to a random id. |
string | |
| type | must be set to AddControllerNodeSpec | string | Required Enum: AddControllerNodeSpec |
AddIntelligenceClusterNodeVMInfo (schema)
Info for AddIntelligenceClusterNodeVM
Contains a list of NSX-Intelligence cluster node VM deployment requests and optionally
a clustering configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_requests | List of deployment requests Intelligence Cluster node VM deployment requests to be deployed by NSX. |
array of IntelligenceClusterNodeVMDeploymentRequest | Required Minimum items: 1 |
AddManagementNodeSpec (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cert_thumbprint | The certificate thumbprint of the remote node. | string | |
| mpa_msg_client_info | MsgClientInfo | ||
| password | The password to be used to authenticate with the remote node. | string | Required |
| remote_address | The host address of the remote node to which to send this join request. | IPAddress | Required |
| type | must be set to AddManagementNodeSpec | string | Required Enum: AddManagementNodeSpec |
| user_name | The username to be used to authenticate with the remote node. | string | Required |
AdditionalSearchParameters (schema) (Experimental)
Represents search object that provides additional search capabilities
This object presents additional search capabilities over any API through free text query string. e.g. query="Web-VM-1".
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| dsl | Search DSL (domain specific language) query It's human readable and context-based query language for retreiving information from search indices. For example: Find router where ip is 10.10.1.10 |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| query | Search query | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AddressBindingEntry (schema) (Deprecated)
Combination of IP-MAC-VLAN binding
An address binding entry is a combination of the IP-MAC-VLAN binding for
a logical port. The address bindings can be obtained via various methods
like ARP snooping, DHCP snooping etc. or by user configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| binding | Combination of IP-MAC-VLAN binding | PacketAddressClassifier | |
| binding_timestamp | Timestamp of binding Timestamp at which the binding was discovered via snooping or manually specified by the user |
EpochMsTimestamp | |
| source | Address binding source Source from which the address binding entry was obtained |
AddressBindingSource | Default: "UNKNOWN" |
AddressBindingSource (schema) (Deprecated)
Source from which the address binding is obtained
| Name | Description | Type | Notes |
|---|---|---|---|
| AddressBindingSource | Source from which the address binding is obtained | string | Deprecated Enum: INVALID, UNKNOWN, USER_DEFINED, ARP_SNOOPING, DHCP_SNOOPING, VM_TOOLS, ND_SNOOPING, DHCPV6_SNOOPING, VM_TOOLS_V6 |
AddressFamilyType (schema)
Type of Address Family
| Name | Description | Type | Notes |
|---|---|---|---|
| AddressFamilyType | Type of Address Family | string | Enum: IPV4_UNICAST, VPNV4_UNICAST, IPV6_UNICAST, L2VPN_EVPN |
AdvanceClusterRestoreInput (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| id | Unique id of an instruction (as returned by the GET /restore/status call) for which input is to be provided | string | Required Readonly |
| resources | List of resources for which the instruction is applicable. | array of SelectableResourceReference | Required |
AdvanceClusterRestoreRequest (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| data | List of instructions and their associated data | array of AdvanceClusterRestoreInput | Required |
AdvanceServiceConfig (schema)
Advanced deployment configuration
Contain optional configuration for deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| kubectl_tool | Filename of uploaded Kubernetes tools | string | Readonly |
| messaging_service_name | FQDN to access kafka messaging service pod FQDN to access kafka messaging service pod. |
string | |
| service_name | FQDN to access deployment pod FQDN to access deployment pod. |
string |
AdvertiseRule (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action to ALLOW or DENY advertisement of routes ALLOW action enables the advertisment and DENY action disables the advertisement of a filtered routes to the connected TIER0 router. |
string | Enum: DENY, ALLOW Default: "ALLOW" |
| description | Description | string | Maximum length: 1024 |
| display_name | Display name | string | Maximum length: 255 |
| networks | network(CIDR) to be routed | array of IPCIDRBlock | Required |
| rule_filter | Rule filter for the advertise rule | AdvertisementRuleFilter |
AdvertiseRuleList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| logical_router_id | Logical router id | string | Readonly |
| resource_type | Must be set to the value AdvertiseRuleList | string | |
| rules | List of advertisement rules | array of AdvertiseRule | Minimum items: 0 Default: "[]" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AdvertisementConfig (schema)
Advertisement config
Advertisement config for different types of
routes which need to be advertised from TIER1 logical
router to the linked TIER0 logical router
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| advertise_dns_forwarder | Advertise dns forwarder ips Flag to advertise all routes of dns forwarder listener ips and source ips |
boolean | Default: "False" |
| advertise_ipsec_local_ip | Advertise IPSec VPN local endpoint ips Flag to advertise all IPSec VPN local endpoint ips to linked TIER0 logical router |
boolean | Default: "False" |
| advertise_lb_snat_ip | Advertise lb SNAT ips Flag to advertise all lb SNAT ips |
boolean | Default: "False" |
| advertise_lb_vip | Advertise lb vip ips Flag to advertise lb vip ips |
boolean | Default: "False" |
| advertise_nat_routes | Advertise NAT routes Flag to advertise all routes of nat |
boolean | Default: "False" |
| advertise_nsx_connected_routes | Advertise connected routes Flag to advertise all connected routes |
boolean | Default: "False" |
| advertise_static_routes | Advertise static routes Flag to advertise all static routes |
boolean | Default: "False" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Enable advertisement Flag to enable this configuration |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| logical_router_id | Logical router id TIER1 logical router id on which to enable this configuration |
string | Readonly |
| resource_type | Must be set to the value AdvertisementConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AdvertisementRuleFilter (schema)
To filter the routes advertised by the TIER1 LR to TIER0 LR. Filtering will be based on the type of route and the prefix operator configured.
| Name | Description | Type | Notes |
|---|---|---|---|
| match_route_types | Array of route types to filter routes | array of AdvertisementRuleFilterRouteType | Required Minimum items: 1 |
| prefix_operator | Prefix operator to apply on networks GE prefix operator filters all the routes having network subset of any of the networks configured in Advertise rule. EQ prefix operator filter all the routes having network equal to any of the network configured in Advertise rule. |
string | Required Enum: GE, EQ Default: "GE" |
AdvertisementRuleFilterRouteType (schema)
Route types to filter TIER1 LR advertised routes
Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised.
| Name | Description | Type | Notes |
|---|---|---|---|
| AdvertisementRuleFilterRouteType | Route types to filter TIER1 LR advertised routes Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised. |
string | Enum: ANY, STATIC, T1_STATIC, NSX_CONNECTED, T1_CONNECTED, T1_NAT, T1_LB_VIP, T1_LB_SNAT, T1_DNSFORWARDER, T1_IPSEC_LOCAL_IP |
AgentInfo (schema)
Agent Information
Information on agent download link and install command.
| Name | Description | Type | Notes |
|---|---|---|---|
| agent_download_link | Link to Download Agent | string | |
| agent_install_command | Command to Install Agent | string | |
| agent_os_type | Agent OS Type | string |
AgentStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| name | Agent name | string | Enum: NSX_AGENT, NSX_OPSAGENT, NSX_CFGAGENT, NSX_NESTDB |
| status | Agent status | string | Enum: UP, DOWN, UNKNOWN |
AgentStatusCount (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| agents | NSX agents status List of agent statuses belonging to the transport node |
array of AgentStatus | |
| down_count | Down count | int | |
| status | Roll-up agent status | string | Enum: UP, DOWN, UNKNOWN |
| up_count | Up count | int |
AggregateDNSForwarderStatistics (schema)
Aggregate of DNS forwarder statistics
Aggregate of DNS forwarder statistics across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String path of the DNS forwarder intent String path of the DNS forwarder intent. |
string | Required |
| statistics_per_enforcement_point | List of DNS forwarder statistics per enforcement point List of DNS forwarder statistics per enforcement point. |
array of DNSForwarderStatisticsPerEnforcementPoint (Abstract type: pass one of the following concrete types) NsxTDNSForwarderStatistics |
Readonly |
AggregateDNSForwarderStatus (schema)
Aggregate of DNS forwarder status
Aggregate of DNS forwarder status across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String path of the DNS forwarder intent String path of the DNS forwarder intent. |
string | Required |
| status_per_enforcement_point | List of DNS forwarder status per enforcement point List of DNS forwarder status per enforcement point. |
array of DNSForwarderStatusPerEnforcementPoint (Abstract type: pass one of the following concrete types) NsxTDNSForwarderStatus |
Readonly |
AggregateIPSecVpnSessionStatistics (schema)
Aggregate of IPSec VPN Session Statistics
Aggregate of IPSec VPN Session Statistics across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of IPSec VPN Session Statistics per Enforcement Point List of IPSec VPN Session Statistics per Enforcement Point. |
array of IPSecVpnSessionStatisticsPerEP (Abstract type: pass one of the following concrete types) IPSecVpnSessionStatisticsNsxT |
Readonly |
AggregateIPSecVpnSessionStatus (schema)
Aggregate of IPSec VPN Session Status
Aggregate of IPSec VPN Session Status across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of IPSec VPN Session Status per Enforcement Point List of IPSec VPN Session Status per Enforcement Point. |
array of IPSecVpnSessionStatusPerEP (Abstract type: pass one of the following concrete types) IPSecVpnSessionStatusNsxT |
Readonly |
AggregateL2VPNSessionPeerConfig (schema)
Aggregate of L2VPN Session Peer Config
Aggregate of L2VPN Session peer config across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of L2VPN Session Peer config per Enforcement Point List of L2VPN Session peer config per Enforcement Point. |
array of L2VPNSessionPeerConfigPerEP (Abstract type: pass one of the following concrete types) L2VPNSessionPeerConfigNsxT |
Readonly |
AggregateL2VPNSessionStatistics (schema)
Aggregate of L2VPN Session Statistics
Aggregate of L2VPN Session Statistics across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of L2VPN Session Statistics per Enforcement Point List of L2VPN Session Statistics per Enforcement Point. |
array of L2VPNSessionStatisticsPerEP (Abstract type: pass one of the following concrete types) L2VPNSessionStatisticsNsxT |
Readonly |
AggregateL2VPNSessionStatus (schema)
Aggregate of L2VPN Session Status
Aggregate of L2VPN Session Status across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of L2VPN Session Status per Enforcement Point List of L2VPN Session Status per Enforcement Point. |
array of L2VPNSessionStatusPerEP (Abstract type: pass one of the following concrete types) L2VPNSessionStatusNsxT |
Readonly |
AggregateL2VpnSessionRemoteMac (schema)
Aggregate of L2Vpn Session Remote Mac
Aggregate of L2Vpn session remote mac across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| l2vpn_session_remote_macs | List of L2Vpn Session remote mac | array of L2VpnSessionRemoteMacPerEP (Abstract type: pass one of the following concrete types) L2VpnSessionRemoteMacNsxT |
Readonly |
AggregateLBNodeUsageSummary (schema)
Aggregate of LBNodeUsageSummary across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBNodeUsageSummary list results LBNodeUsageSummary list results. |
array of LBNodeUsageSummary | Readonly |
AggregateLBPoolStatistics (schema)
Paged Collection of LBPoolStatisticsPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBPoolStatisticsPerEP list results LBPoolStatisticsPerEP list results. |
array of LBPoolStatisticsPerEP (Abstract type: pass one of the following concrete types) LBPoolStatistics |
Readonly |
AggregateLBPoolStatus (schema)
Paged Collection of LBPoolStatusPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBPoolStatusPerEP list results LBPoolStatusPerEP list results. |
array of LBPoolStatusPerEP (Abstract type: pass one of the following concrete types) LBPoolStatus |
Readonly |
AggregateLBServiceStatistics (schema)
Paged Collection of LBServiceStatisticsPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBServiceStatisticsPerEP list results LBServiceStatisticsPerEP list results. |
array of LBServiceStatisticsPerEP (Abstract type: pass one of the following concrete types) LBServiceStatistics |
Readonly |
AggregateLBServiceStatus (schema)
Paged Collection of LBServiceStatusPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBServiceStatusPerEP list results LBServiceStatusPerEP list results. |
array of LBServiceStatusPerEP (Abstract type: pass one of the following concrete types) LBServiceStatus |
Readonly |
AggregateLBServiceUsage (schema)
Aggregate of LBServiceUsagePerEP across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBServiceUsagePerEP list results LBServiceUsagePerEP list results. |
array of LBServiceUsagePerEP (Abstract type: pass one of the following concrete types) LBServiceUsage |
Readonly |
AggregateLBVirtualServerStatistics (schema)
Paged Collection of LBVirtualServerStatisticsPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBVirtualServerStatisticsPerEP list results LBVirtualServerStatisticsPerEP list results. |
array of LBVirtualServerStatisticsPerEP (Abstract type: pass one of the following concrete types) LBVirtualServerStatistics |
Readonly |
AggregateLBVirtualServerStatus (schema)
Paged Collection of LBVirtualServerStatusPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBVirtualServerStatusPerEP list results LBVirtualServerStatusPerEP list results. |
array of LBVirtualServerStatusPerEP (Abstract type: pass one of the following concrete types) LBVirtualServerStatus |
Readonly |
AggregatePolicyDnsAnswer (schema)
Aggregate of DNS forwarder nslookup answer
Aggregate of DNS forwarder nslookup answer across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| dns_answer_per_enforcement_point | List of DNS forwarder nslookup answer per enforcement point List of DNS forwarder nslookup answer per enforcement point. |
array of PolicyDnsAnswerPerEnforcementPoint | Readonly |
| intent_path | String path of the DNS forwarder intent String path of the DNS forwarder intent. |
string | Required |
AggregatePolicyRuntimeInfo (schema)
Aggregate of PolicyRuntimeInfoPerEP
Aggregate of PolicyRuntimeInfoPerEP across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
AggregatedDataCounter (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| rx_bytes | DataCounter | Readonly | |
| rx_packets | DataCounter | Readonly | |
| tx_bytes | DataCounter | Readonly | |
| tx_packets | DataCounter | Readonly |
AggregatedDataCounterEx (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| dropped_by_security_packets | PacketsDroppedBySecurity | Readonly | |
| mac_learning | MacLearningCounters | Readonly | |
| rx_bytes | DataCounter | Readonly | |
| rx_packets | DataCounter | Readonly | |
| tx_bytes | DataCounter | Readonly | |
| tx_packets | DataCounter | Readonly |
AggregatedLogicalRouterPortCounters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has never updated the data. | EpochMsTimestamp | Readonly |
| rx | LogicalRouterPortCounters | Readonly | |
| tx | LogicalRouterPortCounters | Readonly |
Alarm (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alarm_source | Source identifying entity that the Event instance applies to
If alarm_source_type = INTENT_PATH, this field will contain a list of intent paths for the entity that the event instance applies to. If alarm_source_type = ENTITY_ID, this field will contain a list with a single item identifying the entity id that the event instance applies to. |
array of string | Required Readonly |
| alarm_source_type | Alarm Source type of the Event Type of alarm source of the Event instance. Can be one of - INTENT_PATH, ENTITY_ID. |
AlarmSourceType | Required Readonly |
| description | Detailed description of Alarm Detailed description of Alarm. This is the same detailed description as the corresponding Event identified by feature_name.event_type. |
string | Required Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| entity_id | The UUID of the entity that the Event instance applies to The entity that the Event instance applies to. Note entity_id may not be included in a response body. For example, the cpu_high Event may not return an entity_id. |
string | Readonly |
| entity_resource_type | The type of entity that the Event instance applies to The entity type that the Event instance applies to. |
string | Readonly |
| event_type | Name of event Name of Event, e.g. manager_cpu_usage_high, certificate_expired. |
string | Required Readonly |
| event_type_display_name | Display name of event type Display name of Event type. |
string | Required Readonly |
| feature_display_name | Display name of feature Display name of feature defining this Event. |
string | Required Readonly |
| feature_name | Feature defining this event Feature defining this Event, e.g. manager_health, certificates. |
string | Required Readonly |
| id | ID that uniquely identifies an Alarm ID that uniquely identifies an Alarm. |
string | Required Readonly |
| last_reported_time | Last reported time of event instance Indicates when the corresponding Event instance was last reported in milliseconds since epoch. |
EpochMsTimestamp | Readonly |
| node_display_name | Display name of node Display name of node that the event instance applies to. |
string | Readonly |
| node_id | The UUID of the node that the Event instance applies to The UUID of the node that the Event instance applies to. |
string | Required Readonly |
| node_ip_addresses | IP addresses of node IP addresses of node that the event instance applies to. |
array of string | Readonly |
| node_resource_type | The resource type of node that the Event instance applies to The resource type of node that the Event instance applies to eg. ClusterNodeConfig, TransportNode. |
string | Readonly |
| recommended_action | Recommended action for Alarm Recommended action for Alarm. This is the same action as the corresponding Event identified by feature_name.event_type. |
string | Required Readonly |
| reoccurrences_while_suppressed | The number of reoccurrences since this alarm has been SUPPRESSED The number of reoccurrences since this alarm has been SUPPRESSED. |
integer | Readonly |
| resolved_by | User ID of the user that set the status value to RESOLVED User ID of the user that set the status value to RESOLVED. This value can be SYSTEM to indicate that the system resolved the Alarm, for example when the system determines CPU usage is no longer high and the cpu_high Alarm is no longer applicable. This property is only returned when the status value is RESOLVED. |
string | Readonly |
| resolved_time | Time when Alarm was resolved Indicates when the Alarm was resolved in milliseconds since epoch. This property is only returned when the status value is RESOLVED. |
EpochMsTimestamp | Readonly |
| resource_type | Must be set to the value Alarm | string | |
| runtime_data | Runtime data for Alarm Runtime data for Alarm. When an alarming condition occurs, there may be additional data of interest when triaging the underlying issue, for example, output from system commands captured at the time of the error. Note, the contents of this property are not localized. |
string | Readonly |
| severity | Severity of the Alarm Severity of the Alarm.Can be one of - CRITICAL, HIGH, MEDIUM, LOW. |
MonitoringSeverity | Required Readonly |
| status | Status of the Alarm Indicate the status which the Alarm is in. |
MonitoringStatus | Required |
| summary | Summary description of Alarm Summary description of Alarm. This is the same summary description as the corresponding Event identified by feature_name.event_type. |
string | Required Readonly |
| suppress_duration | Duration in hours for which an Alarm is SUPPRESSED The time period between suppress_start_time and suppress_start_time + suppress_duration (specified in hours) an Alarm is SUPPRESSED. This property is only returned when the status value is SUPPRESSED. |
integer | |
| suppress_start_time | Time when Alarm was suppressed Indicates when the Alarm was suppressed in milliseconds since epoch. This property is only returned when the status value is SUPPRESSED. |
EpochMsTimestamp | Readonly |
| suppressed_by | User ID of the user that set the status value to SUPPRESSED User ID of the user that set the status value to SUPPRESSED. This property is only returned when the status value is SUPPRESSED. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AlarmFilterParameter (schema)
Parameters to filter alarms
| Name | Description | Type | Notes |
|---|---|---|---|
| after | Filter to fetch alarms after the specified time Filter to fetch alarms after the specified time. |
EpochMsTimestamp | |
| before | Filter to fetch alarms before the specified time Filter to fetch alarms before the specified time. |
EpochMsTimestamp | |
| cursor | Cursor for pagination Opaque cursor to be used for getting next page of records (supplied by current result page). |
string | |
| event_type | Event Type Filter Specify one or more event types for which alarms should be filtered. |
string | |
| feature_name | Feature Name Specify one or more feature names for which alarms should be filtered. |
string | |
| id | Alarm ID Specify one or more alarm IDs for which alarms should be filtered. |
string | |
| intent_path | Intent Path for entity ID Specify one or more intent paths for which alarms should be filtered. |
string | |
| node_id | Node ID Specify one or more node IDs for which alarms should be filtered. |
string | |
| node_resource_type | Node Resource Type Specify one or more node resource types for which alarms should be filtered. |
string | |
| page_size | Page Size for pagination Maximum number of results to return in this page (server may return fewer). |
integer | |
| severity | Severity Specify one or more severity levels for which alarms should be filtered. Must be one of CRITICAL, HIGH, MEDIUM, LOW. |
string | |
| sort_ascending | Represents order of sorting the values If true, the value of the column are sorted in ascending order. Otherwise, in descending order. |
boolean | Default: "True" |
| sort_by | Key for sorting on this column Sorting on column is based on the sort_by. sort_by represents the field in the output data on which sort is requested. |
string | |
| status | Status Specify one or more status for which alarms should be filtered. Must be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED. |
string |
AlarmSourceType (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| AlarmSourceType | string | Enum: INTENT_PATH, ENTITY_ID |
AlarmStatusParameter (schema)
Parameters to update status of alarm
| Name | Description | Type | Notes |
|---|---|---|---|
| new_status | Status Specify new alarm status for the alarm. Can be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED. |
MonitoringStatus | Required |
| suppress_duration | Duration in hours for which Alarm should be suppressed Specify duration in hours for which Alarm should be suppressed.This value must be specified if the new_status is SUPPRESSED. |
integer |
AlarmsListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of alarms known to the system | array of Alarm | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AlbControllerClusterRuntimeError (schema)
Advanced Load Balancer controller cluster runtime error
Advanced Load Balancer controller cluster runtime error.
| Name | Description | Type | Notes |
|---|---|---|---|
| error_code | Advanced Load Balancer cluster runtime error code Advanced Load Balancer cluster runtime error code. |
int | Readonly |
| error_message | Advanced Load Balancer cluster runtime error msg Advanced Load Balancer cluster runtime error msg. |
string | Readonly |
AlbControllerVsphereClusterNodeVmDeploymentConfig (schema)
Deployment config on the vSphere platform
The vSphere deployment configuration determines where to deploy the
Advanced Load Balancer controller node VM through a vCenter server. It contains settings that are
applied during install time.
If using DHCP, the following fields must be left unset -
management_port_subnets, and default_gateway_addresses
| Name | Description | Type | Notes |
|---|---|---|---|
| compute_id | Cluster identifier or resourcepool identifier The Advanced Load Balancer controller node VM will be deployed on the specified cluster or resourcepool for specified VC server. |
string | Required |
| default_gateway_addresses | Default gateway for the VM The default gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use DHCP. Note: only single IPv4 default gateway address is supported and it must belong to management network. |
array of IPAddress | Minimum items: 1 Maximum items: 1 |
| disk_provisioning | Disk provitioning type Specifies the disk provisioning type of the VM. |
DiskProvisioning | Default: "THIN" |
| display_name | Advanced Load Balancer controller VM display name Desired display name for Advanced Load Balancer controller VM to be deployed. |
string | |
| dns_servers | DNS servers. List of DNS servers. |
array of IPv4Address | |
| host_id | Host identifier The Advanced Load Balancer controller node VM will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host. |
string | |
| hostname | Host name or FQDN for the VM Desired host name/FQDN for the VM to be deployed. |
string | Required Format: hostname-or-ip |
| management_network_id | Portgroup identifier for management network connectivity Distributed portgroup identifier to which the management vnic of Advanced Load Balancer controller node VM will be connected. |
string | Required |
| management_port_subnets | Port subnets for management port IP Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use DHCP. Note: only one IPv4 address is supported for the management port. |
array of IPSubnet | Minimum items: 1 Maximum items: 1 |
| ntp_servers | NTP servers. List of NTP servers. |
array of HostnameOrIPv4Address | |
| placement_type | Must be set to the value AlbControllerVsphereClusterNodeVmDeploymentConfig | string | Required Enum: AlbControllerVsphereClusterNodeVmDeploymentConfig |
| storage_id | Storage/datastore identifier The Advanced Load Balancer controller node VM will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host. |
string | Required |
| storage_policy_id | Storage policy uuid The cluster node VM will be deployed with the specified storage policy on the specified datastore in the specified VC server. User must ensure that the storage policy is applicable on the given datastore. |
string | |
| vc_id | vSphere compute identifier for identifying VC server The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server. |
string | Required |
AllAccountsStateInfo (schema)
State Information Of All Accounts
State Information of all accounts like synchronization in progress count.
| Name | Description | Type | Notes |
|---|---|---|---|
| sync_in_progress | Sync In Progress Count Number of cloud accounts for which inventory synchronization is in progress. |
integer | Readonly |
AllAccountsStatistics (schema)
All Accounts Statistics
Stores statistics of all accounts managed by CSM.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| accounts_count | Accounts Count Count of the all accounts managed by CSM. |
integer | Readonly |
| accounts_status | Status Of All Accounts Status of all accounts like synchronization in progress count. |
AllAccountsStateInfo | Readonly |
| instance_stats | Instance Statistics Instance statistics accross all accounts managed by CSM. |
InstanceStats | Readonly |
| resource_type | Resource Type Optional identifier for listing all accounts statistics of a particular cloud provider. Legal values are AwsAccount or AzureAccount. |
string | Enum: AwsAccount, AzureAccount |
AllAccountsStatisticsListResult (schema)
All Accounts Statistics List Result
Stores statistics for all accounts managed by CSM.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results | array of AllAccountsStatistics | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AllAccountsStatisticsRequestParameters (schema)
All Accounts Statistics Request Parameters
A set of optional filter paramters to list all accounts statistics.
| Name | Description | Type | Notes |
|---|---|---|---|
| cloud_type | Cloud Type Optional identifier for cloud provider based on which all accounts statistics are to be filtered. |
string | Enum: AWS, AZURE, AZURE_GOV_US, AWS_GOV_US_EAST, AWS_GOV_US_WEST |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| resource_type | Resource Type Optional identifier for listing all accounts statistics of a particular cloud provider. Legal values are AwsAccount or AzureAccount. |
string | Enum: AwsAccount, AzureAccount |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AllClusterGroupStatus (schema)
Status of all the cluster groups
A list of the statuses of all the groups in the cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | UUID of the cluster | string | Readonly |
| groups | Array of groups and their statuses | array of ClusterGroupStatus | Readonly |
| overall_status | Overall status of the cluster | string | Readonly Enum: STABLE, DEGRADED, UNAVAILABLE |
AllocatedService (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| allocation_details | Key-Value map of additional specific properties of services Additional properties of a service, say the sub_pool_size and sub_pool_type for a LoadBalancer. |
array of KeyValuePair | |
| high_availability_status | HA Status of the service context node Represents the active or the standby state of the service. |
string | Readonly Enum: ACTIVE, STANDBY, DOWN, SYNC, UNKNOWN |
| service_reference | Id and Name of the service context configured on edge node. | ResourceReference | Required Readonly |
AllocationAction (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Specifies allocate or release action | string | Required Enum: ALLOCATE, RELEASE |
AllocationBasedOnFailureDomain (schema)
Placement based on failure domain of edge node
Auto place TIER1 logical routers, DHCP and MDProxy contexts on two edge
nodes (active and standby) from different failure domains.
| Name | Description | Type | Notes |
|---|---|---|---|
| action_type | Must be set to the value AllocationBasedOnFailureDomain | AllocationRuleActionType | Required |
| enabled | Flag to enable failure domain based allocation Enable placement algorithm to consider failure domain of edge transport nodes and place active and standby contexts in different failure domains. |
boolean | Default: "False" |
AllocationIpAddress (schema)
Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| allocation_id | Address that is allocated from pool | IPAddress | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value AllocationIpAddress | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AllocationIpAddressListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Pool allocation list results | array of AllocationIpAddress | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AllocationPool (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_service_count | Number of active services on edge node Represents the number of acitve services running on the edge node. |
int | Readonly |
| standby_service_count | Number of standby services on edge node Represents the number of standby services running on the edge node. |
int | Readonly |
| sub_pools | Edge node sub-pool allocation details Allocation details of sub-pools configured on edge node. |
array of SubPool |
AllocationPoolType (schema)
Types of logical router allocation pool based on services
| Name | Description | Type | Notes |
|---|---|---|---|
| AllocationPoolType | Types of logical router allocation pool based on services | string | Enum: LoadBalancerAllocationPool |
AllocationRule (schema)
Allocation rule on edge cluster
Allocation rule on edge cluster which will be considered in auto placement
of TIER1 logical routers, DHCP and MDProxy.
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action for allocation rule Set action for each allocation rule |
AllocationRuleAction (Abstract type: pass one of the following concrete types) AllocationBasedOnFailureDomain |
Required |
AllocationRuleAction (schema)
Set action for allocation rule
Define action for each allocation rule which added on edge cluster.
This is an abstract type. Concrete child types:
AllocationBasedOnFailureDomain
| Name | Description | Type | Notes |
|---|---|---|---|
| action_type | Type of action for allocation rule Set action for each allocation rule on edge cluster which will help in auto placement. |
AllocationRuleActionType | Required |
AllocationRuleActionType (schema)
Type of action for allocation rule
Set action for each allocation rule on edge cluster which will help in auto
placement.
| Name | Description | Type | Notes |
|---|---|---|---|
| AllocationRuleActionType | Type of action for allocation rule Set action for each allocation rule on edge cluster which will help in auto placement. |
string | Enum: AllocationBasedOnFailureDomain |
AntreaAdapterStatus (schema)
Antrea adapter status
| Name | Description | Type | Notes |
|---|---|---|---|
| conditions | Adapter conditions Collection of adapter conditions. |
array of ComponentConditionItem | Readonly |
| status | Antrea adapter status Indicate overall healthy status. |
ComponentStatus | Readonly |
AntreaAgentsInfo (schema)
Antrea agents information
| Name | Description | Type | Notes |
|---|---|---|---|
| degraded_agent_num | The number of degraded agents | int | Readonly |
| failed_agent_num | The number of failed agents | int | Readonly |
| healthy_agent_num | The number of healthy agents | int | Readonly |
AntreaClusterInfo (schema)
Antrea cluster info
Antrea cluster status info.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| agent_info | Antrea agent info | AntreaAgentsInfo | Readonly |
| ccp_adapter_status | Antrea CCP adapter status Including component status and CCP_ADAPTER_ prefix conditions status. |
AntreaAdapterStatus | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| controller_status | Antrea Controller status Including component status, connected agent and CONTROLLER_ prefix conditions status. |
AntreaControllerStatus | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| mp_adapter_status | Antrea MP adapter status Including component status and MP_ADAPTER_ prefix conditions status. |
AntreaAdapterStatus | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value AntreaClusterInfo | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AntreaClusterListRequestParameters (schema)
Antrea cluster list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AntreaClusterListResult (schema)
Antrea Cluster list
Paged list of Antrea Cluster list.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Antrea cluster list results | array of AntreaClusterInfo | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AntreaContainerClusterNode (schema)
Antrea container cluster and its nodes requiring a support bundle
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | The UUID of the container cluster | string | Required |
| nodes | List of at most 200 container node UUIDs requiring a support bundle | array of string | Minimum items: 1 |
AntreaControllerStatus (schema)
Antrea Controller status
Antrea Controller status, including component status, connected agent and CONTROLLER_ prefix conditions status.
| Name | Description | Type | Notes |
|---|---|---|---|
| conditions | Controller conditions Collection of controller related conditions. |
array of ComponentConditionItem | Readonly |
| connected_agent_num | The number of connected agents If status is UNKNOWN, this number is meaningless. |
int | Readonly |
| status | Antrea Controller status Indicate overall healthy status. |
ComponentStatus | Readonly |
AntreaHeartbeatConfig (schema)
Antrea heartbeat configuration
Antrea heartbeat configuration for interval time.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| report_interval | Report interval for Antrea heartbeat with NSX in seconds If exceeding 3*report_interval, there is still no heartbeat, cluster status will be UNKNOWN. |
int | Required Minimum: 60 Maximum: 600 Default: "60" |
| resource_type | Must be set to the value AntreaHeartbeatConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AntreaHeartbeatConfigListResult (schema)
Antrea Cluster heartbeat config list
Paged list of Antrea Cluster heartbeat config.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Antrea cluster heartbeat config list List of Antrea cluster heartbeat config. |
array of AntreaHeartbeatConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AntreaSupportBundleContainerNode (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| clusters | List of AntreaContainerClusterNodes identifying container clusters and their nodes | array of AntreaContainerClusterNode | Minimum items: 1 |
| container_type | Must be set to the value AntreaSupportBundleContainerNode | string | Required Enum: ANTREA |
AntreaTraceflowConfig (schema)
Antrea traceflow configuration
The configuration for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| container_cluster_id | Container cluster ID Container cluster ID in inventory. This property is used to identify multiple clusters under single NSX-T. |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_external_id | Destination external id Destination external id for Antrea traceflow. Must be ContainerApplicationInstance or ContainerApplication. Ignored if destination_ip provided in packet data. |
string | |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| is_transient | Marker to indicate if intent is transient This field indicates if intent is transient and will be cleaned up by the system if set to true. |
boolean | Default: "True" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| packet | Packet configuration Configuration of packet data. |
AntreaTraceflowPacketData | |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value AntreaTraceflowConfig | string | |
| source_external_id | Source external id Source external id for Antrea traceflow. Must be ContainerApplicationInstance external_id. |
string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AntreaTraceflowConfigListResult (schema)
Paged Collection of AntreaTraceflowConfigs
Paged Collection for AntreaTraceflowConfigs.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | AntreaTraceflowConfig list results | array of AntreaTraceflowConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AntreaTraceflowIcmpEchoRequestHeader (schema)
IcmpEchoHeader for Antrea traceflow
IcmpEchoRequest header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| id | IcmpEchoRequest id Id of IcmpEchoRequest. |
integer | |
| sequence | Icmp sequence Sequence number of IcmpEchoRequest. |
integer |
AntreaTraceflowIpHeader (schema)
IpHeader for Antrea traceflow
Ip header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| dstIp | Destination ip Destination ip address in IpHeader. |
string | |
| flags | Flags Protocol setting in IpHeader. |
integer | |
| protocol | Protocol Protocol setting in IpHeader. |
integer | |
| srcIp | Source ip Source ip address in IpHeader. |
string | |
| ttl | Time to live TTL value in IpHeader. Default is 64. |
integer |
AntreaTraceflowIpv6Header (schema)
Ipv6Header for Antrea traceflow
Ipv6 header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| dstIp | Destination ip Destination ip address in Ipv6Header. |
string | |
| hopLimit | Hop limit Hop limit setting in Ipv6Header. |
integer | |
| nextHeader | Next header Next header setting in Ipv6Header. |
integer | |
| srcIp | Source ip Source ip address in Ipv6Header. |
string |
AntreaTraceflowObservation (schema)
Observation for Antrea traceflow
Observation result for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | The component type The type of component. |
string | Readonly Enum: UNKNOWN, ANTREA_SPOOFGUARD, ANTREA_LB, ANTREA_ROUTING, ANTREA_DFW, ANTREA_FORWARDING |
| container_node_id | Container node UID UID of the container node that observed a traceflow packet. |
string | Readonly |
| observation_type | The observation type The type of observation. AntreaTraceflowObservationDelivered: The packet was delivered to destination Pod properly AntreaTraceflowObservationReceived: The packet was received from another ContainerNode AntreaTraceflowObservationForwarded: The packet was forwarded to next logical node or ContainerNode AntreaTraceflowObservationDropped: The packet was dropped |
string | Required Enum: AntreaTraceflowObservationDelivered, AntreaTraceflowObservationReceived, AntreaTraceflowObservationForwarded, AntreaTraceflowObservationDropped |
| timestamp | Timestamp Timestamp when the observation was collect by Antrea controller. |
integer | Readonly |
AntreaTraceflowObservationListResult (schema)
List object for AnteaTraceflowObservation
List collection for AnteaTraceflowObservation, used in batch API.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | AntreaTraceflowObservation list results | array of AntreaTraceflowObservation | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AntreaTraceflowPacketData (schema)
Packet data for Antrea traceflow
Packet data stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| frameSize | Packet frame size This property is used to set packet data size. |
integer | |
| ipHeader | Ipv4 header configuration This property is used to set ipv4 header data. |
AntreaTraceflowIpHeader | |
| ipv6Header | Ipv6 header configuration This property is used to set ipv6 header data. |
AntreaTraceflowIpv6Header | |
| payload | Packet payload This property is used to set payload data. |
string | |
| resourceType | Packet resource type This property is used to set resource type. |
string | Enum: FIELDS_PACKET_DATA, BINARY_PACKET_DATA |
| transportHeader | Transport header configuration This property is used to set transport header data. |
AntreaTraceflowTransportHeader | |
| transportType | Transport type This property is used to set transport type. |
string | Enum: UNICAST, MULTICAST, BROADCAST, UNKNOWN |
AntreaTraceflowStatus (schema)
Status for Antrea traceflow
The status value of one Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| phase | Phase The execution phase of one traceflow. |
string | Enum: SUCCEEDED, FAILED |
| reason | Reason The reason for the failure. |
string |
AntreaTraceflowTcpHeader (schema)
TcpHeader for Antrea traceflow
Tcp header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| dstPort | Destination port Destination port number in TcpHeader. |
integer | |
| srcPort | Source port Source port number in TcpHeader. |
integer | |
| tcpFlags | Tcp flags Tcp flags in TcpHeader. SYN flag must be set for traceflow. |
integer |
AntreaTraceflowTransportHeader (schema)
TransportHeader for Antrea traceflow
Transport header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| icmpEchoRequestHeader | IcmpEchoRequestHeader for Antrea traceflow IcmpEchoRequest header stuffs for Antrea traceflow. |
AntreaTraceflowIcmpEchoRequestHeader | |
| tcpHeader | TcpHeader for Antrea traceflow Tcp header stuffs for Antrea traceflow. |
AntreaTraceflowTcpHeader | |
| udpHeader | UdpHeader for Antrea traceflow Udp header stuffs for Antrea traceflow. |
AntreaTraceflowUdpHeader |
AntreaTraceflowUdpHeader (schema)
UdpHeader for Antrea traceflow
Udp header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| dstPort | Destination port Destination port number in UdpHeader. |
integer | |
| srcPort | Source port Source port number in UdpHeader. |
integer |
AphInfo (schema)
Apliance proxy hub information
APH information.
| Name | Description | Type | Notes |
|---|---|---|---|
| address | IP address of APH service | string | Required |
| certificate | PEM Certificate of APH service | string | Required |
| fqdn | FQDN, only returned by GET /sites and GET /sites/self | string | |
| node_id | Node ID of the APH service | string | Required |
| port | Port of APH service | integer | Required |
| use_fqdn | whether or not fqdn flag is on | boolean | |
| uuid | ID of the APH service | string | Required |
ApiError (schema)
Detailed information about an API Error
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Further details about the error | string | |
| error_code | A numeric error code | integer | |
| error_data | Additional data about the error | object | |
| error_message | A description of the error | string | |
| module_name | The module name where the error occurred | string | |
| related_errors | Other errors related to this error | array of RelatedApiError |
ApiRequestBody (schema)
API Request Body
API Request Body is an Event Source that represents an API request body that
is being reveived as part of an API. Supported Request Bodies are those received
as part of a PATCH/PUT/POST request.
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_pointer | Resource Pointer Regex path representing a regex expression on resources. This regex is used to identify the request body(ies) that is/are the source of the Event. For instance: specifying "Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default" as a source means that ANY resource starting with Lb or ANY resource with "/infra/tier-0s/vmc/ipsec-vpn-services/default" as path would be the source of the event in question. |
string | Required |
| resource_type | Must be set to the value ApiRequestBody | string | Required Enum: ResourceOperation, ApiRequestBody |
ApiServiceConfig (schema)
Configuration of the API service
Properties that affect the configuration of the NSX API service.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| basic_authentication_enabled | Enable or disable basic authentication Identifies whether basic authentication is enabled or disabled in API calls. |
boolean | Default: "True" |
| cipher_suites | Cipher suites used to secure contents of connection The TLS cipher suites that the API service will negotiate. |
array of CipherSuite | Minimum items: 1 |
| client_api_concurrency_limit | Client API rate limit in calls The maximum number of concurrent API requests that will be serviced for a given authenticated client. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0. |
integer | Minimum: 0 Default: "40" |
| client_api_rate_limit | Client API rate limit in calls per second The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0. |
integer | Minimum: 0 Default: "100" |
| connection_timeout | NSX connection timeout NSX connection timeout, in seconds. To disable timeout, set to 0. |
integer | Minimum: 0 Maximum: 2147483647 Default: "30" |
| cookie_based_authentication_enabled | Enable or disable cookie-based authentication Identifies whether cookie-based authentication is enabled or disabled in API calls. When cookie-based authentication is disabled, new sessions cannot be created via /api/session/create. |
boolean | Default: "True" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| global_api_concurrency_limit | Global API rate limit in calls The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0. |
integer | Minimum: 0 Default: "199" |
| id | Unique identifier of this resource | string | Sortable |
| lockout_immune_addresses | IP addresses which are not subject to lockout on failed login attempts The list of IP addresses which are not subjected to a lockout on failed login attempts. |
array of IPAddress | |
| protocol_versions | TLS protocol versions The TLS protocol versions that the API service will negotiate. |
array of ProtocolVersion | Minimum items: 1 |
| redirect_host | Hostname/IP to use in redirect headers Host name or IP address to use for redirect location headers, or empty string to derive from current request. To disable, set redirect_host to the empty string (""). |
HostnameOrIPv4AddressOrEmptyString | Default: "" |
| resource_type | Must be set to the value ApiServiceConfig | string | |
| session_timeout | NSX session inactivity timeout | integer | Minimum: 0 Maximum: 2147483647 Default: "1800" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ApplianceLatencyData (schema)
Display the latency data by given appliance node
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| id | Appliance id Display the Appliance id. |
string | |
| latency_data | Latency Data List Latency Data list. |
array of ApplianceLatencyDataItem | |
| name | Appliance name Display the appliance name. |
string | |
| timestamp | Timestamp of last modification Timestamp of last modification. |
EpochMsTimestamp |
ApplianceLatencyDataItem (schema)
Appliance Latency data
Describes appliance latency data in detail.
| Name | Description | Type | Notes |
|---|---|---|---|
| destination_node_id | Node id Display the appliance node id. |
string | |
| destination_node_ip | Node name Display the appliance node ip. |
string | |
| destination_node_name | Node name Display the appliance node name. |
string | |
| packet_loss_percent | Display the percentage of lost packet Display the percentage of lost packet. |
string | |
| packet_received | Display the received packets Display the received packets. |
integer | |
| packet_transmitted | Display the transmitted packets Display the transmitted packets in Ping |
integer | |
| rtt_avg | Display the average rtt of latency value Display the average Round Trip Time in milliseconds. |
number | |
| rtt_max | Display the max rtt of latency value Display the max Round Trip Time in milliseconds. |
number | |
| rtt_mdev | Display the mean rtt of latency value Display the mean Round Trip Time in milliseconds. |
number | |
| rtt_min | Display the min rtt of latency value Display the min Round Trip Time in milliseconds. |
number | |
| source_node_ip | Node name Display the appliance node ip. |
string | |
| status | Display the connection status Display the connection status between source node and destination node. |
string | Enum: UP, DOWN |
| total_time | Display the total time in milliseconds Display the total time of sending and receiving packets in milliseconds. |
integer |
ApplianceLatencyListResult (schema)
List of process data
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Total appliance latency count | integer | Required |
| results | Appliance Process List Display the appliance latency data list. |
array of ApplianceLatencyData | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ApplianceManagementSuppressRedirectQueryParameter (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| suppress_redirect | Suppress redirect status if applicable Do not return a redirect HTTP status. |
boolean | Default: "False" |
ApplianceManagementTaskListResult (schema)
Appliance management task query results
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Task property results | array of ApplianceManagementTaskProperties | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ApplianceManagementTaskProperties (schema)
Appliance management task properties
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| async_response_available | True if response for asynchronous request is available | boolean | Readonly |
| cancelable | True if this task can be canceled | boolean | Readonly |
| description | Description of the task | string | Readonly |
| details | Details about the task if known | object | Readonly |
| end_time | The end time of the task in epoch milliseconds | EpochMsTimestamp | Readonly |
| id | Identifier for this task | string | Readonly Pattern: "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$" |
| message | A message describing the disposition of the task | string | Readonly |
| progress | Task progress if known, from 0 to 100 | integer | Readonly Minimum: 0 Maximum: 100 |
| request_method | HTTP request method | string | Readonly |
| request_uri | URI of the method invocation that spawned this task | string | Readonly |
| start_time | The start time of the task in epoch milliseconds | EpochMsTimestamp | Readonly |
| status | Current status of the task | ApplianceManagementTaskStatus | Readonly |
| user | Name of the user who created this task | string | Readonly |
ApplianceManagementTaskQueryParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| fields | Fields to include in query results Comma-separated field names to include in query result |
string | |
| request_method | Request method(s) to include in query result Comma-separated request methods to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
| request_path | Request URI path(s) to include in query result Comma-separated request paths to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
| request_uri | Request URI(s) to include in query result Comma-separated request URIs to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
| status | Status(es) to include in query result Comma-separated status values to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
| user | Names of users to include in query result Comma-separated user names to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
ApplianceManagementTaskStatus (schema)
Current status of the appliance management task
| Name | Description | Type | Notes |
|---|---|---|---|
| ApplianceManagementTaskStatus | Current status of the appliance management task | string | Enum: running, error, success, canceling, canceled, killed |
ApplianceProcessData (schema)
List of process data in given appliance node
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| id | Appliance id Display the Appliance id. |
string | |
| name | Appliance name Display the appliance name. |
string | |
| timestamp | Timestamp of last modification Timestamp of last modification. |
EpochMsTimestamp | |
| top_process_by_cpu_count | Process count Display the total count of process. |
integer | |
| top_process_by_cpu_list | Top process list by CPU Display the top process list by CPU. |
array of ProcessInformation | |
| top_process_by_mem_count | Process count Display the total count of process. |
integer | |
| top_process_by_mem_list | Top process list by memory Display the top process list by memory. |
array of ProcessInformation |
ApplianceProcessListResult (schema)
List of process data
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Appliance Process List Display the appliance process list. |
array of ApplianceProcessData | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ApplicationConnectivityStrategy (schema)
Application specific connectivity strategy
Allows more granular policies for application workloads
| Name | Description | Type | Notes |
|---|---|---|---|
| application_connectivity_strategy | Application connectivity strategy App connectivity strategies |
string | Required Enum: ALLOW_INTRA, ALLOW_EGRESS, ALLOW_INGRESS, DROP_INGRESS, DROP_EGRESS |
| default_application_rule_id | Default rule ID associated with the application_connectivity_strategy Based on the value of the app connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule. |
integer | Readonly |
| logging_enabled | Enable logging flag Flag to enable packet logging. Default is disabled. |
boolean | Default: "False" |
ApplicationProfileType (schema)
application profile type
An application profile can be bound to a virtual server
to specify the application protocol characteristics. It is used to
influence how load balancing is performed. Currently, three types of
application profiles are supported: LbFastTCPProfile,
LbFastUDPProfile and LbHttpProfile.
LbFastTCPProfile or LbFastUDPProfile is typically
used when the application is using a custom protocol or a standard protocol
not supported by the load balancer. It is also used in cases where the user
only wants L4 load balancing mainly because L4 load balancing has much
higher performance and scalability, and/or supports connection mirroring.
LbHttpProfile is used for both HTTP and HTTPS applications.
Though application rules, if bound to the virtual server, can be used
to accomplish the same goal, LbHttpProfile is intended to
simplify enabling certain common use cases.
LbHttpProfile is deprecated as NSX-T Load Balancer is deprecated.
| Name | Description | Type | Notes |
|---|---|---|---|
| ApplicationProfileType | application profile type An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LbFastTCPProfile, LbFastUDPProfile and LbHttpProfile. LbFastTCPProfile or LbFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LbHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LbHttpProfile is intended to simplify enabling certain common use cases. LbHttpProfile is deprecated as NSX-T Load Balancer is deprecated. |
string | Enum: LbHttpProfile, LbFastTcpProfile, LbFastUdpProfile |
AppliedTos (schema)
Entities Applied to Profile
Entity lists where the profile will be enabled on.
| Name | Description | Type | Notes |
|---|---|---|---|
| logical_ports | Logical Port List | array of ResourceReference | |
| logical_switches | Logical Switch List | array of ResourceReference | |
| nsgroups | NSGroup List | array of ResourceReference |
ApplyCertificateParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| node_id | Node Id Optional node-id to which to apply the certificate. The cluster_certificate field of the matching Certificate Profile must be false, as those get applied to all nodes. |
string | Maximum length: 255 |
| service_type | Service Type Service Type of the CertificateProfile to apply the certificate to. |
ServiceType | Required |
ArpHeader (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| dst_ip | The destination IP address | IPv4Address | Required |
| op_code | Arp message type This field specifies the nature of the Arp message being sent. |
string | Required Enum: ARP_REQUEST, ARP_REPLY Default: "ARP_REQUEST" |
| src_ip | The source IP address This field specifies the IP address of the sender. If omitted, the src_ip is set to 0.0.0.0. |
IPv4Address |
ArpSnoopingConfig (schema)
ARP Snooping Configuration
Contains ARP snooping related configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| arp_binding_limit | Maximum number of ARP bindings Number of arp snooped IP addresses Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. |
int | Minimum: 1 Maximum: 256 Default: "1" |
| arp_snooping_enabled | Is ARP snooping enabled or not Indicates whether ARP snooping is enabled |
boolean | Default: "True" |
ArpTableRequestParameters (schema)
Routes request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| edge_path | Policy path of edge node Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface. |
string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format. |
string | |
| host_transport_node_path | Policy path of host transport node Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AssignedByDhcp (schema) (Deprecated)
DHCP based IP assignment.
This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Must be set to the value AssignedByDhcp | string | Required Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec |
AssociationListRequestParameters (schema)
Association list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| associated_resource_type | Type of the associated resources | AssociationTargetType | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| fetch_ancestors | Fetch complete list of associated resources considering
containment and nesting
If set to true, will fetch direct as well as indirect(considering containment as well as nesting) associated objects for the given source Id. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| resource_id | The resource for which associated resources are to be fetched | string | Required |
| resource_type | Type of the resource for which associated resources are to be fetched | AssociationSourceType | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AssociationListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of ResourceReference | array of ResourceReference | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AssociationSourceType (schema)
Resource type valid for use as source in association API
| Name | Description | Type | Notes |
|---|---|---|---|
| AssociationSourceType | Resource type valid for use as source in association API | string | Enum: NSGroup, IPSet, MACSet, LogicalSwitch, LogicalPort, VirtualMachine, DirectoryGroup, VirtualNetworkInterface, TransportNode, IPAddress, CloudNativeServiceInstance, PhysicalServer |
AssociationTargetType (schema)
Resource type valid for use as target in association API
| Name | Description | Type | Notes |
|---|---|---|---|
| AssociationTargetType | Resource type valid for use as target in association API | string | Enum: NSGroup |
AttachedInterface (schema) (Deprecated)
Attached interface specification for Bare metal server
The Attached interface is only effective for the port on Bare metal server.
| Name | Description | Type | Notes |
|---|---|---|---|
| app_intf_name | The name of application interface | string | Required |
| default_gateway | Gateway IP | IPAddress | |
| migrate_intf | Interface name to migrate IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP. |
string | |
| routing_table | Routing rules | array of string |
AttachedInterfaceEntry (schema)
Attached interface information for Bare metal server
The Attached interface is only effective for the segment port on Bare metal server.
| Name | Description | Type | Notes |
|---|---|---|---|
| app_intf_name | The name of application interface | string | Required |
| default_gateway | Gateway IP | IPAddress | |
| migrate_intf | Interface name to migrate IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP. |
string | |
| routing_table | Routing rules | array of string |
AttachmentContext (schema) (Deprecated)
This is an abstract type. Concrete child types:
L2VpnAttachmentContext
VifAttachmentContext
| Name | Description | Type | Notes |
|---|---|---|---|
| allocate_addresses | A flag to indicate whether to allocate addresses from allocation pools bound to the parent logical switch. | string | Enum: IpPool, MacPool, Both, None, Dhcp |
| resource_type | Used to identify which concrete class it is | string | Required |
AttachmentType (schema) (Deprecated)
Type of attachment for logical port.
| Name | Description | Type | Notes |
|---|---|---|---|
| AttachmentType | Type of attachment for logical port. | string | Deprecated Enum: VIF, LOGICALROUTER, BRIDGEENDPOINT, DHCP_SERVICE, METADATA_PROXY, L2VPN_SESSION, L2FORWARDER |
AttachmentTypeQueryString (schema) (Deprecated)
Type of attachment for logical port; for query only.
| Name | Description | Type | Notes |
|---|---|---|---|
| AttachmentTypeQueryString | Type of attachment for logical port; for query only. | string | Deprecated Enum: VIF, LOGICALROUTER, BRIDGEENDPOINT, DHCP_SERVICE, METADATA_PROXY, L2VPN_SESSION, NONE |
Attribute (schema)
Attributes
Attribute specific to a partner. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. The Attributes used by the partner applicance.
| Name | Description | Type | Notes |
|---|---|---|---|
| attribute_type | Attributetype. Attribute Type can be of any of the allowed enum type. |
string | Enum: IP_ADDRESS, PORT, PASSWORD, STRING, LONG, BOOLEAN |
| display_name | Display name Attribute display name string value. |
string | |
| key | key Attribute key string value. |
string | Required |
| read_only | read only Read only Attribute cannot be overdidden by service instance/deployment. |
boolean | Default: "False" |
| value | value Attribute value string value. |
string |
AttributeVal (schema)
Attribute values of realized type
Contains type specific properties of generic realized entity
| Name | Description | Type | Notes |
|---|---|---|---|
| data_type | Datatype of property represented by this attribute Datatype of the property |
string | Required Readonly Enum: STRING, DATE, INTEGER, BOOLEAN |
| key | Key for the attribute value Attribute key |
string | |
| multivalue | multivalue flag If attribute has a single value or collection of values |
boolean | Readonly |
| values | List of values for the attribute List of attribute values |
array of string | Readonly |
AuditLog (schema)
Audit log in RFC5424 format
| Name | Description | Type | Notes |
|---|---|---|---|
| appname | Application name field of the log | string | Required |
| facility | Facility field of the log | integer | Required |
| full_log | Full log with both header and message | string | Required |
| hostname | Hostname field of the log | string | Required |
| message | Message field of the log | string | Required |
| msgid | Message ID field of the log | string | Required |
| priority | Priority field of the log | integer | Required |
| procid | Process ID field of the log | integer | Required |
| struct_data | Structured data field of the log | StructuredData | Required |
| timestamp | Date and time in UTC of the log | string | Required |
AuditLogListResult (schema)
Audit log collection results
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| last_full_sync_timestamp | Timestamp of the last full audit log collection | string | Required |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Audit log results | array of AuditLog | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AuditLogQueryParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) A log cursor points to a specific line number in the master audit log |
integer | |
| fields | Fields to include in query results Comma-separated field names to include in query result |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) The page size determines the number of logs to be returned |
integer | Minimum: 0 Maximum: 100 Default: "100" |
AuditLogRequest (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| log_age_limit | Include logs with timstamps not past the age limit in days | integer | Minimum: 0 |
| log_filter | Audit logs should meet the filter condition | string | |
| log_filter_type | Type of log filter | string | Enum: TEXT, REGEX Default: "TEXT" |
AuthenticationPolicyProperties (schema)
Configuration of authentication policies for the NSX node
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| api_failed_auth_lockout_period | Lockout period in seconds Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types. |
integer | Minimum: 0 Default: "900" |
| api_failed_auth_reset_period | Period, in seconds, for authentication failures to trigger lockout In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types. |
integer | Minimum: 0 Default: "900" |
| api_max_auth_failures | Number of authentication failures that trigger API lockout Only applies to NSX Manager nodes. Ignored on other node types. |
integer | Minimum: 0 Default: "5" |
| cli_failed_auth_lockout_period | Lockout period in seconds Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified. |
integer | Minimum: 0 Default: "900" |
| cli_max_auth_failures | Number of authentication failures that trigger CLI lockout | integer | Minimum: 0 Default: "5" |
| minimum_password_length | Minimum number of characters required in account passwords | integer | Minimum: 8 Default: "8" |
AuthenticationScheme (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| scheme_name | Authentication scheme name | string | Required |
AutoRds (schema)
Auto assigned Route Distinguishers
This object holds auto assigned route distinguishers for Layer 2 and Layer 3 configurations.
| Name | Description | Type | Notes |
|---|---|---|---|
| l2_auto_rds | List of layer 2 Auto assigned Route Distinguisher | array of L2AutoRD | |
| l3_auto_rd | Layer 3 Auto assigned Route Distinguisher This field is auto assigned by the system. The auto RD seed is populated when user does not assign a route_distinguisher field in the gateway. |
string |
AutomaticHealthCheck (schema)
Automatic Health Check
Health check performed by system automatically on a specific transport zone.
For overlay based zone, health check is performed on corresponding N-VDS of
each transport node with the VLAN and MTU specified by uplink profile of
N-VDS for the node.
For VLAN based zone, health check is performed on corresponding N-VDS of each
transport node with MTU specified by uplink profile of N-VDS for the node
and VLAN specified by all logical switches in this zone.
| Name | Description | Type | Notes |
|---|---|---|---|
| result | HealthCheckResult | Readonly | |
| transport_zone_id | Transport Zone ID ID of the transport zone where this automatic health check is performed. |
string | Readonly |
AutomaticHealthCheckListResult (schema)
List of Automatic Health Checks
Automatic health check list result for query with list parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Automatic Health Check List | array of AutomaticHealthCheck | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AutomaticHealthCheckToggle (schema)
Automatic Health Check Toggle
Toggle to enable/disable automatic health check.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Status of automatic health check | boolean | Required Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value AutomaticHealthCheckToggle | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AviConnectionInfo (schema)
Avi Connection Info
Credential info to connect to a AVI type of enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| cloud | Cloud Clouds are containers for the environment that Avi Vantage is installed or operating within. During initial setup of Vantage, a default cloud, named Default-Cloud, is created. This is where the first Controller is deployed, into Default-Cloud. Additional clouds may be added, containing SEs and virtual services. This is a deprecated property. Cloud has been renamed to cloud_name and it will added from specific ALB entity. |
string | Deprecated |
| enforcement_point_address | Enforcement Point Address Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be "10.192.1.1" - On an NSX-T MP running on custom port, the value could be "192.168.1.1:32789" - On an NSX-T MP in VMC deployments, the value could be "192.168.1.1:5480/nsxapi" |
string | Required |
| expires_at | Expiry time of the token Expiry time of the token will be set by LCM at the time of Enforcement Point Creation. |
string | |
| managed_by | Managed by used when on-borading workflow created by LCM/VCF. Managed by used when on-borading workflow created by LCM/VCF. |
string | |
| password | Password or Token for Avi Controller Password or Token for Avi Controller. |
string | Required |
| resource_type | Must be set to the value AviConnectionInfo | string | Required Enum: NSXTConnectionInfo, NSXVConnectionInfo, CvxConnectionInfo, AviConnectionInfo |
| tenant | Tenant A tenant is an isolated instance of Avi Controller. Each Avi user account is associated with one or more tenants. The tenant associated with a user account defines the resources that user can access within Avi Vantage. When a user logs in, Avi restricts their access to only those resources that are in the same tenant |
string | Required |
| thumbprint | Thumbprint of Enforcement Point Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX. |
string | |
| username | Username Username. |
string | Required |
| version | Version Avi supports API versioning for backward compatibility with automation scripts written for an object model older than the current one. Such scripts need not be updated to keep up with object model changes This is a deprecated property. The version is now auto populated from property file and its value can be read using APIs |
string | Deprecated |
AviEndPoint (schema)
AVI LB endpoint details
Details about the AVI LB endpoint
| Name | Description | Type | Notes |
|---|---|---|---|
| avi_endpoint_ip | IP address of the AVI LB endpoint IP address of the AVI LB endpoint. |
string | Required Format: hostname-or-ip |
| avi_endpoint_password | Password for AVI LB endpoint Password for AVI LB endpoint. |
string | Required |
| avi_endpoint_port | AVI LB endpoint port AVI LB endpoint port. |
int | Default: "443" |
| avi_endpoint_username | Username for AVI LB endpoint Username for AVI LB endpoint. |
string | Required |
AwsAccount (schema)
AWS account
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| auth_method | AWS account authorization method This property conveys the authorization method to use. Appropriate credentials/parameters will be expected based on this method selection. |
string | Readonly Enum: CREDENTIALS |
| auth_users | Authrized Users List of authorized users. |
array of CloudUserInfo | Readonly |
| cloud_type | Cloud Type | string | Required Enum: AWS, AZURE, GOOGLE, AZURE_GOV_US, AWS_GOV_US_EAST, AWS_GOV_US_WEST |
| credentials | AWS Credentials Credentials of AWS Account. |
AwsCredentials | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| instance_stats | Instance statistics Stores statistics of the number of managed, unmanaged and error virtual machines. |
InstanceStats | Readonly |
| last_inventory_sync_date | Last inventory sync date Time when last inventory syncing completed. |
integer | Readonly |
| regions_config | List of regions configuration for the cloud account Configured list of regions to be used for the cloud account. |
RegionListConfig | |
| regions_count | AWS Regions Count Count of the AWS regions which have atleast one VPC created. |
integer | Readonly |
| resource_type | Must be set to the value AwsAccount | string | |
| status | Status of the account | AwsAccountStatus | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tenant_id | Tenant ID Tenant ID of the cloud account. |
string | Readonly |
| vpc_stats | VPC statistics | VpcStats | Readonly |
AwsAccountStatus (schema)
AWS account status
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| credentials_status | Credentials Status Status of the cloud account credentials synced at the auto interval. |
string | Readonly Enum: VALID, INVALID |
| error_message | Error encountered while syncing AWS inventory Error encountered while syncing AWS inventory such as read timeout. |
string | Readonly |
| inventory_sync_status | Inventory Synchronization Status Status of inventory synchronization process. |
string | Readonly Enum: SYNCED, IN_PROGRESS |
| inventory_sync_step | Inventory sync step Step of the inventory synchronization process |
string | Readonly Enum: SYNCING_AWS_REGIONS, SYNCING_AWS_VPCS, SYNCING_AWS_AZS, SYNCING_VMS, SYNCING_NSX_DATA, SYNCING_AWS_GATEWAYS, SYNCING_MANAGED_INSTANCES, NOT_APPLICABLE |
AwsAccountsListRequestParameters (schema)
AWS account filter parameters
These parameters will be used to filter the list of accounts.
| Name | Description | Type | Notes |
|---|---|---|---|
| cloud_type | AWS Cloud Type | string | Enum: AWS, AWS_GOV_US_EAST, AWS_GOV_US_WEST |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Identifier for region based on which accounts statistics will be aggregated. Using this request parameter will return only all_accounts_vpc_stats and all_accounts_instance_stats properties. | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AwsAccountsListResult (schema)
Cloud accounts list
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| all_accounts_instance_stats | Instance statistics This field is DEPRECATED. To obtain statistics about instances, use the GET /csm/accounts/statistics API. |
InstanceStats | Deprecated Readonly |
| all_accounts_vpc_stats | VPC statistics This field is DEPRECATED. To obtain statistics about VPCs, use the GET /csm/accounts/statistics API. |
VpcStats | Deprecated Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | AWS accounts list result | array of AwsAccount | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsAvailabilityZoneInfo (schema)
Availability Zone information
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Display name of the availability zone | string | Readonly |
| id | ID of the availability zone | string | Readonly |
AwsComputeVpcConfig (schema)
AWS Compute VPC Configuration
Stores the parameters required for linking compute VPC
with a transit VPC
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| account_id | AWS Account ID AWS account ID related to the compute VPC. This field is deprecated. Field account_id can be learnt using vpc_id. GET /csm/aws/vpcs/ Hence, this field is optional. |
string | Deprecated |
| cloud_fallback_security_group_id | Id of Cloud Security Group Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false. |
string | |
| configuration | AWS Transit VPC Configuration All the required informations regarding a transit VPC will be absorbed as a part of this field. |
AwsTransitVpcConfig | Required |
| default_quarantine_policy_enabled | Flag to Identify if Default Quarantine Policy is Enabled Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not. |
boolean | Default: "False" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| managed_without_agents | Managed Without NSX Agents This flag determines if this compute virtual private cloud is managed with or without NSX agents. |
boolean | Default: "False" |
| resource_type | Must be set to the value AwsComputeVpcConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AwsComputeVpcListRequestParameters (schema)
These paramaters will be used to filter the list of compute VPCs.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | AWS account ID Identifier for account based on which compute VPCs are to be filtered. |
string | |
| associated_transit_vpc_id | Transit VPC ID Identifier for filtering all the compute VPCs which are NSX managed by the given transit VPC. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vpc_id | VPC ID Identifier for VPC based on which the list can be filtered or can be used to validate that hierarchy is correct |
string |
AwsComputeVpcListResult (schema)
Compute Vpc list
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Compute VPC Array of Compute VPCs |
array of AwsComputeVpcConfig | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsComputeVpcStatus (schema)
VPC Status
Stores onboard and offboard status of AWS VPC. There are 4 states in
onboarding a VPC using transit VPC and the corresponding states in
sequence are VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS,
CONFIGURING_GATEWAY and ONBOARD_SUCCESSFUL. There are 3 states in
offboarding a VPC and the corresponding states in sequence are
UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS and OFFBOARD_SUCCESSFUL.
The state of failure in onboarding or offboarding is indicated
by ONBOARD_FAILED and OFFBOARD_FAILED.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| configuration | AWS VPC Config Stores AWS VPC configuration. |
AwsVpcConfig | |
| error_code | Error Code Error code related to virtual private cloud Onboard/Offboard failure. |
integer | Readonly |
| error_message | Error Message Error message related to virtual private cloud Onboard/Offboard failure. |
string | Readonly |
| offboard_step | States of Virtual Private Cloud While OffBoard Stores the different states of virtual private cloud while offboarding from a transit virtual private cloud. |
string | Readonly Enum: UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS, OFFBOARD_SUCCESSFUL, OFFBOARD_FAILED, NOT_APPLICABLE |
| onboard_step | States of Virtual Private Cloud While Onboard Stores the different states of virtual private cloud while onboarding using a transit virtual private cloud. |
string | Readonly Enum: VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS, CONFIGURING_GATEWAY, ONBOARD_SUCCESSFUL, ONBOARD_FAILED, NOT_APPLICABLE |
| status | Virtual Private Cloud Status Indicates the status of a virtual private cloud. UP: virtual private cloud is NSX managed. DOWN: virtual private cloud is NSX managed with errors. ONBOARDING: virtual private cloud is in the process of onboarding using a transit virtual private cloud. OFFBOARDING: virtual private cloud is in the process of offboarding from a transit virtual private cloud. NOT_APPLICABLE: virtual private cloud is NSX unmanaged. |
string | Readonly Enum: UP, DOWN, ONBOARDING, OFFBOARDING, NOT_APPLICABLE |
| virtual_private_cloud_name | Virtual Private Cloud Name Name of the transit virtual private cloud. |
string | Readonly |
AwsCredentials (schema)
AWS Account Credentials
Stores information about AWS account credentials.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| access_key | Access Key Access key of the AWS account. |
string | |
| gateway_role | Gateway Role Name Name of the IAM service role that should be attached to the Cloud Gateways deployed in the AWS account. Based on the permissions in the role, the gateways will have access to resources in the AWS account. |
string | |
| secret_key | Secret Key Secret key of the AWS account. |
string |
AwsGatewayAmiInfo (schema)
Aws Gateway Ami Information
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| ami_id | AMI id The ID of the Amazon Machine Image |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| region_id | Name of the Aws Region in which ami is present | string | Required |
| resource_type | Must be set to the value AwsGatewayAmiInfo | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AwsGatewayAmisListRequestParameters (schema)
These paramaters will be used to filter the list of AWS Gateway AMIs.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Identifier for region based on which list of AWS Gateway AMIs will be obtained | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AwsGatewayAmisListResult (schema)
List of Aws Gateway amis
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Aws Gateway amis list | array of AwsGatewayAmiInfo | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsGatewayConfig (schema)
AWS gateway configuration
Stores AWS gateway configuration like ami_id, key_pair_name and
gateway_ha_configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| ami_id | AMI id The ID of the Amazon Machine Image on which this gateway resides |
string | |
| ami_id_obsolete | Flag to identify if the AMI ID is related to the previous NSX release If this flag is set, NSX was upgraded after the gateway was deployed and this AMI ID should no longer be used |
boolean | Readonly Default: "False" |
| cloud_fallback_security_group_id | Id of cloud security group Id of security group where the VMs should be moved after last gateway undeployed. |
string | |
| default_quarantine_policy_enabled | Flag to identify if default quarantine policy is enabled | boolean | Default: "False" |
| dns_settings | DNS settings Settings related to Cloud gateway DNS configuration. This determines DNS configuration based on dns_mode. |
DnsSettings | Deprecated |
| gateway_connectivity_mode | Gateway Connectivity Mode Helps the user choose default connectivity mode that will be used between Cloud Service Manager and Gateway. PUBLIC IP: All the connections will go through the internet. When this mode is selected by the user, the user will have to select a public Ip address from the list of public IP's from the 'Public IP on Mgmt NIC' field. PRIVATE IP: All the connections will go through the VGW or any other configured VPN. When there is no input provided by the user, an attempt will be made using PRIVATE_IP (VGW) first and if that doesn't go through, an attempt will be made using PUBLIC_IP (IGW). And if both fail, it will cause an exception. |
string | Enum: PUBLIC_IP, PRIVATE_IP |
| gateway_ha_configuration | Aws Gateway HA configuration | array of AwsGatewayHaConfig | |
| is_ha_enabled | Flag to identify if HA is enabled | boolean | |
| key_pair_name | The key pair name required to authenticate into any instance | string | |
| managed_without_agents | Managed Without NSX Agents This flag determines if this virtual private cloud is managed with or without NSX agents. This flag is applicable only for this network. If this virtual private cloud is being managed without NSX agents, quarantine state and threat state will be NOT_APPLICABLE for all the virtual machines under it. |
boolean | Default: "False" |
| nsx_manager_connection | NSX Manager connection Determines if connection to NSX Manager is via public IP or private IP |
string | Enum: PUBLIC_IP, PRIVATE_IP |
| proxy_server_profile | Id of the proxy server profile Id of the proxy server profile, corresponding proxy settings will be applied while deploying the gateway. |
string | |
| target_disk_size | Target Disk Size This is the target disk size of the PCG appliance in GB. Based on this an additional disk is attached to the PCG appliance, if required. The supported size is 191 GB and this property should only be modified post upgrade for exisiting PCG appliances. |
integer | |
| vpn_service_enabled | Flag to enable or disable inter-operation with services via VPN Flag that will enable or disable inter-operation between NSX and non-NSX services via VPN. |
boolean | Default: "True" |
AwsGatewayDeployConfig (schema)
AWS gateway deployment configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| account_id | ID of the AWS account | string | Required |
| configuration | Configuration of this gateway | AwsGatewayConfig | Readonly |
| vpc_id | ID of the vpc | string | Required |
AwsGatewayHaConfig (schema)
AWS subnet configuration to deploy gateways
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| availability_zone | Availability Zone | string | Required |
| downlink_subnet | Downlink subnet | string | Required |
| gateway_ha_index | Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. | integer | Required |
| management_subnet | Management subnet | string | Required |
| private_ip_settings | Private IP settings for management interface Stores settings related to AWS gateway Private IP configuration. The private_ip will be attached to management interface of the gateway, based on the value of ip_allocation_mode. |
GatewayPrivateIp | |
| public_ip_settings | Public IP settings for management interface Stores settings related to AWS gateway Public IP configuration. The public_ip will be attached to management interface of the gateway, based on the value of ip_allocation_mode. |
GatewayPublicIp | |
| uplink_public_ip_settings | Public IP settings for uplink interface Stores settings related to AWS gateway Public IP configuration. The public_ip will be attached to uplink interface of the primary gateway, based on the value of ip_allocation_mode. |
GatewayPublicIp | |
| uplink_subnet | Uplink subnet | string | Required |
AwsGatewayInfo (schema)
AWS Gateway Information
Stores AWS gateway information like configuration and status.
| Name | Description | Type | Notes |
|---|---|---|---|
| configuration | Gateway Configuration Configuration of AWS gateway |
AwsGatewayConfig | Readonly |
| csm_ip_address | Cloud service manager IP address Cloud service manager IP address used to communicate with the AWS Vpc gateways. |
string | Readonly |
| gateway_status | Gateway Status Array of gateway statuses |
AwsGatewayStatus | Readonly |
AwsGatewayInstanceStatus (schema)
AWS gateway instance status
Stores information about AWS gateway instance status
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| configuration_operation_status | Status of different gateway configuration operations This property provides a consolidated status of supported gateway configuration operations. |
GatewayConfigOperationStatus | Readonly |
| deployment_step | Different states of gateway deployment | string | Readonly Enum: VALIDATING_ENVIRONMENT, COPYING_IMAGE, CREATING_SECURITY_GROUPS, LAUNCHING_GATEWAY, CREATING_NETWORK_INTERFACES, ATTACHING_NETWORK_INTERFACES, ATTACHING_SECURITY_GROUPS, CONFIGURING_GATEWAY, CREATING_LOGICAL_NETWORK_CONSTRUCTS, DEPLOYMENT_SUCCESSFUL, DEPLOYMENT_FAILED, UNCONFIGURING_GATEWAY, RELEASING_EIPS, TERMINATING_GATEWAY, DELETING_SECURITY_GROUPS, DELETING_CLOUD_RESOURCES, UNDEPLOYMENT_SUCCESSFUL, UNDEPLOYMENT_FAILED, NOT_APPLICABLE, CLEANUP_INPROGRESS, CLEANUP_FAILED |
| error_code | Error code for gateway operation failure | integer | Readonly |
| error_message | Error message for gateway operation failure | string | Readonly |
| gateway_ha_index | Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. | integer | |
| gateway_instance_id | ID of the gateway instance | string | |
| gateway_lcp_connectivity_status | Gateway to NSX Controller connectivity status Status of connectivity between NSX controller and public cloud gateway. |
string | Readonly Enum: UP, DOWN, DEGRADED, UNKNOWN |
| gateway_mpa_connectivity_status | Gateway to NSX Manager connectivity status Status of connectivity between NSX manager and public cloud gateway. |
string | Readonly Enum: UP, DOWN, UNKNOWN |
| gateway_name | Name of the gateway instance | string | |
| gateway_node_id | NSX Node ID of the public cloud gateway | string | |
| gateway_status | Gateway instance status | string | Readonly Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING, COPYING_IMAGE |
| gateway_tn_id | NSX transport node id of the public cloud gateway | string | |
| is_gateway_active | Flag to identify if this is an active gateway | boolean | Readonly |
| private_ip | Private IP address of the virtual machine | string | Readonly |
| public_ip | Public IP address of the virtual machine | string | Readonly |
| vpn_private_ip | VPN Private IP address Private IP address of the virtual machine for VPN |
string | Readonly |
AwsGatewayStatus (schema)
AWS Gateway Status
Stores AWS gateway status related information
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| gateway_cluster_id | NSX gateway cluster ID Cluster ID of NSX gateway |
string | |
| gateway_instances_status | Gateway Instances Status Array of gateway instances statuses |
array of AwsGatewayInstanceStatus | Readonly |
AwsGatewayUndeployConfig (schema)
AWS gateway undeployment configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| account_id | ID of the AWS account | string | Required |
| instance_id | ID of the gateway instance | string | Required |
AwsGatewaysListRequestParameters (schema)
These paramaters will be used to filter the list of AWS Gateways.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Account ID Optional identifier for account based on which AWS gateways list can be filtered. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Region ID Optional identifier for region based on which AWS gateways list can be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vpc_id | VPC ID Optional identifier for vpc based on which AWS gateways list can be filtered. |
string |
AwsGatewaysListResult (schema)
AWS Gateways List Result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Vpc list | array of AwsGatewayDeployConfig | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsKeyPair (schema)
Aws Key Pair
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| name | Name of the Aws Key Pair | string | Required |
AwsKeyPairList (schema)
List of Aws Key Pairs
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Aws Key Pairs list | array of AwsKeyPair | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsKeyPairListRequestParameters (schema)
These paramaters will be used to filter the list of subnets.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Identifier for account based on which list of key pairs will be obtained | string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Identifier for region based on which list of key pairs will be obtained | string | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AwsPublicIpListResult (schema)
Aws Public IP List Result
Stores a list of Aws public IPs.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | AWS public IP Array of Aws public IPs. |
array of string | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsRegion (schema)
Aws Region Information
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| associated_account_ids | Associated AWS Account IDs Array of associated AWS account IDs. |
array of string | |
| availability_zones | Availability zones under this region | array of AwsAvailabilityZoneInfo | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| gateway_stats | Gateway statistics | GatewayStats | Readonly |
| has_managed_vpc | Has a managed VPC? | boolean | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| instance_stats | Instance statistics | InstanceStats | Readonly |
| resource_type | Must be set to the value AwsRegion | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| vpc_stats | VPC statistics | VpcStats | Readonly |
AwsRegionsListRequestParameters (schema)
These paramaters will be used to filter the list of regions.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Identifier for account based on which regions are to be filtered | string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Identifier for region based on which the list can be filtered or can be used to validate that hierarchy is correct | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AwsRegionsListResult (schema)
AwsRegions list
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Aws Regions list result | array of AwsRegion | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsResourcesListRequestParameters (schema)
Aws Resource List Request Parameters
A set of filter parameters to list Aws resources. Multiple parameters
can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Account ID Mandatory identifier for account based on which resources are to be filtered. |
string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Region ID Optional identifier for region based on which resources are to be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vpc_id | AWS Virtual Private Center ID Optional identifier for "nsx.vpc" tag on which public IPs are to be filtered. |
string |
AwsSecurityGroup (schema)
AWS Security Group
Stores information about an AWS security group.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cloud_tags | Cloud Tags Array of tags associated to a cloud security group. |
array of CloudTag | Readonly |
| description | Security Group Description Description of AWS security group. |
string | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| inbound_rules | Inbound Rules Array of inbound rules of the AWS security group. |
array of AwsSecurityGroupRule | Readonly |
| instances_count | Count Of Instances Number of instances associated to cloud security group. |
integer | Readonly |
| is_managed_by_nsx | Is Managed By NSX If the flag is true, the cloud security group is managed by NSX. |
boolean | Readonly |
| nsx_security_group | NSX Security Group Stores information about the NSX security group corresponding to the AWS security group. |
SecurityGroup | Readonly |
| outbound_rules | Outbound Rules Array of outbound rules of the AWS security group. |
array of AwsSecurityGroupRule | Readonly |
| region_id | Region ID ID of the cloud region. |
string | Readonly |
| resource_type | Must be set to the value AwsSecurityGroup | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| security_group_id | Security Group ID ID of the cloud security group. |
string | Readonly |
| security_group_name | Security Group Name Name of the cloud security group. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AwsSecurityGroupRule (schema)
AWS Security Group Rule
Stores information about an AWS security group rule.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination | Destination Destination corresponding to the cloud security group rule. |
string | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| port_range | Port Range Port range corresponding to the cloud security group rule. |
string | Readonly |
| protocol | Protocol Protocol corresponding to the cloud security group rule. |
string | Readonly |
| resource_type | Must be set to the value AwsSecurityGroupRule | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| source | Source Source corresponding to the cloud security group rule. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Type Type of AWS security group rule. |
string | Readonly |
AwsSecurityGroupsListRequestParameters (schema)
Aws Security Groups List Request Parameters
A set of filter parameters to list Aws security groups. Multiple parameters
can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Account ID Mandatory identifier for account based on which resources are to be filtered. |
string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Region ID Optional identifier for region based on which resources are to be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vpc_id | Region ID Optional identifier for region based on which resources are to be filtered. |
string | Required |
AwsSecurityGroupsListResult (schema)
AWS Security Groups List Result
Stores a list of AWS security groups.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of AWS security groups. |
array of AwsSecurityGroup | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsServiceEndpoint (schema)
AWS Service Endpoint
Stores information about any service endpoint which is provided by AWS. NSX
supported services are currently limited to Simple Storage Service (S3),
Relational Database Service (RDS), DynamoDB and Elastic Load Balancing.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cidrs | CIDRs Array of CIDRs associated to an AWS service. |
array of string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| nsx_security_groups | NSX security groups array Stores an array of NSX security groups associated to this cloud service endpoint. |
array of SecurityGroup | Readonly |
| resource_type | Must be set to the value AwsServiceEndpoint | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| service_endpoint_id | Service Endpoint ID Cloud provided ID of the service endpoint. |
string | Readonly |
| service_endpoint_type | Service Endpoint Type Cloud provided type of the service endpoint. |
string | Readonly |
| service_name | Service Name Name of the cloud service the endpoint is associated with. |
string | Readonly |
| service_type | Service type Stores the type of AWS service corresponding to this endpoint. AWS_RDS - Amazon Relational Database Service AWS_DYNAMODB - Amazon DynamoDB AWS_S3 - Amazon Simple Storage Service AWS_ELB - Amazon Elastic Load Balancer |
string | Readonly Enum: AWS_RDS, AWS_DYNAMODB, AWS_S3, AWS_ELB |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AwsServiceEndpointsListResult (schema)
AWS Service Endpoints List Result
Stores a list of service endpoints which are provided by AWS with
information about each of them. NSX supported services are currently
limited to Simple Storage Service (S3), Relational Database Service (RDS),
DynamoDB and Elastic Load Balancing.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of AWS service endpoints. |
array of AwsServiceEndpoint | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsSubnet (schema)
Aws subnet
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| availability_zone | string | ||
| cidr | IPV4 CIDR Block for the Vpc | string | Required Format: ipv4-cidr-block |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | ID of subnet | string | Required |
| resource_type | Must be set to the value AwsSubnet | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| vpc_id | ID of the vpc | string | Required |
AwsSubnetListRequestParameters (schema)
These paramaters will be used to filter the list of subnets.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Identifier for account based on which subnets are to be filtered | string | Required |
| availability_zone_name | Identifier for availability zone based on which subnets are to be filtered | string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_name | Identifier for region based on which subnets are to be filtered This field is DEPRECATED. region_name will be learnt from vpc_id information. |
string | Deprecated |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vpc_id | Identifier for vpc based on which subnets are to be filtered | string | Required |
AwsSubnetListResult (schema)
Aws subnets list
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Aws subnets list result | array of AwsSubnet | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsTransitVpcConfig (schema)
AWS Transit VPC Configuration
Stores the account IDs and VPC ID related to
the transit VPC.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | AWS account ID AWS account ID of the transit VPC. This field is deprecated. Field account_id can be learnt using vpc_id. GET /csm/aws/vpcs/ Hence, this field is optional. |
string | Deprecated |
| vpc_id | VPC ID VPC ID of the transit VPC. |
string | Required |
AwsTransitVpcInfo (schema)
AWS Transit VPC Information
Stores the account ID and VPC ID related to the transit VPC. A transit VPC is a AWS VPC in which public cloud gateways are deployed and is managing the workload VMs present in other compute VPCs.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| associated_account_ids | Array of Cloud Account IDs Cloud account ID related to the virtual private cloud. |
array of string | Required Readonly |
| virtual_private_cloud_id | Virtual Private Cloud ID Virtual private cloud ID of the corresponding cloud. |
string | Required Readonly |
| virtual_private_cloud_name | Virtual Private Cloud name Virtual private cloud name of the corresponding cloud. |
string | Required Readonly |
AwsVirtualMachine (schema)
Aws Virtual Machine Information
Stores information about a AWS Virtual Machine
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| agent_status | Agent Status UP - NSX Agent is up and running DOWN - NSX Agent is down NO_AGENT - No NSX Agent installed on instance UNKNOWN - NSX Agent status is unknown NEEDS_UPDATE - NSX Agent running on instance needs to be updated |
string | Readonly Enum: UP, DOWN, NO_AGENT, UNKNOWN, NEEDS_UPDATE |
| agent_version | Agent version details | string | Readonly |
| associated_account_ids | Associated Cloud Account IDs Array of associated cloud account IDs. |
array of string | |
| availability_zone | AWS Availability Zone AWS availability zone in which virtual machine is residing |
string | Readonly |
| cloud_instance_type | Cloud Instance Type This field represents various type of service instances in cloud. VIRTUAL_MACHINE: Virtual machine deployed in public cloud. AWS_RDS_INSTANCE: Amazon Relational Database Service Instance. AWS_RDS_CLUSTER: Amazon Relational Database Service Cluster. AWS_APPLICATION_ELB_INSTANCE: Amazon Application Elastic LoadBalancer. AWS_CLASSIC_ELB_INSTANCE: Amazon Classic Elastic LoadBalancer. HORIZON_MANAGEMENT: Virtual Machines that are deployed on Microsoft Azure using Horizon Cloud Services(HCS) that are used for managing other instances in the network. This includes, Management VMs, Unified Access Gateway (UAG) VMs, Base VMs. HORIZON_VDI: Virtual Desktop Image (VDI) deployed on Microsoft Azure using Horizon Cloud Services(HCS). |
string | Readonly Enum: VIRTUAL_MACHINE, AWS_RDS_INSTANCE, AWS_RDS_CLUSTER, AWS_APPLICATION_ELB_INSTANCE, AWS_CLASSIC_ELB_INSTANCE, HORIZON_MANAGEMENT, HORIZON_VDI |
| cloud_tags | Cloud tags for the instance | array of CloudTag | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| error_messages | List of error messages List of error messages identified. Returns only error messages identified in the last 1 hour. |
array of ComputeInstanceErrorMessage | Readonly |
| gateway_ha_index | Gateway HA Index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. |
integer | |
| gateway_status | Gateway Status | string | Readonly Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING, COPYING_IMAGE |
| id | Unique identifier of this resource | string | Sortable |
| is_gateway | Flag to identify if this instance is a gateway node | boolean | Readonly |
| is_gateway_active | Flag to identify if this instance is an active gateway node | boolean | Readonly |
| logical_switch_display_name | Logical Switch display name | string | Readonly |
| logical_switch_id | Logical Switch ID | string | Readonly |
| managed_by_nsx | Indicate if instance is managed by NSX or not | boolean | Required Readonly |
| nsx_failed_rules_count | NSX failed rules count Number of NSX firewall rules failed to realize on cloud for the instance. |
integer | Readonly |
| nsx_ip | IP address provided by NSX | string | Readonly |
| nsx_security_group_mapping | NSX Security Group Mapping Map of cloud security groups associated to the instance and corresponding NSX security groups. |
array of SecurityGroupDetails | Readonly |
| nsx_security_rule_errors | NSX Security Rule Errors DEPRECATED. Array of NSX security rule realization errors. To get this information call /csm/virtual-machines/ |
array of NsxSecurityRuleErrorDetails | Deprecated Readonly |
| nsx_security_rule_errors_count | NSX Security Rule Errors Count DEPRECATED. Count of the NSX security rule realization errors. To get this information call /csm/virtual-machines/ |
integer | Deprecated Readonly |
| nsx_successful_rules_count | NSX successful rules count Number of NSX firewall rules successfully configured for this instance. |
integer | Readonly |
| os_details | Operating system details | string | Readonly |
| os_type | Operating system of the instance | string | Readonly |
| power_state | Power State Indicates the power state of the virtual machine as returned by AWS. |
string | Readonly Enum: PENDING, RUNNING, SHUTTING_DOWN, TERMINATED, STOPPING, STOPPED |
| private_ip | Private IP address of the instance | string | Readonly |
| public_ip | Public IP address of the instance | string | Readonly |
| quarantine_state | Quarantine State Indicates the quarantine state of the instance. QUARANTINED - This state implies instance is moved to quarantine security group because some threat has been detected. NOT_QUARANTINED - This state implies no quarantine action has been taken. UNKNOWN - This state implies either quarantine policy is disabled or quarantine information is not available. OVERRIDDEN - This state implies instance is associated with vm_override_sg which overrides any action based on threat detection. WHITELISTED - This state implies that quarantine operation will not be performed on the instance [DEPRECATED - replaced with USERMANAGED]. USERMANAGED - This state implies that quarantine operation will not be performed on the instance. NOT_APPLICABLE - This state will be populated for agentless instance, Horizon Management instance. |
string | Readonly Enum: QUARANTINED, NOT_QUARANTINED, UNKNOWN, OVERRIDDEN, WHITELISTED, USERMANAGED, NOT_APPLICABLE |
| region | AWS Region AWS region in which virtual machine is residing |
string | Readonly |
| resource_type | Must be set to the value AwsVirtualMachine | string | Required Enum: AwsVirtualMachine, AzureVirtualMachine |
| segment_display_name | Segment display name Segment display name on which this instance resides. |
string | Readonly |
| segment_id | Segment ID Segment ID on which this instance resides. |
string | Readonly |
| status | Instance status POWERED_ON - Powered on instance POWERED_OFF - Powered off instance MANAGED_GATEWAY - Instances that are public cloud gateways MANAGED - Instances that are managed by NSX UNMANAGED - Instances that are not managed by NSX or untagged ERRORED - Instances with no NSX Agent connectivity, NSX Agent is down, No NSX Policy configured for Agentless VMs or Error on NSX Policy rule realization. QUARANTINED - Instances which have been quarantined WHITELISTED - Instances which have been whitelisted [DEPRECATED - replaced with USERMANAGED] USERMANAGED - Instances which have been marked as usermanaged. |
string | Readonly Enum: POWERED_ON, POWERED_OFF, UNMANAGED, MANAGED_GATEWAY, MANAGED, ERRORED, QUARANTINED, WHITELISTED, USERMANAGED |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| threat_state | Threat State Indicates the threat state of the instance. NORMAL - This state implies no threat has been detected and instance is functioning as expected. THREAT - This state implies quarantine enabling threat has been detected. INVALID - This state implies either instance is unmanaged or threat related information is not available. NOT_APPLICABLE - This state will be populated for agentless instance. |
string | Readonly Enum: NORMAL, THREAT, INVALID, NOT_APPLICABLE |
| vm_config_status | Status for user configurable properties | VmConfigStatus | Readonly |
| vm_extension_execution_status | VM extension script execution status UNKNOWN - This is the default state. Indicates no information available regarding extension execution. This can potentially occur for a VM when agent is installed out of band or if cloud_agent_automated_install_enabled flag is enabled for the VNET/VPC which already has managed VMs. SUCCESSFUL - Indicates VM extension script execution was successful. This does not necessarily mean agent installation was successful. FAILED - Indicates VM extension script execution failed. |
string | Readonly |
| vpc | AWS VPC AWS VPC ID in which virtual machine is residing |
string | Readonly |
| vpc_name | AWS VPC name AWS VPC name in which virtual machine is residing |
string | Readonly |
AwsVpc (schema)
Vpc Information
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| agent_info | Aws Agent Information Array of agent install and download instructions for various OS types. |
array of AgentInfo | Readonly |
| ami_id | AMI ID Amazon Machine Image is a special type of virtual appliance that is used to create a virtual machine with the Amazon Elastic Compute Cloud. It serves as the basic unit of deployment for services delivered using Amazon EC2 |
string | Readonly |
| associated_account_ids | Associated AWS Account IDs Array of associated AWS account IDs. |
array of string | |
| associated_transit_vpc | Associated AWS Transit VPC Stores the VPC ID and associated account IDs of the transit VPC. This property describes the associated transit VPC for a given AWS compute VPC. |
AwsTransitVpcInfo | Readonly |
| cidr | IPV4 CIDR Block for the Vpc This field is DEPRECATED as AWS started supporting multiple CIDR blocks per VPC. This field will return only the first CIDR block from the response received from AWS. Please use cidr_blocks to see the multiple CIDR blocks associated with the VPC. |
string | Deprecated Readonly Format: ipv4-cidr-block |
| cidr_blocks | IPv4 CIDR Block IPv4 CIDR Block of the virtual network. |
array of CidrBlock | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| gateway_info | Gateway details for the Vpc | AwsGatewayInfo | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| instance_stats | Managed, unmanaged and error instance counts for the Vpc | InstanceStats | Readonly |
| is_management_vpc | Flag to identify if this is the management Vpc | boolean | Readonly Default: "False" |
| managed_vpcs | Array of NSX Managed Compute VPCs Array of compute VPCs managed by a transit VPC. This property describes array of managed compute VPC for a given transit VPC. |
array of ManagedVpcInfo | Readonly |
| op_status | AWS VPC Operational Status Operational status of the VPC. |
AwsVpcOpStatus | Readonly |
| region_id | Id of the AWS region | string | Readonly |
| resource_type | Must be set to the value AwsVpc | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_zones | Transport zones for the Vpc | array of TransportZoneInfo | Readonly |
| vpc_status | AWS Compute VPC Status Stores onboard and offboard states and corresponding error messages and error code related to AWS compute VPC. The status for a transit VPC should be obtained from gateway_info. |
AwsComputeVpcStatus | Readonly |
AwsVpcConfig (schema)
AWS VPC Configuration
Stores the configuration such as default_quarantine_policy_enabled and cloud_fallback_security_group_id for related AWS VPC.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cloud_fallback_security_group_id | Id of Cloud Security Group Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false. |
string | |
| default_quarantine_policy_enabled | Flag to Identify if Default Quarantine Policy is Enabled Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not. |
boolean | Default: "False" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| managed_without_agents | Managed Without NSX Agents This flag determines if this compute virtual private cloud is managed with or without NSX agents. |
boolean | Default: "False" |
| resource_type | Must be set to the value AwsVpcConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AwsVpcListRequestParameters (schema)
These paramaters will be used to filter the list of Vpcs.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Identifier for account based on which vpcs are to be filtered | string | |
| associated_transit_vpc_id | Transit VPC ID Identifier for filtering all the compute VPCs which are NSX managed by the given transit VPC. |
string | |
| cidr | IPV4 CIDR Block for the Vpc | string | Format: ipv4-cidr-block |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| op_status | AWS VPC Operational Status Operational status of the VPC. |
AwsVpcOpStatus | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Identifier for region based on which vpcs are to be filtered | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| status_filter | Filter by overall VPC status MANAGED - VPC is managed by NSX UNMANAGED - VPC is not managed by NSX ERRORED - VPC is in error state |
string | Readonly Enum: MANAGED, UNMANAGED, ERRORED |
| vpc_id | Identifier for vpc based on which the list can be filtered or can be used to validate that hierarchy is correct | string |
AwsVpcListResult (schema)
Vpc list
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Vpc list | array of AwsVpc | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AwsVpcOpStatus (schema)
Operational Status
Operational status of the AWS VPC. After
there are gateways deployed in a VPC, that VPC is called as transit
VPC and it's status will be set as NSX_MANAGED_BY_GATEWAY.
For all the compute VNets which are being managed by a transit VPC,
their status will be set as NSX_MANAGED_BY_TRANSIT_VPC.
NSX_GATEWAY_ERROR status means gateways are deployed in VPC, but no
gateway is UP and at least one gateway is DOWN. The remaining gateway
can be in NOT_AVAILABLE state. NSX_COMPUTE_ERROR
status will be shown in compute VPC when transit VPC is in
NSX_GATEWAY_ERROR state.
Status for all the rest of the VPCs will be NSX_UNMANAGED.
NSX_MANAGED is deprecated.
| Name | Description | Type | Notes |
|---|---|---|---|
| AwsVpcOpStatus | Operational Status Operational status of the AWS VPC. After there are gateways deployed in a VPC, that VPC is called as transit VPC and it's status will be set as NSX_MANAGED_BY_GATEWAY. For all the compute VNets which are being managed by a transit VPC, their status will be set as NSX_MANAGED_BY_TRANSIT_VPC. NSX_GATEWAY_ERROR status means gateways are deployed in VPC, but no gateway is UP and at least one gateway is DOWN. The remaining gateway can be in NOT_AVAILABLE state. NSX_COMPUTE_ERROR status will be shown in compute VPC when transit VPC is in NSX_GATEWAY_ERROR state. Status for all the rest of the VPCs will be NSX_UNMANAGED. NSX_MANAGED is deprecated. |
string | Readonly Enum: NSX_MANAGED_BY_GATEWAY, NSX_MANAGED_BY_TRANSIT_VPC, NSX_MANAGED, NSX_UNMANAGED, NSX_GATEWAY_ERROR, NSX_COMPUTE_ERROR |
Axes (schema)
Axes of a graph
Represents X and Y axes of a graph. For a multi-graph, the same axes are shared by all the graphs.
| Name | Description | Type | Notes |
|---|---|---|---|
| x_label | Label for X axis of a graph | Label | |
| x_labels | A list of X-Axis Labels with condition support. A list of X-Axis Labels with condition support. If needed, this property can be used to provide a list of x-axis label with condition support. For a label with single condition,'x-label' property can be used. |
array of Label | Minimum items: 0 |
| y_axis_unit_labels | A list of Y-Axis unit Labels with condition support. A list of Y-Axis unit Labels with condition support. If needed, this property can be used to provide a list of y-axis unit label with condition support. This unit label can be used to display the point value along with units like percentage, milliseconds etc. |
array of Label | Minimum items: 0 |
| y_axis_units | A list of Y-Axis unit with condition support. A list of Y-Axis unit with condition support. If needed, this property can be used to provide a list of y-axis unit with condition support. This unit could be like percentage, seconds, milliseconds etc. |
array of AxisUnit | Minimum items: 0 |
| y_label | Label for Y axis of a graph | Label | |
| y_labels | A list of Y-Axis Labels with condition support. A list of Y-Axis Labels with condition support. If needed, this property can be used to provide a list of y-axis label with condition support. For a label with single condition,'y-label' property can be used. |
array of Label | Minimum items: 0 |
AxisUnit (schema)
Axis unit of a graph
Represents X and Y axis unit of a graph.
| Name | Description | Type | Notes |
|---|---|---|---|
| condition | Expression for evaluating condition If the condition is met then the above unit will be displayed. to UI. If no condition is provided, then the unit will be displayed unconditionally. |
string | Maximum length: 1024 |
| unit | An Axis unit. An Axis unit. |
string | Enum: COUNT, PERCENT, BYTES, MILLISECONDS, SECONDS, MINUTE, HOUR, DAY, KILO_BYTES, MEGA_BYTES, GIGA_BYTES |
AzureAccount (schema)
Azure Account
Stores information about an Azure account
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| auth_method | Azure account authorization method This property conveys the authorization method to use. Appropriate credentials/parameters will be expected based on this method selection. |
string | Readonly Enum: CREDENTIALS |
| auth_users | Authrized Users List of authorized users. |
array of CloudUserInfo | Readonly |
| cloud_type | Cloud Type | string | Required Enum: AWS, AZURE, GOOGLE, AZURE_GOV_US, AWS_GOV_US_EAST, AWS_GOV_US_WEST |
| credentials | Azure Credentials Credentials of Azure Account. |
AzureCredentials | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| instance_stats | Instance statistics Stores statistics of the number of managed, unmanaged and error virtual machines. |
InstanceStats | Readonly |
| last_inventory_sync_date | Last inventory sync date Time when last inventory syncing completed. |
integer | Readonly |
| regions_config | List of regions configuration for the cloud account Configured list of regions to be used for the cloud account. |
RegionListConfig | |
| regions_count | Azure Regions Count Count of the Azure regions which have atleast one virtual network created. |
integer | Readonly |
| resource_type | Must be set to the value AzureAccount | string | |
| status | Azure Account Status Status of the Azure Account. |
AzureAccountStatus | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tenant_id | Tenant ID Tenant ID of the cloud account. |
string | Readonly |
| vnet_stats | Virtual Network Statistics Stores statistics of the number of MANAGED and UNMANAGED virtual networks. |
VnetStats | Readonly |
AzureAccountStatus (schema)
Azure Account Status
Stores information about Azure account status.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| credentials_status | Credentials Status Status of the cloud account credentials synced at the auto interval. |
string | Readonly Enum: VALID, INVALID |
| error_message | Error encountered while syncing azure inventory Error encountered while syncing azure inventory such as read timeout. |
string | Readonly |
| inventory_sync_status | Inventory Synchronization Status Status of inventory synchronization process. |
string | Readonly Enum: SYNCED, IN_PROGRESS |
| inventory_sync_step | Inventory sync step Step of the inventory synchronization process. |
string | Readonly Enum: SYNCING_AZURE_REGIONS, SYNCING_AZURE_VNETS, SYNCING_VMS, SYNCING_NSX_DATA, SYNCING_AZURE_GATEWAYS, SYNCING_MANAGED_INSTANCES, NOT_APPLICABLE |
AzureAccountsListRequestParameters (schema)
Azure account filter parameters
These parameters will be used to filter the list of accounts.
| Name | Description | Type | Notes |
|---|---|---|---|
| cloud_type | Azure Cloud Type Type of Azure cloud. |
string | Enum: AZURE, AZURE_GOV_US |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AzureAccountsListResult (schema)
Azure Accounts List Result
Stores a list of Azure accounts.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of Azure accounts. |
array of AzureAccount | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureComputeVNetConfig (schema)
Azure Compute VNet Configuration
Stores the parameters required for linking compute VNet
with the Transit VNet.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| account_id | Azure Account ID Azure account ID related to the compute VNet. This field is deprecated. Field account_id can be learnt using vnet_id. GET /csm/azure/vnets/ Hence, this field is optional. |
string | Deprecated |
| auto_agent_install_enabled | Auto Agent Install Enabled Flag to identify if NSX agent installation will be done automatically or not. As of now this is supported for Azure Cloud only. If the flag managed_without_agents is set to true, this property will be ignored. |
boolean | Default: "False" |
| cloud_fallback_security_group_id | Id of Cloud Security Group Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false. |
string | |
| configuration | Azure Transit VNet Configuration All the required informations regarding a transit VNet will be absorbed as a part of this field. |
AzureTransitVnetConfig | Required |
| default_quarantine_policy_enabled | Flag to Identify if Default Quarantine Policy is Enabled Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not. |
boolean | Default: "False" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| managed_without_agents | Managed Without NSX Agents This flag determines if this compute virtual private cloud is managed with or without NSX agents. |
boolean | Default: "False" |
| resource_type | Must be set to the value AzureComputeVNetConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AzureComputeVNetListRequestParameters (schema)
These paramaters will be used to filter the list of compute VNets.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Azure Account ID Identifier for account based on which compute VNets are to be filtered. |
string | |
| associated_transit_vnet_id | Transit VNet ID Identifier for filtering all the compute VNets which are NSX managed by the given transit VNet. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vnet_id | VNet ID Optional identifier for virtual network based on which compute virtual networks list can be filtered. It consists of resourceGuid of Azure VNet. |
string |
AzureComputeVNetListResult (schema)
Azure Compute VNet list
Stores a list of Azure compute virtual networks.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Compute VNets Array of Azure compute virtual networks. |
array of AzureComputeVNetConfig | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureComputeVnetStatus (schema)
VNet Status
Stores onboard and offboard status of Azure VNet. There are 4 states in
onboarding a VNet using transit VNet and the corresponding states in
sequence are VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS,
CONFIGURING_GATEWAY and ONBOARD_SUCCESSFUL. There are 3 states in
offboarding a VNet and the corresponding states in sequence are
UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS and OFFBOARD_SUCCESSFUL.
The state of failure in onboarding or offboarding is indicated
by ONBOARD_FAILED and OFFBOARD_FAILED.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| configuration | AZURE VNet Config Stores AZURE VNet configuration. |
AzureVNetConfig | |
| error_code | Error Code Error code related to virtual private cloud Onboard/Offboard failure. |
integer | Readonly |
| error_message | Error Message Error message related to virtual private cloud Onboard/Offboard failure. |
string | Readonly |
| offboard_step | States of Virtual Private Cloud While OffBoard Stores the different states of virtual private cloud while offboarding from a transit virtual private cloud. |
string | Readonly Enum: UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS, OFFBOARD_SUCCESSFUL, OFFBOARD_FAILED, NOT_APPLICABLE |
| onboard_step | States of Virtual Private Cloud While Onboard Stores the different states of virtual private cloud while onboarding using a transit virtual private cloud. |
string | Readonly Enum: VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS, CONFIGURING_GATEWAY, ONBOARD_SUCCESSFUL, ONBOARD_FAILED, NOT_APPLICABLE |
| status | Virtual Private Cloud Status Indicates the status of a virtual private cloud. UP: virtual private cloud is NSX managed. DOWN: virtual private cloud is NSX managed with errors. ONBOARDING: virtual private cloud is in the process of onboarding using a transit virtual private cloud. OFFBOARDING: virtual private cloud is in the process of offboarding from a transit virtual private cloud. NOT_APPLICABLE: virtual private cloud is NSX unmanaged. |
string | Readonly Enum: UP, DOWN, ONBOARDING, OFFBOARDING, NOT_APPLICABLE |
| virtual_private_cloud_name | Virtual Private Cloud Name Name of the transit virtual private cloud. |
string | Readonly |
AzureCredentials (schema)
Azure Account Credentials
Stores information about Azure account credentials
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| client_id | Azure Account Client ID Client ID of the Azure account. |
string | |
| gateway_role | Azure role name for gateway Default Azure Managed Service Identity role that will be set to the Cloud Gateways deployed in the Azure account. Based on the permissions in the role, the gateways will have access to resources in the Azure account. |
string | |
| key | Azure Account Key Key of the Azure account. Used only to take input. Will never be returned in any API response. |
string | |
| subscription_id | Azure Account Subscription ID Subscription ID of the Azure account. |
string | |
| tenant_id | Azure Account Tenant ID Tenant ID of the Azure account. |
string |
AzureGatewayConfig (schema)
Azure gateway configuration
Stores Azure gateway configuration like image_id, ssh_key and
gateway_ha_configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| auto_agent_install_enabled | Auto Agent Install Enabled Flag to identify if NSX agent installation will be done automatically or not. As of now this is supported for Azure Cloud only. If the flag managed_without_agents is set to true, this property will be ignored. |
boolean | Default: "False" |
| cloud_fallback_security_group_id | Id of cloud security group Id of security group where the VMs should be moved after last gateway undeployed. |
string | |
| default_quarantine_policy_enabled | Flag to identify if default quarantine policy is enabled | boolean | Default: "False" |
| dns_settings | DNS settings Settings related to Cloud gateway DNS configuration. This determines DNS configuration based on dns_mode. |
DnsSettings | Deprecated |
| gateway_connectivity_mode | Gateway Connectivity Mode Helps the user choose default connectivity mode that will be used between Cloud Service Manager and Gateway. PUBLIC IP: All the connections will go through the internet. When this mode is selected by the user, the user will have to select a public Ip address from the list of public IP's from the 'Public IP on Mgmt NIC' field. PRIVATE IP: All the connections will go through the VGW or any other configured VPN. When there is no input provided by the user, an attempt will be made using PRIVATE_IP (VGW) first and if that doesn't go through, an attempt will be made using PUBLIC_IP (IGW). And if both fail, it will cause an exception. |
string | Enum: PUBLIC_IP, PRIVATE_IP |
| gateway_ha_configuration | Azure Gateway HA configuration | array of AzureGatewayHaConfig | |
| image_id | NSX PCG Image ID The ID of the Public Cloud Gateway image in Azure |
string | |
| image_id_obsolete | Flag to identify if the image ID is related to the previous NSX release If this flag is set, NSX was upgraded after the gateway was deployed and this image ID should no longer be used |
boolean | Readonly Default: "False" |
| is_ha_enabled | Flag to identify if HA is enabled | boolean | |
| managed_without_agents | Managed Without NSX Agents This flag determines if this virtual private cloud is managed with or without NSX agents. This flag is applicable only for this network. If this virtual private cloud is being managed without NSX agents, quarantine state and threat state will be NOT_APPLICABLE for all the virtual machines under it. |
boolean | Default: "False" |
| nsx_manager_connection | NSX Manager connection Determines if connection to NSX Manager is via public IP or private IP |
string | Enum: PUBLIC_IP, PRIVATE_IP |
| proxy_server_profile | Id of the proxy server profile Id of the proxy server profile, corresponding proxy settings will be applied while deploying the gateway. |
string | |
| ssh_key | SSH Key This key will be associated to Public Cloud Gateway instance while it is launched in Azure. |
string | |
| storage_account_name | Azure Storage Account Name Azure Storage Account where gateway image will be copied. |
string | |
| target_disk_size | Target Disk Size This is the target disk size of the PCG appliance in GB. Based on this an additional disk is attached to the PCG appliance, if required. The supported size is 191 GB and this property should only be modified post upgrade for exisiting PCG appliances. |
integer | |
| vpn_service_enabled | Flag to enable or disable inter-operation with services via VPN Flag that will enable or disable inter-operation between NSX and non-NSX services via VPN. |
boolean | Default: "True" |
AzureGatewayDeployConfig (schema)
Azure gateway deployment configuration
Stores configuration for Azure gateway deployment request.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| account_id | Azure Account ID ID of the Azure account. |
string | Required |
| configuration | Azure Gateway Configuration Configuration of Azure gateway. |
AzureGatewayConfig | Required |
| vnet_id | Azure Virtual Network ID ID of the Azure Virtual Network. It consists of resourceGuid of Azure Vnet. |
string | Required |
AzureGatewayHaConfig (schema)
Azure subnet configuration to deploy gateways
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| downlink_subnet | Downlink subnet | string | Required |
| gateway_ha_index | Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. | integer | Required |
| management_subnet | Management subnet | string | Required |
| private_ip_settings | Private IP settings for management interface Stores settings related to Azure gateway Private IP configuration. The private_ip will be attached to management interface of the gateway, based on the value of ip_allocation_mode. |
GatewayPrivateIp | |
| public_ip_settings | Public IP settings Stores settings related to Azure gateway Public IP configuration. The public_ip will be attached for management interface of the gateway. |
GatewayPublicIp | |
| uplink_public_ip_settings | Public IP settings for uplink interface Stores settings related to Azure gateway Public IP configuration. The public_ip will be attached to uplink interface of the primary gateway, based on the value of ip_allocation_mode. |
GatewayPublicIp | |
| uplink_subnet | Uplink subnet | string | Required |
AzureGatewayInfo (schema)
Azure Gateway Information
Stores azure gateway information like configuration and status.
| Name | Description | Type | Notes |
|---|---|---|---|
| configuration | Gateway Configuration Configuration of Azure gateway. |
AzureGatewayConfig | Readonly |
| csm_ip_address | Cloud service manager IP address Cloud service manager IP address used to communicate with the Azure VNet gateways. |
string | Readonly |
| gateway_status | Gateway Status Array of gateway statuses. |
AzureGatewayStatus | Readonly |
AzureGatewayInstanceStatus (schema)
Azure gateway instance status
Stores information about Azure gateway instance status
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| azure_image_bytes_copied | Bytes copied, while copying image Displays number of bytes copied, while copying gateway image. |
integer | Readonly |
| azure_image_copy_progress | Progress Percentage for image copy Displays progress percentage while copying gateway image. |
integer | Readonly |
| azure_image_total_bytes | Total bytes required to be copied, for copying image Displays total number of bytes required to be copied, for copying gateway image. |
integer | Readonly |
| configuration_operation_status | Status of different gateway configuration operations This property provides a consolidated status of supported gateway configuration operations. |
GatewayConfigOperationStatus | Readonly |
| deployment_step | Different states of gateway deployment | string | Readonly Enum: VALIDATING_ENVIRONMENT, COPYING_IMAGE, CREATING_SECURITY_GROUPS, LAUNCHING_GATEWAY, CREATING_NETWORK_INTERFACES, ATTACHING_NETWORK_INTERFACES, ATTACHING_SECURITY_GROUPS, CONFIGURING_GATEWAY, CREATING_LOGICAL_NETWORK_CONSTRUCTS, DEPLOYMENT_SUCCESSFUL, DEPLOYMENT_FAILED, UNCONFIGURING_GATEWAY, RELEASING_EIPS, TERMINATING_GATEWAY, DELETING_SECURITY_GROUPS, DELETING_CLOUD_RESOURCES, UNDEPLOYMENT_SUCCESSFUL, UNDEPLOYMENT_FAILED, NOT_APPLICABLE, CLEANUP_INPROGRESS, CLEANUP_FAILED |
| error_code | Error code for gateway operation failure | integer | Readonly |
| error_message | Error message for gateway operation failure | string | Readonly |
| gateway_ha_index | Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. | integer | |
| gateway_instance_id | ID of the gateway instance | string | |
| gateway_lcp_connectivity_status | Gateway to NSX Controller connectivity status Status of connectivity between NSX controller and public cloud gateway. |
string | Readonly Enum: UP, DOWN, DEGRADED, UNKNOWN |
| gateway_mpa_connectivity_status | Gateway to NSX Manager connectivity status Status of connectivity between NSX manager and public cloud gateway. |
string | Readonly Enum: UP, DOWN, UNKNOWN |
| gateway_name | Name of the gateway instance | string | |
| gateway_node_id | NSX Node ID of the public cloud gateway | string | |
| gateway_status | Gateway instance status | string | Readonly Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING, COPYING_IMAGE |
| gateway_tn_id | NSX transport node id of the public cloud gateway | string | |
| is_gateway_active | Flag to identify if this is an active gateway | boolean | Readonly |
| private_ip | Private IP address of the virtual machine | string | Readonly |
| public_ip | Public IP address of the virtual machine | string | Readonly |
| vpn_private_ip | VPN Private IP address Private IP address of the virtual machine for VPN |
string | Readonly |
AzureGatewayStatus (schema)
Azure Gateway Status
Stores Azure gateway status related information
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| gateway_cluster_id | NSX gateway cluster ID Cluster ID of NSX gateway |
string | |
| gateway_instances_status | Gateway Instances Status Array of gateway instances statuses |
array of AzureGatewayInstanceStatus | Readonly |
AzureGatewayUndeployConfig (schema)
Azure gateway undeployment configuration
Stores configuration for Azure gateway undeployment request.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| account_id | Azure Account ID ID of the Azure account. |
string | Required |
| instance_id | Azure Instance ID ID of the gateway instance. |
string | Required |
AzureGatewaysListRequestParameters (schema)
Azure Gateways List Request Parameters
A set of optional filter parameters to list Azure gateways. Multiple
parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Azure Account ID Optional identifier for account based on which Azure gateways list can be filtered. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Azure Region ID Optional identifier for region based on which Azure Gateways list can be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vnet_id | Azure Virtual Network ID Optional identifier for virtual network based on which Azure Gateways list can be filtered. It consists of resourceGuid of Azure Vnet. |
string |
AzureGatewaysListResult (schema)
Azure Gateways List Result
Stores a list of Azure gateways.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of Azure gateways. |
array of AzureGatewayDeployConfig | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureIpAllocationConfig (schema)
Cloud IP allocation configuration
Azure cloud specific configuration parameters to create IP allocations for
a Pivotal Application Service / Pivotal Cloud Foundry foundation.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cloud_account_id | Cloud Account ID ID of the Cloud Account in which the IPs are allocated. |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip_allocation_mode | IP Allocation Mode PUBLIC_IP: Allocate new public IP. LINK_LOCAL_IP: Allocate new link local IP. |
string | Enum: PUBLIC_IP, LINK_LOCAL_IP Default: "PUBLIC_IP" |
| ip_allocation_type | IP allocation type Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT. |
string | Enum: PAS, NAT Default: "PAS" |
| number_of_allocations | Number of IP allocations required. | integer | Required |
| resource_type | Must be set to the value AzureIpAllocationConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| vnet_id | Vnet ID ID of the Azure Vnet in which the IPs are allocated. |
string | Required |
AzureIpAllocationMappings (schema)
Cloud IP allocation mappings
Stores information about Cloud IP mapping for a Pivotal Application Service
/ Pivotal Cloud Foundry foundation.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cloud_account_id | Cloud Account ID ID of the Cloud Account in which the IPs are allocated. |
string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| error_code | Error code for IP allocation failure | integer | Readonly |
| error_message | Error message for IP allocation failure | string | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| ip_allocation_type | IP allocation type Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT. |
string | Readonly Enum: PAS, NAT Default: "PAS" |
| ip_mappings | IP mappings for a foundation. | array of CloudIpAllocationMapping | Readonly |
| ip_operation_status | IP Allocation State Indicates the state of the IP allocation or de-allocation. ALLOCATION_IN_PROGRESS: IP allocation is in progress. DELETION_IN_PROGRESS: IP de-allocation or deletion is in progress. SUCCESSFUL: IP allocation is successful. Successful de-allocation can be confirmed if the status API for this mapping returns a 404 error. FAILED: IP allocation or de-allocation failed. |
string | Readonly Enum: ALLOCATION_IN_PROGRESS, DELETION_IN_PROGRESS, SUCCESSFUL, FAILED |
| resource_type | Must be set to the value AzureIpAllocationMappings | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| vnet_id | Vnet ID ID of the Azure Vnet in which the IPs are allocated. |
string | Readonly |
AzureIpMappingsListRequestParameters (schema)
These paramaters will be used to filter the list of IP allocation mappings.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| cloud_account_id | Cloud Account ID ID of the Cloud Account in which the IPs are allocated. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| display_name | Name of IP Mappings Name of IP Mappings. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| ip_allocation_type | IP allocation type Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT. |
string | Enum: PAS, NAT Default: "PAS" |
| mapping_id | Mapping ID ID of the mapping returned in IP allocation request. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vnet_id | Vnet ID ID of the Azure Vnet in which the IPs are allocated. |
string |
AzureIpMappingsListResult (schema)
Cloud IP Mappings List Result
Stores a list of Cloud IP mappings.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Cloud IP mappings Results Array of Cloud public/link local IP to secondary IP mappings. |
array of AzureIpAllocationMappings | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzurePublicIpListRequestParameters (schema)
Azure Public IP List Request Parameters
A set of filter parameters to list Azure Public IPs. Multiple parameters
can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Account ID Mandatory identifier for account based on which public IPs are to be filtered. |
string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Region ID Optional identifier for region based on which public IPs are to be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vnet_id | Azure Virtual Network ID Optional identifier for "nsx.vnet" tag on which public IPs are to be filtered. |
string |
AzurePublicIpListResult (schema)
Azure Public IP List Result
Stores a list of Azure public IPs.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Azure Public IP Array of Azure Public IPs. |
array of string | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureRegion (schema)
Azure Region Information
Stores information about an Azure region.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| associated_account_ids | Associated Azure Account IDs Array of associated Azure account IDs. |
array of string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| gateway_stats | Gateway Statistics Stores statistics of the number of UP, DOWN and DEPLOYING gateways. |
GatewayStats | Readonly |
| has_managed_vnet | Has a managed Virtual Network? | boolean | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| instance_stats | Instance Statistics Stores statistics of the number of MANAGED, UNMANAGED and ERROR instances. |
InstanceStats | Readonly |
| resource_type | Must be set to the value AzureRegion | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| vnet_stats | Virtual Network Statistics Stores statistics of the number of MANAGED and UNMANAGED virtual networks. |
VnetStats | Readonly |
AzureRegionsListRequestParameters (schema)
Azure Regions List Request Parameters
A set of optional filter parameters to list Azure regions. Multiple
parameters can be given as input to use 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Azure Account ID Optional identifier for account based on which regions list can be filtered. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Azure Region ID Optional identifier for region based on which the regions list can be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AzureRegionsListResult (schema)
Azure Regions List Result
A list of Azure regions.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of Azure regions. |
array of AzureRegion | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureResourceGroup (schema)
Azure Resource Group
Stores Azure resource group information.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| resource_group_id | Id of resource group Id of resource group. |
string | |
| resource_group_name | Name of resource group Name of resource group. |
string |
AzureResourceGroupsListResult (schema)
Azure Resource Groups List Result
Stores a list of Azure resource groups.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Azure resource groups Results Array of Azure resource groups. |
array of AzureResourceGroup | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureResourcesListRequestParameters (schema)
Azure Resource List Request Parameters
A set of filter parameters to list Azure resources. Multiple parameters
can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Account ID Optional identifier for account based on which resources are to be filtered. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| is_managed_by_nsx | Is Managed By NSX Filter parameter to obtain security groups which are managed by NSX. |
boolean | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Region ID Optional identifier for region based on which resources are to be filtered. |
string | |
| resource_group_id | Resource Group ID Optional identifier for resource group id based on which resources are to be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vnet_id | Virtual Network ID Optional identifier for virtual network based on which resources are to be filtered. |
string |
AzureSecurityGroup (schema)
Azure VNet Security Group
Stores information about an Azure VNet security group.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| associated_vnet_ids | VNet IDs Array of VNet IDs. |
array of string | Readonly |
| cloud_tags | Cloud Tags Array of tags associated to a cloud security group. |
array of CloudTag | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| inbound_rules | Inbound Rules Array of inbound rules of the Azure security group. |
array of AzureSecurityGroupRule | Readonly |
| instances_count | Count Of Instances Number of instances associated to cloud security group. |
integer | Readonly |
| is_managed_by_nsx | Is Managed By NSX If the flag is true, the cloud security group is managed by NSX. |
boolean | Readonly |
| nsx_security_group_mapping | NSX Security Group Mapping Map of cloud application security groups associated to this Azure network security group and corresponding NSX security groups. |
array of SecurityGroupDetails | Readonly |
| outbound_rules | Outbound Rules Array of outbound rules of the Azure security group. |
array of AzureSecurityGroupRule | Readonly |
| region_id | Region ID ID of the cloud region. |
string | Readonly |
| resource_group_name | Resource Group Name Name of the Azure resource group. |
string | Readonly |
| resource_id | Resource ID Resource ID of Azure Network Security Group. |
string | Readonly |
| resource_type | Must be set to the value AzureSecurityGroup | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| security_group_id | Security Group ID ID of the cloud security group. |
string | Readonly |
| security_group_name | Security Group Name Name of the cloud security group. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AzureSecurityGroupRule (schema)
Azure Security Group Rule
Stores information about an Azure security group rule.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| action | Action Action configured for the Azure security group rule. |
string | Readonly Enum: ALLOW, DENY |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination | Destination Destination corresponding to the cloud security group rule. |
string | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| port_range | Port Range Port range corresponding to the cloud security group rule. |
string | Readonly |
| priority | Priority Priority of the Azure security group rule. |
integer | Readonly |
| protocol | Protocol Protocol corresponding to the cloud security group rule. |
string | Readonly |
| resource_type | Must be set to the value AzureSecurityGroupRule | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| source | Source Source corresponding to the cloud security group rule. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AzureSecurityGroupsListResult (schema)
Azure Security Groups List Result
Stores a list of Azure security groups.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of Azure security groups. |
array of AzureSecurityGroup | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureServiceEndpoint (schema)
Azure Service Endpoint
Stores endpoint information about any service which is provided by Azure. NSX
supported services are currently limited to Azure Storage, Azure SQL
Database, Azure Cosmos DB and Azure Load Balancer.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| nsx_security_groups | NSX security groups array Stores an array of NSX security groups associated to this cloud service endpoint. |
array of SecurityGroup | Readonly |
| resource_type | Must be set to the value AzureServiceEndpoint | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| service_endpoint_id | Service Endpoint ID Cloud provided ID of the service endpoint. |
string | Readonly |
| service_endpoint_type | Service Endpoint Type Cloud provided type of the service endpoint. |
string | Readonly |
| service_name | Service Name Name of the cloud service the endpoint is associated with. |
string | Readonly |
| service_type | Service type Stores the type of Azure service corresponding to this endpoint. AZURE_COSMOSDB - Azure Cosmos DB AZURE_SQL - Azure SQL Database AZURE_STORAGE - Azure Storage AZURE_LOAD_BALANCER - Azure Load Balancer |
string | Readonly Enum: AZURE_COSMOSDB, AZURE_SQL, AZURE_STORAGE, AZURE_LOAD_BALANCER |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AzureServiceEndpointsListRequestParameters (schema)
These paramaters will be used to filter the list of Azure service endpoints.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| service_endpoint_id | Azure Service Endpoint ID Optional ID of Azure service endpoint based on which the list of service endpoints are to be filtered. |
string | |
| service_name | Azure Service Name Optional name of Azure service based on which the list of service endpoints are to be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AzureServiceEndpointsListResult (schema)
Azure Service Endpoints List Result
Stores a list of service endpoints which are provided by Azure with
information about each of them. NSX supported services are currently
limited to Azure Storage, Azure SQL Database, Azure Cosmos DB and Azure
Load Balancer.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of Azure service endpoints. |
array of AzureServiceEndpoint | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureStorageAccount (schema)
Azure Storage Account
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| name | Name of the Azure Storage Account | string | Required |
AzureStorageAccountList (schema)
List of Azure Storage Accounts
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Azure Storage Accounts list | array of AzureStorageAccount | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureStorageAccountsListRequestParameters (schema)
These paramaters will be used to filter the list of storage accounts.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Identifier for account based on which list of storage accounts will be obtained | string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Identifier for region based on which list of storage accounts will be obtained | string | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AzureSubnet (schema)
Azure Subnet
Stores information about an Azure subnet.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| address_space | Azure subnet address space Address space of the subnet in IPv4 CIDR block format. |
string | Readonly Format: ipv4-cidr-block |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | ID of Subnet | string | Readonly |
| resource_type | Must be set to the value AzureSubnet | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| vnet_id | Azure Virtual Network ID ID of the Azure Virtual Network.It consists of resourceGuid of Azure Vnet. |
string | Readonly |
AzureSubnetListRequestParameters (schema)
Azure Subnet List Request Parameters
A set of filter parameters to list Azure subnets. Multiple parameters can
be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Account ID Mandatory identifier for account based on which subnets are to be filtered. |
string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Region ID This field is DEPRECATED. region_id will be learnt from vnet_id information. |
string | Deprecated |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vnet_id | Virtual Network ID Identifier for vnet based on which subnets are to be filtered. It consists of resourceGuid of Azure Vnet. |
string | Required |
AzureSubnetListResult (schema)
Azure subnets List Result
Stores a list of Azure subnets.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of Azure subnets. |
array of AzureSubnet | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureTransitVnetConfig (schema)
Azure Transit VNet Configuration
Stores the account IDs and VNet ID related to
the transit VNet.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Azure account ID Azure account ID of the transit VNet. This field is deprecated. Field account_id can be learnt using vnet_id. GET /csm/azure/vnets/ Hence, this field is optional. |
string | Deprecated |
| vnet_id | VNet ID VNet ID of the transit VNet. |
string | Required |
AzureTransitVnetInfo (schema)
Azure Transit VNet Information
Stores the account ID and VNet ID related to the transit VNet. A transit VNet is a Azure VNet in which public cloud gateways are deployed and is managing the workload VMs present in other compute VNets.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| associated_account_ids | Array of Cloud Account IDs Cloud account ID related to the virtual private cloud. |
array of string | Required Readonly |
| virtual_private_cloud_id | Virtual Private Cloud ID Virtual private cloud ID of the corresponding cloud. |
string | Required Readonly |
| virtual_private_cloud_name | Virtual Private Cloud name Virtual private cloud name of the corresponding cloud. |
string | Required Readonly |
AzureVNetConfig (schema)
AZURE VNet Configuration
Stores the configuration such as default_quarantine_policy_enabled, cloud_fallback_security_group_id and auto_agent_install_enabled for correponding AZURE VNet.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| auto_agent_install_enabled | Auto Agent Install Enabled Flag to identify if NSX agent installation will be done automatically or not. As of now this is supported for Azure Cloud only. If the flag managed_without_agents is set to true, this property will be ignored. |
boolean | Default: "False" |
| cloud_fallback_security_group_id | Id of Cloud Security Group Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false. |
string | |
| default_quarantine_policy_enabled | Flag to Identify if Default Quarantine Policy is Enabled Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not. |
boolean | Default: "False" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| managed_without_agents | Managed Without NSX Agents This flag determines if this compute virtual private cloud is managed with or without NSX agents. |
boolean | Default: "False" |
| resource_type | Must be set to the value AzureVNetConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AzureVirtualMachine (schema)
Azure Virtual Machine Information
Stores information about a Azure Virtual Machine
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| agent_status | Agent Status UP - NSX Agent is up and running DOWN - NSX Agent is down NO_AGENT - No NSX Agent installed on instance UNKNOWN - NSX Agent status is unknown NEEDS_UPDATE - NSX Agent running on instance needs to be updated |
string | Readonly Enum: UP, DOWN, NO_AGENT, UNKNOWN, NEEDS_UPDATE |
| agent_version | Agent version details | string | Readonly |
| associated_account_ids | Associated Cloud Account IDs Array of associated cloud account IDs. |
array of string | |
| cloud_instance_type | Cloud Instance Type This field represents various type of service instances in cloud. VIRTUAL_MACHINE: Virtual machine deployed in public cloud. AWS_RDS_INSTANCE: Amazon Relational Database Service Instance. AWS_RDS_CLUSTER: Amazon Relational Database Service Cluster. AWS_APPLICATION_ELB_INSTANCE: Amazon Application Elastic LoadBalancer. AWS_CLASSIC_ELB_INSTANCE: Amazon Classic Elastic LoadBalancer. HORIZON_MANAGEMENT: Virtual Machines that are deployed on Microsoft Azure using Horizon Cloud Services(HCS) that are used for managing other instances in the network. This includes, Management VMs, Unified Access Gateway (UAG) VMs, Base VMs. HORIZON_VDI: Virtual Desktop Image (VDI) deployed on Microsoft Azure using Horizon Cloud Services(HCS). |
string | Readonly Enum: VIRTUAL_MACHINE, AWS_RDS_INSTANCE, AWS_RDS_CLUSTER, AWS_APPLICATION_ELB_INSTANCE, AWS_CLASSIC_ELB_INSTANCE, HORIZON_MANAGEMENT, HORIZON_VDI |
| cloud_network_security_group | Cloud Network Security Group Stores information about the cloud network security group associated to the virtual machine. |
SecurityGroup | Readonly |
| cloud_tags | Cloud tags for the instance | array of CloudTag | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| error_messages | List of error messages List of error messages identified. Returns only error messages identified in the last 1 hour. |
array of ComputeInstanceErrorMessage | Readonly |
| gateway_ha_index | Gateway HA Index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. |
integer | |
| gateway_status | Gateway Status | string | Readonly Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING, COPYING_IMAGE |
| id | Unique identifier of this resource | string | Sortable |
| is_gateway | Flag to identify if this instance is a gateway node | boolean | Readonly |
| is_gateway_active | Flag to identify if this instance is an active gateway node | boolean | Readonly |
| logical_switch_display_name | Logical Switch display name | string | Readonly |
| logical_switch_id | Logical Switch ID | string | Readonly |
| managed_by_nsx | Indicate if instance is managed by NSX or not | boolean | Required Readonly |
| nsx_failed_rules_count | NSX failed rules count Number of NSX firewall rules failed to realize on cloud for the instance. |
integer | Readonly |
| nsx_ip | IP address provided by NSX | string | Readonly |
| nsx_security_group_mapping | NSX Security Group Mapping Map of cloud security groups associated to the instance and corresponding NSX security groups. |
array of SecurityGroupDetails | Readonly |
| nsx_security_rule_errors | NSX Security Rule Errors DEPRECATED. Array of NSX security rule realization errors. To get this information call /csm/virtual-machines/ |
array of NsxSecurityRuleErrorDetails | Deprecated Readonly |
| nsx_security_rule_errors_count | NSX Security Rule Errors Count DEPRECATED. Count of the NSX security rule realization errors. To get this information call /csm/virtual-machines/ |
integer | Deprecated Readonly |
| nsx_successful_rules_count | NSX successful rules count Number of NSX firewall rules successfully configured for this instance. |
integer | Readonly |
| os_details | Operating system details | string | Readonly |
| os_type | Operating system of the instance | string | Readonly |
| power_state | Power State Indicates power state of the virtual machine as returned by Azure. |
string | Readonly Enum: RUNNING, DEALLOCATING, DEALLOCATED, STARTING, STOPPED, STOPPING, UNKNOWN |
| private_ip | Private IP address of the instance | string | Readonly |
| public_ip | Public IP address of the instance | string | Readonly |
| quarantine_state | Quarantine State Indicates the quarantine state of the instance. QUARANTINED - This state implies instance is moved to quarantine security group because some threat has been detected. NOT_QUARANTINED - This state implies no quarantine action has been taken. UNKNOWN - This state implies either quarantine policy is disabled or quarantine information is not available. OVERRIDDEN - This state implies instance is associated with vm_override_sg which overrides any action based on threat detection. WHITELISTED - This state implies that quarantine operation will not be performed on the instance [DEPRECATED - replaced with USERMANAGED]. USERMANAGED - This state implies that quarantine operation will not be performed on the instance. NOT_APPLICABLE - This state will be populated for agentless instance, Horizon Management instance. |
string | Readonly Enum: QUARANTINED, NOT_QUARANTINED, UNKNOWN, OVERRIDDEN, WHITELISTED, USERMANAGED, NOT_APPLICABLE |
| region | Azure region Azure region in which virtual machine is residing |
string | Readonly |
| resource_group | Resource Group Resource Group of the Azure Virtual Machine. |
string | Readonly |
| resource_id | Azure Virtual Machine resource id Resource Id of Azure Virtual Machine. |
string | Readonly |
| resource_type | Must be set to the value AzureVirtualMachine | string | Required Enum: AwsVirtualMachine, AzureVirtualMachine |
| segment_display_name | Segment display name Segment display name on which this instance resides. |
string | Readonly |
| segment_id | Segment ID Segment ID on which this instance resides. |
string | Readonly |
| status | Instance status POWERED_ON - Powered on instance POWERED_OFF - Powered off instance MANAGED_GATEWAY - Instances that are public cloud gateways MANAGED - Instances that are managed by NSX UNMANAGED - Instances that are not managed by NSX or untagged ERRORED - Instances with no NSX Agent connectivity, NSX Agent is down, No NSX Policy configured for Agentless VMs or Error on NSX Policy rule realization. QUARANTINED - Instances which have been quarantined WHITELISTED - Instances which have been whitelisted [DEPRECATED - replaced with USERMANAGED] USERMANAGED - Instances which have been marked as usermanaged. |
string | Readonly Enum: POWERED_ON, POWERED_OFF, UNMANAGED, MANAGED_GATEWAY, MANAGED, ERRORED, QUARANTINED, WHITELISTED, USERMANAGED |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| threat_state | Threat State Indicates the threat state of the instance. NORMAL - This state implies no threat has been detected and instance is functioning as expected. THREAT - This state implies quarantine enabling threat has been detected. INVALID - This state implies either instance is unmanaged or threat related information is not available. NOT_APPLICABLE - This state will be populated for agentless instance. |
string | Readonly Enum: NORMAL, THREAT, INVALID, NOT_APPLICABLE |
| vm_config_status | Status for user configurable properties | VmConfigStatus | Readonly |
| vm_extension_execution_status | VM extension script execution status UNKNOWN - This is the default state. Indicates no information available regarding extension execution. This can potentially occur for a VM when agent is installed out of band or if cloud_agent_automated_install_enabled flag is enabled for the VNET/VPC which already has managed VMs. SUCCESSFUL - Indicates VM extension script execution was successful. This does not necessarily mean agent installation was successful. FAILED - Indicates VM extension script execution failed. |
string | Readonly |
| vnet | Azure virtual network Azure virtual network ID in which virtual machine is residing |
string | Readonly |
| vnet_name | Azure virtual network name Azure virtual network name in which virtual machine is residing |
string | Readonly |
AzureVnet (schema)
Azure VNet
Stores information about an Azure VNet (Virtual Network).
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| agent_info | Azure Agent Information Array of agent install and download instructions for various OS types. |
array of AgentInfo | Readonly |
| associated_account_ids | Associated Azure Account IDs Array of associated Azure account IDs. |
array of string | |
| associated_transit_vnet | Associated Azure Transit VNet Stores the VNet ID and associated account IDs of the transit VNet. This property describes the associated transit VNet for a given Azure compute VNet. |
AzureTransitVnetInfo | Readonly |
| capabilities | List of external capabilities that are discovered on this virtual network This parameter will list out all external services and/or any other capabilities that are discovered by NSX on this virtual network. The array is empty by default. |
array of string | Readonly Enum: HORIZON |
| cidr_blocks | IPv4 CIDR Block IPv4 CIDR Block of the virtual network. |
array of CidrBlock | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| gateway_info | Gateway Info Gateway information of the virtual network like configuration and status. |
AzureGatewayInfo | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| instance_stats | Instance Statistics Stores statistics of the number of MANAGED, UNMANAGED, ERRORED and POWERED_OFF instances. |
InstanceStats | Readonly |
| is_management_vnet | Is Management VNet? This flag indicates if this is a management virtual network. |
boolean | Readonly Default: "False" |
| managed_vnets | Array of NSX Managed Compute VNets Array of compute VNets managed by a transit VNet. This property describes array of managed compute VNet for a given transit VNet. |
array of ManagedVnetInfo | Readonly |
| op_status | Azure VNet Operational Status Operational status of the virtual network. |
AzureVnetOpStatus | Readonly |
| region_id | Region ID ID of the Azure region. |
string | Readonly |
| resource_group | Resource Group Resource Group of the Azure VNet. |
string | Readonly |
| resource_id | Azure VNet resource id Resource Id of Azure VNet. |
string | Readonly |
| resource_type | Must be set to the value AzureVnet | string | |
| storage_account_name | Azure Storage Account Name Azure Storage Account where gateway image will be copied. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_zones | Transport Zones Array of transport zones in the virtual network. |
array of TransportZoneInfo | Readonly |
| vdi_stats | Horizon VDI Statistics Stores statistics of the number of Horizon desktops in different states such as MANAGED, UNMANAGED, ERRORED and POWERED_OFF |
InstanceStats | Readonly |
| vnet_status | Azure Compute VNet Status Stores onboard and offboard states and corresponding error messages and error code related to Azure compute VNet. The status for a transit VNet should be obtained from gateway_info. |
AzureComputeVnetStatus | Readonly |
AzureVnetListRequestParameters (schema)
Azure VNet List Request Parameters
A set of optional filter parameters to list Azure virtual networks.
Multiple parameters can be given as input to 'AND' them.
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Account ID Optional identifier for account based on which virtual networks list can be filtered. |
string | |
| associated_transit_vnet_id | Transit VNet ID Identifier for filtering all the compute VNets which are NSX managed by the given transit VNet. |
string | |
| cidr | IPv4 CIDR Block Optional identifier for IPv4 CIDR Block based on which virtual networks list can be filtered. |
CidrBlock | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| op_status | Azure VNet Operational Status Operational status of the virtual network. |
AzureVnetOpStatus | Readonly |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| region_id | Region ID Optional identifier for region based on which virtual networks list can be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| status_filter | Filter by overall VNet status MANAGED - VNet is managed by NSX UNMANAGED - VNet is not managed by NSX ERRORED - VNet is in error state |
string | Readonly Enum: MANAGED, UNMANAGED, ERRORED |
| vnet_id | Virtual Network ID Optional identifier for virtual network based on which virtual networks list can be filtered. It consists of resourceGuid of Azure VNet. |
string |
AzureVnetListResult (schema)
Azure VNet List Result
Stores a list of Azure virtual networks.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of Azure virtual networks. |
array of AzureVnet | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AzureVnetOpStatus (schema)
Operational Status
Operational status of the azure virtual network. After
there are gateways deployed in a VNet, that VNet is called as transit
VNet and it's status will be set as NSX_MANAGED_BY_GATEWAY.
For all the compute VNets which are being managed by a transit VNet,
their status will be set as NSX_MANAGED_BY_TRANSIT_VNET.
NSX_GATEWAY_ERROR status means gateways are deployed in VNet, but no gateway
is UP and at least one gateway is DOWN, The remaining gateway can be in
NOT_AVAILABLE state. NSX_COMPUTE_ERROR status will be shown in compute VNet
when transit VNet is in NSX_GATEWAY_ERROR state.
Status for all the rest of the VNets will be NSX_UNMANAGED.
NSX_MANAGED is deprecated.
| Name | Description | Type | Notes |
|---|---|---|---|
| AzureVnetOpStatus | Operational Status Operational status of the azure virtual network. After there are gateways deployed in a VNet, that VNet is called as transit VNet and it's status will be set as NSX_MANAGED_BY_GATEWAY. For all the compute VNets which are being managed by a transit VNet, their status will be set as NSX_MANAGED_BY_TRANSIT_VNET. NSX_GATEWAY_ERROR status means gateways are deployed in VNet, but no gateway is UP and at least one gateway is DOWN, The remaining gateway can be in NOT_AVAILABLE state. NSX_COMPUTE_ERROR status will be shown in compute VNet when transit VNet is in NSX_GATEWAY_ERROR state. Status for all the rest of the VNets will be NSX_UNMANAGED. NSX_MANAGED is deprecated. |
string | Readonly Enum: NSX_MANAGED_BY_GATEWAY, NSX_MANAGED_BY_TRANSIT_VNET, NSX_MANAGED, NSX_UNMANAGED, NSX_GATEWAY_ERROR, NSX_COMPUTE_ERROR |
BFDDiagnosticCount (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| administratively_down_count | Number of tunnels with administratively message Number of tunnels with administratively down diagnostic message |
integer | |
| concatenated_path_down_count | Number of tunnels with concatenated message Number of tunnels with concatenated path down diagnostic message |
integer | |
| control_detection_time_expired_count | Number of tunnels with expired message Number of tunnels with control detection time expired diagnostic message |
integer | |
| echo_function_failed_count | Number of tunnels with failed message Number of tunnels with echo function failed diagnostic message |
integer | |
| forwarding_plane_reset_count | Number of tunnels with reset message Number of tunnels with forwarding plane reset diagnostic message |
integer | |
| neighbor_signaled_session_down_count | Number of tunnels neighbor signaled session down | integer | |
| no_diagnostic_count | Number of tunnels with no diagnostic | integer | |
| path_down_count | Number of tunnels with path down message Number of tunnels with path down diagnostic message |
integer | |
| reverse_concatenated_path_down_count | Number of tunnels with reverse message Number of tunnels with reverse concatenated path down diagnostic message |
integer |
BFDProperties (schema)
BFD information
| Name | Description | Type | Notes |
|---|---|---|---|
| active | True if tunnel is active in a gateway HA setup | boolean | Readonly |
| diagnostic | Diagnostic message of a problem A short message indicating what the BFD session thinks is wrong in case of a problem |
string | Readonly |
| forwarding | True if the BFD session believes this interface may be used to forward traffic | boolean | Readonly |
| remote_diagnostic | Diagnostic message of a problem A short message indicating what the remote interface's BFD session thinks is wrong in case of a problem |
string | Readonly |
| remote_state | State of the remote interface's BFD session | string | Readonly Enum: UNKNOWN_STATE, ADMIN_DOWN, DOWN, INIT, UP |
| state | State of the BFD session | string | Readonly Enum: UNKNOWN_STATE, ADMIN_DOWN, DOWN, INIT, UP |
BFDStatusCount (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| bfd_admin_down_count | Number of tunnels in BFD admin down state | int | |
| bfd_down_count | Number of tunnels in BFD down state | int | |
| bfd_init_count | Number of tunnels in BFD init state | int | |
| bfd_up_count | Number of tunnels in BFD up state | int |
BGPCommunityList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| communities | BGP community list Array of BGP communities |
array of string | Required |
| community_type | BGP community type BGP community type. It has two types as NormalBGPCommunity BGP normal community which includes well-known community name as well as community value in range from [1-4294967295] or value in aa:nn format(aa/nn range from 1-65535). LargeBGPCommunity BGP large community which includes community value in aa:bb:nn format where aa, bb, nn are unsigned integers in the range [1-4294967295]. |
string | Enum: NormalBGPCommunity, LargeBGPCommunity Default: "NormalBGPCommunity" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| logical_router_id | Logical router id | string | Readonly |
| resource_type | Must be set to the value BGPCommunityList | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BGPCommunityListListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of bgp communities Paginated list of bgp community lists |
array of BGPCommunityList | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BackupConfiguration (schema)
Configuration for taking manual/automated backup
| Name | Description | Type | Notes |
|---|---|---|---|
| after_inventory_update_interval | A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups. | integer | Minimum: 300 Maximum: 86400 |
| backup_enabled | true if automated backup is enabled | boolean | Default: "False" |
| backup_schedule | Set when backups should be taken - on a weekly schedule or at regular intervals. | BackupSchedule (Abstract type: pass one of the following concrete types) IntervalBackupSchedule WeeklyBackupSchedule |
|
| inventory_summary_interval | The minimum number of seconds between each upload of the inventory summary to backup server. | integer | Minimum: 30 Maximum: 3600 Default: "240" |
| passphrase | Passphrase used to encrypt backup files. Passphrase used to encrypt backup files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (any other non-space character). |
string | Pattern: "^$|^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z\d\s]).{8,}$" |
| remote_file_server | The server to which backups will be sent. | RemoteFileServer |
BackupFrameRequestParameters (schema)
Backup Frame Request Parameters
Parameters (site_id, etc), that describes a backup/restore frame
| Name | Description | Type | Notes |
|---|---|---|---|
| frame_type | Frame type This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site. |
string | Readonly Enum: GLOBAL_MANAGER, LOCAL_MANAGER, LOCAL_LOCAL_MANAGER, NSX_INTELLIGENCE Default: "LOCAL_LOCAL_MANAGER" |
| site_id | Site ID Site ID of LM site, which will be supported in a frame |
string | Default: "localhost" |
BackupOperationHistory (schema)
Past backup operation details
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_backup_statuses | Statuses of previous cluser backups | array of BackupOperationStatus | |
| inventory_backup_statuses | Statuses of previous inventory backups | array of BackupOperationStatus | |
| node_backup_statuses | Statuses of previous node backups | array of BackupOperationStatus |
BackupOperationStatus (schema)
Backup operation status
| Name | Description | Type | Notes |
|---|---|---|---|
| backup_id | Unique identifier of a backup | string | Required |
| end_time | Time when operation was ended | EpochMsTimestamp | |
| error_code | Error code | string | Enum: BACKUP_NOT_RUN_ON_MASTER, BACKUP_SERVER_UNREACHABLE, BACKUP_AUTHENTICATION_FAILURE, BACKUP_PERMISSION_ERROR, BACKUP_TIMEOUT, BACKUP_BAD_FINGERPRINT, BACKUP_GENERIC_ERROR, UPGRADE_IN_PROGRESS |
| error_message | Error code details | string | |
| start_time | Time when operation was started | EpochMsTimestamp | |
| success | True if backup is successfully completed, else false | boolean | Required |
BackupOverview (schema)
Backup overview
Data for a single backup/restore card
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| backup_config | Backup configuration Configuration to generate a manual/automated backup |
BackupConfiguration | Required |
| backup_operation_history | Last backup status Status of the last backup execution per component |
BackupOperationHistory | Required |
| current_backup_operation_status | Current backup status Backup status decribes type, phase, success/failure and time of a | latest backup execution |
CurrentBackupOperationStatus | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| restore_status | Current restore status Status of restore process executing/executed on appliance |
ClusterRestoreStatus | Required |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of timestamps of backed-up cluster files | array of ClusterBackupInfo | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BackupOverviewRequestParameters (schema)
Backup overview request parameters
Parameters, that REST API client needs to provide, in order to get data for
a backup/restore card with or without a list of generated backups.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| frame_type | Frame type This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site. |
string | Readonly Enum: GLOBAL_MANAGER, LOCAL_MANAGER, LOCAL_LOCAL_MANAGER, NSX_INTELLIGENCE Default: "LOCAL_LOCAL_MANAGER" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| show_backups_list | Need a list of backups True to request a list of backups |
boolean | Default: "True" |
| site_id | UUID of the site UUID of LM site, which will be supported in a frame |
string | Default: "localhost" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BackupSchedule (schema)
Abstract base type for Weekly or Interval Backup Schedule
This is an abstract type. Concrete child types:
IntervalBackupSchedule
WeeklyBackupSchedule
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Schedule type | string | Required Enum: WeeklyBackupSchedule, IntervalBackupSchedule |
BackupUiFramesInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_gm | Does site have active GM | string | Readonly Enum: ACTIVE, STANDBY, NONE, INVALID |
| api_endpoint | prefix to be used for api call | string | Required Readonly Enum: global-manager, nsxapi, ica |
| frame_type | Type of service, for which backup is handled | string | Required Readonly Enum: GLOBAL_MANAGER, LOCAL_MANAGER, LOCAL_LOCAL_MANAGER, NSX_INTELLIGENCE |
| site_id | Id of the site | string | Required Readonly |
| site_version | Version of the site | string | Required Readonly |
BackupUiFramesInfoList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| backup_frames_list | List of backup frames(and metadata) to be displayed in UI | array of BackupUiFramesInfo | Required Readonly |
BaseConsolidatedStatusPerEnforcementPoint (schema)
Base class for ConsolidatedStatusPerEnforcementPoint
Consolidated Realized Status Per Enforcement Point.
This is an abstract type. Concrete child types:
ConsolidatedStatusNsxT
ConsolidatedStatusPerEnforcementPoint
| Name | Description | Type | Notes |
|---|---|---|---|
| alarm | Alarm Information Details Alarm information details. |
PolicyRuntimeAlarm | Readonly |
| consolidated_status | Consolidated Realized Status Consolidated Realized Status of an Intent object per enforcement point. |
ConsolidatedStatus | Readonly |
| enforcement_point_id | Enforcement Point Id Enforcement Point Id. |
string | Readonly |
| enforcement_point_path | Enforcement point Path Policy Path referencing the enforcement point where the info is fetched. |
string | Readonly |
| resource_type | string | Required | |
| site_path | Site Path The site where this enforcement point resides. |
string | Readonly |
BaseEdgeStatisticsRequestParameters (schema)
Routes request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| edge_path | Policy path of edge node Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface. |
string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format. |
string | |
| host_transport_node_path | Policy path of host transport node Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BaseEndpoint (schema)
An endpoint to be used in redirection rule
Represents an endpoint which will be used as subject in rule.
It is a polymorphic type object which can be either of the types -
1. Virtual
2. Logical
We have 2 separate objects representing these 2 types.
VirtualEndPoint for Virtual type and ServiceInstanceEndpoint
for Logical.
This is an abstract type. Concrete child types:
ServiceInstanceEndpoint
VirtualEndpoint
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value BaseEndpoint | string | Required Enum: VirtualEndpoint, ServiceInstanceEndpoint |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target_ips | IP addresses to redirect the traffic to IPs where either inbound or outbound traffic is to be redirected. |
array of IPInfo | Required Minimum items: 1 Maximum items: 1 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BaseFirewallProfile (schema)
This is an abstract type. Concrete child types:
FirewallCpuMemThresholdsProfile
FirewallDnsProfile
FirewallFloodProtectionProfile
FirewallSessionTimerProfile
GeneralSecuritySettingsProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BaseFirewallProfile | string | Required Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile, GeneralSecuritySettingsProfile |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BaseHostSwitchProfile (schema) (Deprecated)
This is an abstract type. Concrete child types:
ExtraConfigHostSwitchProfile
LldpHostSwitchProfile
NiocProfile
UplinkHostSwitchProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| required_capabilities | array of string | Readonly | |
| resource_type | Must be set to the value BaseHostSwitchProfile | HostSwitchProfileType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BaseListRequestParameters (schema)
Routes request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BaseNodeAggregateInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 |
| id | Unique identifier of this resource | string | Readonly |
| node_interface_properties | Array of Node interface statistic properties | array of NodeInterfaceProperties | Readonly |
| node_interface_statistics | Array of Node network interface statistic properties | array of NodeInterfaceStatisticsProperties | Readonly |
| node_status | ClusterNodeStatus | Readonly | |
| node_status_properties | Time series of the node's system properties | array of NodeStatusProperties |
BasePktCapResource (schema)
This is an abstract type. Concrete child types:
PktCapResource
PolicyPktCapResource
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Type of packet capture resource | string | Required |
BasePolicyServiceInstance (schema)
Represents an instance of partner Service and its configuration
Represents an instance of partner Service and its configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| deployment_mode | Deployment Mode Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode. |
string | Enum: STAND_ALONE, ACTIVE_STANDBY Default: "ACTIVE_STANDBY" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| partner_service_name | Name of Partner Service Unique name of Partner Service in the Marketplace |
string | Required |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value BasePolicyServiceInstance | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_type | Transport Type Transport to be used while deploying Service-VM. |
string | Enum: L2_BRIDGE, L3_ROUTED Default: "L2_BRIDGE" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BaseRule (schema)
A rule represent base properties for ,dfw, forwarding, redirection rule
A rule indicates the action to be performed for various types of traffic flowing between workload groups.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_groups | Destination group paths We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| destinations_excluded | Negation of destination groups If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups |
boolean | Default: "False" |
| direction | Direction Define direction of traffic. |
string | Enum: IN, OUT, IN_OUT Default: "IN_OUT" |
| disabled | Flag to disable the rule Flag to disable the rule. Default is enabled. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip_protocol | IPv4 vs IPv6 packet type Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null. |
string | Enum: IPV4, IPV6, IPV4_IPV6 |
| is_default | Default rule flag A flag to indicate whether rule is a default rule. |
boolean | Readonly |
| logged | Enable logging flag Flag to enable packet logging. Default is disabled. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| notes | Text for additional notes on changes Text for additional notes on changes. |
string | Maximum length: 2048 |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| profiles | Layer 7 service profiles or TLS action profile Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed. |
array of string | Maximum items: 128 |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value BaseRule | string | |
| rule_id | Unique rule ID This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on. |
integer | Readonly |
| scope | The list of policy paths where the rule is applied
LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs. |
array of string | Maximum items: 128 |
| sequence_number | Sequence number of the this Rule This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number |
int | Minimum: 0 |
| service_entries | Raw services In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null. |
array of ServiceEntry (Abstract type: pass one of the following concrete types) ALGTypeServiceEntry EtherTypeServiceEntry ICMPTypeServiceEntry IGMPTypeServiceEntry IPProtocolServiceEntry L4PortSetServiceEntry NestedServiceServiceEntry |
Maximum items: 128 |
| services | Names of services In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| source_groups | Source group paths We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| sources_excluded | Negation of source groups If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups |
boolean | Default: "False" |
| tag | Tag applied on the rule User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BaseRuleListResult (schema)
Paged Collection of Rules
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BaseServiceInstance (schema)
Base Instance of a service
The deployment of a registered service. service instance is instantiation of service.
This is an abstract type. Concrete child types:
ByodServiceInstance
ServiceInstance
VirtualServiceInstance
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| on_failure_policy | On Failure Policy Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to. |
string | Enum: ALLOW, BLOCK |
| resource_type | Must be set to the value BaseServiceInstance | ServiceInstanceResourceType | Required |
| service_id | Service Id The Service to which the service instance is associated. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_type | Transport Type Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS. |
string | Required Enum: L2_BRIDGE, L3_ROUTED, NSH, NA |
BaseServiceProfile (schema)
Base Service Profile
Base Service Profile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BaseServiceProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BaseSwitchingProfile (schema) (Deprecated)
This is an abstract type. Concrete child types:
IpDiscoverySwitchingProfile
MacManagementSwitchingProfile
QosSwitchingProfile
SpoofGuardSwitchingProfile
SwitchSecuritySwitchingProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| required_capabilities | array of string | Readonly | |
| resource_type | Must be set to the value BaseSwitchingProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BaseTier0Interface (schema)
Tier-0 interface configuration
Tier-0 interface configuration for external connectivity.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| dhcp_relay_path | policy path of referenced dhcp-relay-config Policy path of dhcp-relay-config to be attached to this Interface. |
string | |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value BaseTier0Interface | string | |
| subnets | IP address and subnet specification for interface Specify IP address and network prefix for interface. |
array of InterfaceSubnet | Required Minimum items: 1 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BasicAuthenticationScheme (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| password | Password to authenticate with | string | Required |
| scheme_name | Authentication scheme name | string | Required Enum: basic |
| username | User name to authenticate with | string | Required Pattern: "^.+$" |
BatchParameter (schema)
Options that affect how batch operations are processed
| Name | Description | Type | Notes |
|---|---|---|---|
| atomic | Ignored (transactional atomicity flag) This flag is ignored. Transactional atomicity is no longer supported. |
boolean | Default: "False" |
BatchRequest (schema)
A set of operations to be performed in a single batch
| Name | Description | Type | Notes |
|---|---|---|---|
| continue_on_error | Continue even if an error is encountered. | boolean | Default: "True" |
| requests | array of BatchRequestItem |
BatchRequestItem (schema)
A single request within a batch of operations
| Name | Description | Type | Notes |
|---|---|---|---|
| body | object | ||
| method | method type(POST/PUT/DELETE/UPDATE) http method type |
string | Required Enum: GET, POST, PUT, DELETE, PATCH |
| uri | Internal uri of the call relative uri (path and args), of the call including resource id (if this is a POST/DELETE), exclude hostname and port and prefix, exploded form of parameters |
string | Required |
BatchResponse (schema)
The reponse to a batch operation
| Name | Description | Type | Notes |
|---|---|---|---|
| has_errors | errors indicator Indicates if any of the APIs failed |
boolean | |
| results | Bulk list results | array of BatchResponseItem | Required |
| rolled_back | indicates if all items were rolled back. Optional flag indicating that all items were rolled back even if succeeded initially |
boolean |
BatchResponseItem (schema)
A single respose in a list of batched responses
| Name | Description | Type | Notes |
|---|---|---|---|
| body | object returned by api object returned by api |
object | |
| code | object returned by api http status code |
integer | Required |
| headers | object returned by api The headers returned by the API call |
object |
BfdConfig (schema)
BFD configuration for LogicalRouter
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| declare_dead_multiple | Number of times a packet is missed before BFD declares the neighbor down. | integer | Minimum: 2 Maximum: 16 Default: "3" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Flag to enable BFD for this LogicalRouter | boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| logical_router_id | Logical router id | string | Readonly |
| receive_interval | Receive interval for heartbeats the time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats. |
integer | Minimum: 50 Maximum: 60000 Default: "500" |
| resource_type | Must be set to the value BfdConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transmit_interval | Transmit interval for heartbeats the time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats. |
integer | Minimum: 50 Maximum: 60000 Default: "500" |
BfdConfigParameters (schema)
BFD configuration for the given Peer.
| Name | Description | Type | Notes |
|---|---|---|---|
| declare_dead_multiple | Number of times a packet is missed before BFD declares the neighbor down. | integer | Minimum: 2 Maximum: 16 Default: "3" |
| receive_interval | Receive interval for heartbeats The time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.| For edge cluster type of bare metal, this value should be >= 50ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 500ms. |
integer | Minimum: 50 Maximum: 60000 Default: "500" |
| transmit_interval | Transmit interval for heartbeats The time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.| For edge cluster type of bare metal, this value should be >= 300ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 1000ms. |
integer | Minimum: 50 Maximum: 60000 Default: "500" |
BfdHealthMonitoringConfig (schema)
Bfd Health Monitoring Options
Bfd Health Monitoring Options used specific to BFD Transport Zone profiles
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Whether the heartbeat is enabled. A PATCH or PUT request with "enabled" false (with no probe intervals) will set or reset the probe_interval to their default value. | boolean | Required |
| latency_enabled | Whether the latency is enabled. The flag is to turn on/off latency. A PATCH or PUT request with "latency_enabled" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI. |
boolean | |
| probe_interval | The time interval (in millisec) between probe packets for tunnels between transport nodes. | integer | Minimum: 300 Default: "1000" |
BfdHealthMonitoringProfile (schema) (Deprecated)
Profile for BFD health monitoring
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Whether the heartbeat is enabled. A POST or PUT request with "enabled" false (with no probe intervals) will set (POST) or reset (PUT) the probe_interval to their default value. | boolean | Required |
| id | Unique identifier of this resource | string | Sortable |
| latency_enabled | Whether the latency is enabled. The flag is to turn on/off latency. A POST or PUT request with "latency_enabled" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI. |
boolean | |
| probe_interval | The time interval (in millisec) between probe packets for tunnels between transport nodes. | integer | Minimum: 300 Default: "1000" |
| resource_type | Must be set to the value BfdHealthMonitoringProfile | string | Required Enum: BfdHealthMonitoringProfile |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BfdProfile (schema)
Bidirectional Forwarding Detection configuration for BGP peers
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| interval | Time interval between heartbeat packets in milliseconds Time interval between heartbeat packets in milliseconds. |
int | Minimum: 50 Maximum: 60000 Default: "500" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| multiple | Declare dead multiple Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down. |
int | Minimum: 2 Maximum: 16 Default: "3" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value BfdProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BfdProfileListResult (schema)
Paged Collection of BfdProfile
Paged Collection of BfdProfile.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Bfd Profile List Results Bfd Profile list results. |
array of BfdProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpAddressFamily (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| in_prefix_count | Count of in prefixes Count of in prefixes |
integer | Readonly |
| out_prefix_count | Count of out prefixes Count of out prefixes |
integer | Readonly |
| type | BGP address family type BGP address family type |
string | Required Readonly Enum: IPV4_UNICAST, VPNV4_UNICAST, IPV6_UNICAST, L2VPN_EVPN |
BgpBfdConfig (schema)
BFD configuration for BGP peers
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Flag to enable BFD cofiguration Flag to enable BFD cofiguration. |
boolean | Default: "False" |
| interval | Time interval between heartbeat packets in milliseconds Time interval between heartbeat packets in milliseconds. |
int | Minimum: 50 Maximum: 60000 Default: "500" |
| multiple | Declare dead multiple Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down. |
int | Minimum: 2 Maximum: 16 Default: "3" |
BgpConfig (schema)
BGP configuration for logical router
BGP configuration for Tier0 logical router. We create BGP configuration
while creation of Tier0 logical router.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| as_num | 4 Byte ASN in ASPLAIN/ASDOT Format For VRF logical router, the as_num from parent logical router will be effective. |
string | |
| as_number | Autonomous System Number This is a deprecated property, Please use 'as_num' instead. For VRF logical router, the as_number from parent logical router will be effective. |
integer | Deprecated Minimum: 1 Maximum: 4294967296 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| ecmp | Flag to enable outbound ECMP While creation of BGP config this flag will be set to true User can change this value while updating BGP config. If this property is not specified in the payload, the default value will be considered as true. |
boolean | Default: "True" |
| enabled | Flag to enable this configuration While creation of BGP config this flag will be set to - true for Tier0 logical router with Active-Active high-availability mode - false for Tier0 logical router with Active-Standby high-availanility mode. User can change this value while updating the config. If this property is not specified in the payload, the default value will be considered as false irrespective of the high-availability mode. |
boolean | Default: "False" |
| graceful_restart | Flag to enable graceful restart Flag to enable graceful restart. This field is deprecated, kindly use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other [i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER] then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown. For VRF logical router, the settings from parent logical router will be effective. |
boolean | Deprecated |
| graceful_restart_config | BGP Graceful Restart configuration Configuration parameters for BGP Graceful Restart functionality. It has graceful_restart_mode and graceful_restart_timer parameters. For VRF logical router, the settings from parent logical router will be effective. |
GracefulRestartConfig | |
| id | Unique identifier of this resource | string | Sortable |
| inter_sr_ibgp | Inter SR IBGP configuration | InterSRRoutingConfig | |
| logical_router_id | Logical router id | string | Readonly |
| multipath_relax | Flag to enable BGP multipath relax option. For TIER0 logical router, default is true. For VRF logical router, the settings from parent logical router will be effective. |
boolean | |
| resource_type | Must be set to the value BgpConfig | string | |
| route_aggregation | List of routes to be aggregated | array of BgpRouteAggregation | Minimum items: 0 Maximum items: 1000 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BgpGracefulRestartConfig (schema)
BGP Graceful Restart Configuration
Configuration field to hold BGP restart mode and timer.
| Name | Description | Type | Notes |
|---|---|---|---|
| mode | BGP Graceful Restart Configuration Mode If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers. |
string | Enum: DISABLE, GR_AND_HELPER, HELPER_ONLY Default: "HELPER_ONLY" |
| timer | BGP Graceful Restart Timer Configuration field to hold BGP restart timers. |
BgpGracefulRestartTimer |
BgpGracefulRestartTimer (schema)
BGP Graceful Restart Timers
Configuration field to hold BGP restart timers
| Name | Description | Type | Notes |
|---|---|---|---|
| restart_timer | BGP Graceful Restart Timer Maximum time taken (in seconds) for a BGP session to be established after a restart. This can be used to speed up routing convergence by its peer in case the BGP speaker does not come back up after a restart. If the session is not re-established within this timer, the receiving speaker will delete all the stale routes from that peer. |
integer | Minimum: 1 Maximum: 3600 Default: "180" |
| stale_route_timer | BGP Stale Route Timer Maximum time (in seconds) before stale routes are removed from the RIB (Routing Information Base) when BGP restarts. |
integer | Minimum: 1 Maximum: 3600 Default: "600" |
BgpNeighbor (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| address_families | AddressFamily settings for the neighbor User can enable the neighbor for the specific address families and also define filters per address family. When the neighbor is created, it is default enabled for IPV4_UNICAST address family for backward compatibility reasons. User can change that if required, by defining the address family configuration. |
array of BgpNeighborAddressFamily | |
| allow_as_in | Flag to enable allowas_in option for BGP neighbor | boolean | Default: "False" |
| bfd_config | BFD Configuration Parameters for the given peer. By specifying these paramaters BFD config for this given peer can be overriden | (the globally configured values will not apply for this peer) |
BfdConfigParameters | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_bfd | Enable BFD for this BGP Neighbor Flag to enable BFD for this BGP Neighbor. Enable this if the neighbor supports BFD as this will lead to faster convergence. |
boolean | Default: "False" |
| enabled | Flag to enable this BGP Neighbor | boolean | Default: "True" |
| filter_in_ipprefixlist_id | IPPrefix List to be used for IN direction filter for IPV4_UNICAST address family This is a deprecated property, Please use 'address_family' instead. |
string | Deprecated |
| filter_in_routemap_id | RouteMap to be used for IN direction filter for IPV4_UNICAST address family This is a deprecated property, Please use 'address_family' instead. |
string | Deprecated |
| filter_out_ipprefixlist_id | IPPrefixList to be used for OUT direction filter for IPV4_UNICAST address family This is a deprecated property, Please use 'address_family' instead. |
string | Deprecated |
| filter_out_routemap_id | RouteMap to be used for OUT direction filter for IPV4_UNICAST address family This is a deprecated property, Please use 'address_family' instead. |
string | Deprecated |
| graceful_restart_mode | Graceful Restart Mode BGP Graceful Restart mode. If specified, then it will take precedence over global Graceful Restart mode configured in logical router BgpConfig otherwise BgpConfig level Graceful Restart mode will be applicable for peer. |
GracefulRestartMode | |
| hold_down_timer | Wait period (seconds) before declaring peer dead | integer | Minimum: 1 Maximum: 65535 Default: "180" |
| id | Unique identifier of this resource | string | Sortable |
| keep_alive_timer | Frequency (seconds) with which keep alive messages are sent to peers | integer | Minimum: 1 Maximum: 65535 Default: "60" |
| logical_router_id | Logical router id | string | Readonly |
| maximum_hop_limit | Maximum Number of hops allowed to reach BGP neighbor This value is set on TTL(time to live) of BGP header. When router receives the BGP packet, it decrements the TTL. The default value of TTL is one when BPG request is initiated.So in the case of a BGP peer multiple hops away and and value of TTL is one, then next router in the path will decrement the TTL to 0, realize it cant forward the packet and will drop it. If the hop count value to reach neighbor is equal to or less than the maximum_hop_limit value then intermediate router decrements the TTL count by one and forwards the request to BGP neighour. If the hop count value is greater than the maximum_hop_limit value then intermediate router discards the request when TTL becomes 0. |
int | Minimum: 1 Maximum: 255 Default: "1" |
| neighbor_address | Neighbor IP Address | IPAddress | Required |
| password | Password User can create (POST) the neighbor with or without the password. The view (GET) on the neighbor, would never reveal if the password is set or not. The password can be set later using edit neighbor workFlow (PUT) On the edit neighbor (PUT), if the user does not specify the password property, the older value is retained. Maximum length of this field is 32 characters. |
string | Minimum length: 1 Maximum length: 32 |
| remote_as | Autonomous System Number of the neighbor This is a deprecated property, Please use 'remote_as_num' instead. |
integer | Deprecated Minimum: 1 Maximum: 4294967296 |
| remote_as_num | 4 Byte ASN of the neighbor in ASPLAIN/ASDOT Format | string | |
| resource_type | Must be set to the value BgpNeighbor | string | |
| source_address | Logical Router Uplink IP Address Deprecated - do not provide a value for this field. Use source_addresses instead. |
IPAddress | Deprecated |
| source_addresses | Array of Logical Router Uplink IP Addresses BGP neighborship will be formed from all these source addresses to this neighbour. |
array of IPAddress | Maximum items: 8 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BgpNeighborAddressFamily (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Enable this address family | boolean | Default: "True" |
| in_filter_ipprefixlist_id | Id of the IPPrefix List to be used for IN direction filter | string | |
| in_filter_routemap_id | Id of the RouteMap to be used for IN direction filter | string | |
| maximum_routes | Maximum number of routes supported on the address family | integer | Minimum: 0 |
| out_filter_ipprefixlist_id | Id of the IPPrefixList to be used for OUT direction filter | string | |
| out_filter_routemap_id | Id of the RouteMap to be used for OUT direction filter | string | |
| type | Address family type | AddressFamilyType | Required |
BgpNeighborConfig (schema)
BGP neighbor config
Contains information necessary to configure a BGP neighbor.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| allow_as_in | Flag to enable allowas_in option for BGP neighbor | boolean | Default: "False" |
| bfd | BFD configuration for failure detection BFD configuration for failure detection. BFD is enabled with default values when not configured. |
BgpBfdConfig | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| graceful_restart_mode | BGP Graceful Restart Configuration Mode If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers. |
string | Enum: DISABLE, GR_AND_HELPER, HELPER_ONLY |
| hold_down_time | Wait time in seconds before declaring peer dead Wait time in seconds before declaring peer dead. |
int | Minimum: 1 Maximum: 65535 Default: "180" |
| id | Unique identifier of this resource | string | Sortable |
| in_route_filters | Prefix-list or route map path for IN direction Specify path of prefix-list or route map to filter routes for IN direction. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error. |
array of string | Deprecated Maximum items: 1 |
| keep_alive_time | Interval between keep alive messages sent to peer Interval (in seconds) between keep alive messages sent to peer. |
int | Minimum: 1 Maximum: 65535 Default: "60" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| maximum_hop_limit | Maximum number of hops allowed to reach BGP neighbor Maximum number of hops allowed to reach BGP neighbor. |
int | Minimum: 1 Maximum: 255 Default: "1" |
| neighbor_address | Neighbor IP Address | IPAddress | Required |
| out_route_filters | Prefix-list or route map path for OUT direction Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error. |
array of string | Deprecated Maximum items: 1 |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| password | Password Specify password for BGP neighbor authentication. Empty string ("") clears existing password. |
string | Minimum length: 0 Maximum length: 32 |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_as_num | 4 Byte ASN of the neighbor in ASPLAIN Format | string | Required |
| resource_type | Must be set to the value BgpNeighborConfig | string | |
| route_filtering | Enable address families and route filtering in each direction Enable address families and route filtering in each direction. |
array of BgpRouteFiltering | Maximum items: 2 |
| source_addresses | Source IP Addresses for BGP peering Source addresses should belong to Tier0 external or loopback or VTI interface IP Addresses . BGP peering is formed from all these addresses. This property is mandatory when maximum_hop_limit is greater than 1. |
array of IPAddress | Maximum items: 8 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BgpNeighborConfigListRequestParameters (schema)
Routing Config list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BgpNeighborConfigListResult (schema)
Paged collection of BGP Neighbor Configs
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | BGP neighbor configs list results | array of BgpNeighborConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpNeighborListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of bgp neighbors | array of BgpNeighbor | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpNeighborRouteDetails (schema)
BGP neighbor route details
BGP neighbor learned/advertised route details.
| Name | Description | Type | Notes |
|---|---|---|---|
| logical_router_id | Logical router id | string | Required Readonly |
| neighbor_address | Neighbor IP address BGP neighbor peer IP address. |
IPAddress | Required Readonly |
| neighbor_id | BGP neighbor id | string | Required Readonly |
| per_transport_node_routes | Route details per transport node Array of BGP neighbor route details per transport node. |
array of RoutesPerTransportNode | Readonly |
BgpNeighborRouteDetailsCsvRecord (schema)
BGP neighbor route details
BGP neighbor learned/advertised route details.
| Name | Description | Type | Notes |
|---|---|---|---|
| as_path | AS path BGP AS path attribute. |
string | Readonly |
| local_pref | Local preference BGP Local Preference attribute. |
integer | Readonly |
| logical_router_id | Logical router id Logical router id |
string | Required Readonly |
| med | Multi Exit Discriminator BGP Multi Exit Discriminator attribute. |
integer | Readonly |
| neighbor_address | Neighbor IP address BGP neighbor peer IP address. |
IPAddress | Required Readonly |
| neighbor_id | BGP neighbor id BGP neighbor id |
string | Required Readonly |
| network | CIDR network address CIDR network address. |
IPCIDRBlock | Required Readonly |
| next_hop | Next hop IP address Next hop IP address. |
IPAddress | Readonly |
| source_address | BGP neighbor source address BGP neighbor source address. |
IPAddress | Readonly |
| transport_node_id | Transport node id Transport node id |
string | Required Readonly |
| weight | Weight BGP Weight attribute. |
integer | Readonly |
BgpNeighborRouteDetailsInCsvFormat (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| file_name | File name File name set by HTTP server if API returns CSV result as a file. |
string | |
| results | array of BgpNeighborRouteDetailsCsvRecord |
BgpNeighborRoutes (schema)
BGP neighbor route details
BGP neighbor learned/advertised route details.
| Name | Description | Type | Notes |
|---|---|---|---|
| edge_node_routes | Route details per transport node Array of BGP neighbor route details per edge node. |
array of RoutesPerTransportNode | Readonly |
| egde_node_routes | Route details per transport node Array of BGP neighbor route details per edge node. |
array of RoutesPerTransportNode | Deprecated Readonly |
| enforcement_point_path | Enforcement point policy path | string | Required Readonly |
| neighbor_path | BGP neighbor policy path | string | Required Readonly |
BgpNeighborRoutesListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of Bgp neighbor routes Paged Collection of Bgp neighbor routes. |
array of BgpNeighborRoutes | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpNeighborStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| address_families | Address families of BGP neighbor Address families of BGP neighbor |
array of BgpAddressFamily | Readonly |
| announced_capabilities | BGP capabilities sent to BGP neighbor. | array of string | Readonly |
| connection_drop_count | Count of connection drop | integer | Readonly |
| connection_state | Current state of the BGP session. | string | Readonly Enum: INVALID, IDLE, CONNECT, ACTIVE, OPEN_SENT, OPEN_CONFIRM, ESTABLISHED, UNKNOWN |
| established_connection_count | Count of connections established | integer | Readonly |
| graceful_restart | Graceful restart flag Current state of graceful restart where graceful_restart = true indicates graceful restart is enabled and graceful_restart = false indicates graceful restart is disabled. This is deprecated field, use graceful_restart_mode instead. |
boolean | Deprecated Readonly |
| graceful_restart_mode | Graceful restart mode Current state of graceful restart of BGP neighbor. Possible values are - 1. GR_AND_HELPER - Graceful restart with Helper 2. HELPER_ONLY - Helper only 3. DISABLE - Disabled |
string | Readonly |
| hold_time | Time in ms to wait for HELLO from BGP peer. If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down. | integer | Readonly |
| keep_alive_interval | Time in ms to wait for HELLO packet from BGP peer | integer | Readonly |
| local_port | TCP port number of Local BGP connection | integer | Readonly Minimum: 1 Maximum: 65535 |
| lr_component_id | Logical router component(Service Router/Distributed Router) id | string | Required Readonly |
| messages_received | Count of messages received from the neighbor | integer | Readonly |
| messages_sent | Count of messages sent to the neighbor | integer | Readonly |
| negotiated_capability | BGP capabilities negotiated with BGP neighbor. | array of string | Readonly |
| neighbor_address | The IP of the BGP neighbor | IPAddress | Readonly |
| neighbor_router_id | Router ID of the BGP neighbor. | IPAddress | Readonly |
| remote_as_number | AS number of the BGP neighbor | string | Readonly |
| remote_port | TCP port number of remote BGP Connection | integer | Readonly Minimum: 1 Maximum: 65535 |
| remote_site | Remote site Remote site details. |
ResourceReference | Readonly |
| source_address | The Ip address of logical port | IPAddress | Readonly |
| time_since_established | Time(in seconds) since connection was established. | integer | Readonly |
| total_in_prefix_count | Count of in prefixes Sum of in prefixes counts across all address families. |
integer | Readonly |
| total_out_prefix_count | Count of out prefixes Sum of out prefixes counts across all address families. |
integer | Readonly |
| transport_node | Transport node id and name | ResourceReference | Readonly |
| type | BGP neighbor type BGP neighbor type |
string | Readonly Enum: INTER_SR, USER |
BgpNeighborStatusLiteDto (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| connection_state | BGP session state Current state of the BGP session. |
string | Readonly Enum: INVALID, IDLE, CONNECT, ACTIVE, OPEN_SENT, OPEN_CONFIRM, ESTABLISHED, UNKNOWN |
| neighbor_address | Neighor address Ip address of BGP neighbor. |
IPAddress | Readonly |
| remote_site | Remote site Remote site details. |
ResourceReference | Readonly |
| source_address | Source address Source Ip address. |
IPAddress | Readonly |
BgpNeighborsStatusListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| last_update_timestamp | Timestamp indicating last update time of data Timestamp when the data was last updated, unset if data source has never updated the data. |
EpochMsTimestamp | Readonly |
| logical_router_id | Logical router id | string | Required Readonly |
| logical_router_name | Name of the logical router | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Status of BGP neighbors of the logical router | array of BgpNeighborStatus | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpRouteAggregation (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| prefix | cidr of the aggregate address | IPCIDRBlock | Required |
| summary_only | Flag to send only summarized route | boolean | Default: "True" |
BgpRouteFiltering (schema)
Enable address_families and route filtering in each direction
| Name | Description | Type | Notes |
|---|---|---|---|
| address_family | Address family type Address family type. If not configured, this property automatically derived for IPv4 & IPv6 peer configuration. |
string | Enum: IPV4, IPV6, L2VPN_EVPN |
| enabled | Enable address family Flag to enable address family. |
boolean | Default: "True" |
| in_route_filters | Prefix-list or route map path for IN direction Specify path of prefix-list or route map to filter routes for IN direction. |
array of string | Maximum items: 1 |
| maximum_routes | Maximum number of routes for the address family Maximum number of routes for the address family. |
int | Minimum: 1 Maximum: 1000000 |
| out_route_filters | Prefix-list or route map path for OUT direction Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. |
array of string | Maximum items: 1 |
BgpRoutesRequestParameters (schema)
BGP Routes request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| count | Number of routes to retrieve Number of routes to return in response. Not used when routes are requested in CSV format. |
int | Minimum: 1 Default: "1000" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BgpRoutingConfig (schema)
BGP routing config
Contains BGP routing configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildBgpNeighborConfig |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| ecmp | Flag to enable ECMP Flag to enable ECMP. |
boolean | |
| enabled | Flag to enable BGP configuration Flag to enable BGP configuration. Disabling will stop feature and BGP peering. |
boolean | |
| graceful_restart | Flag to enable graceful restart Flag to enable graceful restart. This field is deprecated, please use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other (i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER) then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown. |
boolean | Deprecated |
| graceful_restart_config | BGP Graceful Restart Configuration Configuration field to hold BGP Restart mode and timer. |
BgpGracefulRestartConfig | |
| id | Unique identifier of this resource | string | Sortable |
| inter_sr_ibgp | Enable inter SR IBGP configuration Flag to enable inter SR IBGP configuration. When not specified, inter SR IBGP is automatically enabled if Tier-0 is created in ACTIVE_ACTIVE ha_mode. |
boolean | |
| local_as_num | BGP AS number in ASPLAIN/ASDOT Format Specify BGP AS number for Tier-0 to advertize to BGP peers. AS number can be specified in ASPLAIN (e.g., "65546") or ASDOT (e.g., "1.10") format. Empty string disables BGP feature. It is required by normal tier0 but not required in vrf tier0. |
string | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| multipath_relax | Flag to enable BGP multipath relax option Flag to enable BGP multipath relax option. |
boolean | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value BgpRoutingConfig | string | |
| route_aggregations | List of routes to be aggregated List of routes to be aggregated. |
array of RouteAggregationEntry | Maximum items: 1000 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BinaryPacketData (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| frame_size | Requested total size of the (logical) packet in bytes If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size. |
integer | Minimum: 60 Maximum: 1000 Default: "128" |
| payload | RFC3548 compatible base64 encoded full payload Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload must contain all headers (Ethernet, IP, etc). Note that VLAN is not supported in the logical space. Hence, payload must not contain 802.1Q headers. |
string | Maximum length: 1336 |
| resource_type | Must be set to the value BinaryPacketData | string | Required Enum: BinaryPacketData, FieldsPacketData Default: "FieldsPacketData" |
| routed | A flag, when set true, indicates that the traceflow packet is of L3 routing. | boolean | |
| transport_type | transport type of the traceflow packet This type takes effect only for IP packet. |
string | Enum: BROADCAST, UNICAST, MULTICAST, UNKNOWN Default: "UNICAST" |
BingdingMapStackStatusListRequestParameters (schema)
Request parameters for binding map mirror stack status
Request parameters for port/group/segment binding map mirror stack status.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | Binding map path enforcemnt point path to remote L3 mirror session String path for the enforcement point. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BlackholeAction (schema)
Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded.
| Name | Description | Type | Notes |
|---|---|---|---|
| BlackholeAction | Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded. | string | Enum: DISCARD |
BpduFilter (schema) (Deprecated)
BPDU filter configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Indicates whether BPDU filter is enabled | boolean | Required |
| white_list | Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering | array of string | Minimum items: 0 Maximum items: 32 |
BridgeEndpoint (schema)
Bridge Endpoint
A bridge endpoint can be created on a bridge cluster or on an edge
cluster. Few of the properties of this class will not be used depending on
the type of bridge endpoint being created. When creating a bridge endpoint
on a bridge cluster, following propeties will be used: vlan,
bridge_cluster_id and ha_enable. Similarly, for creating a bridge endpoint
on an edge cluster following properties will be used: vlan,
bridge_endpoint_profile_id and vlan_transport_zone_id.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| bridge_cluster_id | UUID of the bridge cluster for this bridge endpoint This field will not be used if an edge cluster is being used for the bridge endpoint |
string | Maximum length: 36 |
| bridge_endpoint_profile_id | Bridge endpoint profile used by the edge cluster This field will not be used if a bridge cluster is being used for the bridge endpoint |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| ha_enable | Controls the enabling of HA on the VLAN for this endpoint This field will not be used if an edge cluster is being used for the bridge endpoint |
boolean | Default: "True" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BridgeEndpoint | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| uplink_teaming_policy_name | The name of the switching uplink teaming policy for the bridge endpoint This name has to be one of the switching uplink teaming policy names listed inside the TransportZone. If this field is not specified, bridge will use the first pnic in host-switch config. This field will not be used if a bridge cluster is being used for the bridge endpoint |
string | |
| vlan | This property is used for VLAN specification of bridge endpoint.
It's mutually exclusive with 'vlan_trunk_spec', either 'vlan' or 'vlan_trunk_spec' should be specified. |
VlanID | |
| vlan_transport_zone_id | VLAN transport zone id by the edge cluster This field will not be used if a bridge cluster is being used for the bridge endpoint |
string | |
| vlan_trunk_spec | VLAN trunk spec of edge bridge endpoint This property is used for VLAN trunk specification of edge bridge endpoint. It's mutually exclusive with 'vlan', either 'vlan' or 'vlan_trunk_spec' should be specified. |
VlanTrunkSpec |
BridgeEndpointListResult (schema)
Bridge Endpoint queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | BridgeEndpoint Results | array of BridgeEndpoint | Required Readonly Minimum items: 0 |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BridgeEndpointProfile (schema)
Bridge Endpoint Profile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| edge_cluster_id | UUID of the edge cluster for this bridge endpoint | string | Required Maximum length: 36 |
| edge_cluster_member_indexes | Indexes of the member hosts of the edge bridge cluster First index will be used as the preferred member |
array of int | |
| failover_mode | Failover mode for the edge bridge cluster Faileover mode can be preemmptive or non-preemptive |
string | Enum: PREEMPTIVE, NON_PREEMPTIVE Default: "PREEMPTIVE" |
| high_availability_mode | High availability mode for the edge bridge cluster High avaialability mode can be active-active or active-standby |
string | Enum: ACTIVE_STANDBY Default: "ACTIVE_STANDBY" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BridgeEndpointProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BridgeEndpointProfileListResult (schema)
Bridge Endpoint Profile queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | BridgeEndpointProfile Results | array of BridgeEndpointProfile | Required Readonly Minimum items: 0 |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BridgeEndpointProfileRequestParameters (schema)
Bridge Endpoint Profile request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| edge_cluster_id | Edge Cluster Identifier | string | |
| failover_mode | string | ||
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BridgeEndpointRequestParameters (schema)
Bridge Endpoint request parameters
When querying for bridge endpoints on a bridge cluster, following
parameters can be used: bridge_cluster_id and logical_switch_id. When
querying for bridge endpoints on an edge cluster, following parameters
can be used: bridge_endpoint_profile_id, vlan_transport_zone_id and
logical_switch_id. When multiple parameters are provided they will be
anded together. if bridge_cluster_id is used along with
bridge_endpoint_profile_id or vlan_transport_zone_id an error will be
thrown.
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_cluster_id | Bridge Cluster Identifier If provided, only bridge endpoints associated with the given bridge cluster will be returned. |
string | |
| bridge_endpoint_profile_id | Bridge endpoint profile used by the edge cluster If provided, only bridge endpoints associated with the given bridge endpoint profile will be returned. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| logical_switch_id | Logical Switch Identifier If provided, only bridge endpoints associated with the given logical switch will be returned. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vlan_transport_zone_id | VLAN transport zone id used by the edge cluster If provided, only bridge endpoints associated with the given transport zone will be returned. |
string |
BridgeEndpointStatistics (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| endpoint_id | The id of the bridge endpoint | string | Required Readonly |
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has never updated the data. | EpochMsTimestamp | Readonly |
| rx_bytes | DataCounter | Readonly | |
| rx_packets | DataCounter | Readonly | |
| tx_bytes | DataCounter | Readonly | |
| tx_packets | DataCounter | Readonly |
BridgeEndpointStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_nodes | The Ids of the transport nodes which actively serve the endpoint. | array of string | Readonly |
| endpoint_id | The id of the bridge endpoint | string | Required Readonly |
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has never updated the data. | EpochMsTimestamp | Readonly |
BridgeHighAvailabilityClusterProfile (schema) (Deprecated)
Profile for BFD HA cluster setting
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| bfd_probe_interval | the time interval (in millisec) between probe packets for heartbeat purpose | integer | Minimum: 300 Maximum: 60000 Default: "1000" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable | whether the heartbeat is enabled | boolean | Default: "True" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BridgeHighAvailabilityClusterProfile | ClusterProfileType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BridgeProfileConfig (schema)
Bridge Profile Configuration
configuration parameters for Bridge Profile
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_profile_path | Policy path to L2 Bridge profile Same bridge profile can be configured on different segments. Each bridge profile on a segment must unique. |
string | Required |
| uplink_teaming_policy_name | Uplink Teaming Policy Name The name of the switching uplink teaming policy for the bridge endpoint. This name corresponds to one fot he switching uplink teaming policy names listed in teh transport zone. When this property is not specified, the teaming policy is assigned by MP. |
string | |
| vlan_ids | VLAN IDs VLAN specification for bridge endpoint. Either VLAN ID or VLAN ranges can be specified. Not both. |
array of string | |
| vlan_transport_zone_path | Policy path to VLAN Transport Zone VLAN transport zone should belong to the enforcment-point as the transport zone specified in the segment. |
string | Required |
BridgeProfileRequestParameters (schema)
Bridge profile request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_profile_path | Bridge profile path Policy path of Bridge profile using which a bridge end point was created. |
string | Required |
| enforcement_point_path | String Path of the enforcement point Enforcement point path. |
string |
BrokerProperties (schema)
Information about a management plane node this transport node is configured to communicate with
| Name | Description | Type | Notes |
|---|---|---|---|
| BrokerFqdn | Fully qualified domain name of the message bus broker on the management plane node. | string | |
| BrokerIpAddress | IP address or hostname of the message bus broker on the management plane node. | HostnameOrIPv4Address | Required |
| BrokerIsMaster | Indicates whether this broker is the master. | string | |
| BrokerPort | Port number of the message bus broker on the management plane node. | string | |
| BrokerSslCertThumbprint | Certificate thumbprint of the message bus broker on the management plane node. | string | Required |
| BrokerVirtualHost | Type of host running the broker. | string |
BundleId (schema)
Id of bundle
Identifier of the bundle.
| Name | Description | Type | Notes |
|---|---|---|---|
| bundle_id | Bundle Id Identifier of bundle upload |
string | Readonly |
BundleIds (schema)
List of bundle-ids
Contains a list of bundle-ids.
| Name | Description | Type | Notes |
|---|---|---|---|
| failed | Failed bundle-Id Id of a bundle whose upload was failed. |
string | Readonly |
| in_progress | In-progress bundle-Id Id of a bundle whose upload is in-progress. |
string | Readonly |
| successful | Sucessful bundle-Id Id of a bundle whose upload is successful. |
string | Readonly |
BundleUploadParameters (schema)
Parameters for bundle upload
Parameters specified during bundle upload operations.
| Name | Description | Type | Notes |
|---|---|---|---|
| file_type | Type of file Type of file which will be uploaded. |
string | Required Enum: OVA |
| product | Name of the appliance Name of the appliance for which upload is performed. |
string | Required Enum: SAMPLE, ALB_CONTROLLER, INTELLIGENCE |
BundleUploadPermission (schema)
Permissions for bundle upload
Describes whether bundle upload is allowed or not.
| Name | Description | Type | Notes |
|---|---|---|---|
| reason | Reason for not allowing upload. | string | Readonly |
| upload_allowed | Bundle upload allowed flag Flag indication whether upload is allowed or not. |
boolean | Required Readonly |
BundleUploadStatus (schema)
Upload status of bundle
Upload status of bundle uploaded from local or remote location.
| Name | Description | Type | Notes |
|---|---|---|---|
| bundle_name | Name of the bundle Name of the uploaded bundle. |
string | Readonly |
| detailed_status | Detailed status of bundle upload Detailed status of bundle upload. |
string | Readonly |
| percent | Percent of upload completed Percent of bundle uploaded from remote location. |
number | Readonly |
| status | Status of bundle upload Current status of bundle upload. |
string | Readonly Enum: UPLOADING, VERIFYING, SUCCESS, FAILED |
| url | URL from which the bundle was uploaded URL for uploading bundle. |
string | Readonly |
ByodPolicyServiceInstance (schema)
Represents instance of self wiring partner's service
Represents an instance of partner's service whose wiring will be done by partner itself.
As partner does all the wiring, we call it as Byod - Bring your own device.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildServiceInstanceEndpoint |
|
| deployment_mode | Deployment Mode Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode. |
string | Enum: STAND_ALONE, ACTIVE_STANDBY Default: "ACTIVE_STANDBY" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| partner_service_name | Name of Partner Service Unique name of Partner Service in the Marketplace |
string | Required |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ByodPolicyServiceInstance | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_type | Transport Type Transport to be used while deploying Service-VM. |
string | Enum: L2_BRIDGE, L3_ROUTED Default: "L2_BRIDGE" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ByodPolicyServiceInstanceListResult (schema)
Collection of only Byod SI objects
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Byod Service instance list results | array of ByodPolicyServiceInstance | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ByodServiceInstance (schema)
Custom Instance of a service
ByodServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s. User will manage their own appliance (BYOD) to connect with NSX.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| deployment_mode | Deployment Mode Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode. |
string | Required Enum: STAND_ALONE, ACTIVE_STANDBY Default: "ACTIVE_STANDBY" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| on_failure_policy | On Failure Policy Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to. |
string | Enum: ALLOW, BLOCK |
| resource_type | Must be set to the value ByodServiceInstance | ServiceInstanceResourceType | Required |
| service_id | Service Id The Service to which the service instance is associated. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_type | Transport Type Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS. |
string | Required Enum: L2_BRIDGE, L3_ROUTED, NSH, NA |
CCPUpgradeStatus (schema)
Status of CCP upgrade
| Name | Description | Type | Notes |
|---|---|---|---|
| can_rollback | Can perform rollback This field indicates whether we can perform upgrade rollback. |
boolean | Readonly |
| can_skip | Can the upgrade of the remaining units in this component be skipped | boolean | Readonly |
| component_type | Component type for the upgrade status | string | Readonly |
| current_version_node_summary | Mapping of current versions of nodes and counts of nodes at the respective versions. | NodeSummaryList | Readonly |
| details | Details about the upgrade status | string | Readonly |
| node_count_at_target_version | Count of nodes at target component version Number of nodes of the type and at the component version |
int | Readonly |
| percent_complete | Indicator of upgrade progress in percentage | number | Required Readonly |
| pre_upgrade_status | Pre-upgrade status of the component-type | UpgradeChecksExecutionStatus | Readonly |
| status | Upgrade status of component | string | Required Readonly Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED |
| target_component_version | Target component version | string | Readonly |
CPUReservation (schema)
Relative to the form factor pre-defined reservation value. We recommended
that you use the predefined measures of CPU reservation shares to reduce
the CPU reservation of a VM. Reservation shares are relative to the
default form-factor value. Though absolute values for CPU reservation
is supported, we advise to use this option with caution as incorrect or
high reservation values could lead to deployment failure or lead to
resource starvation for other VMs running on the same host.
| Name | Description | Type | Notes |
|---|---|---|---|
| reservation_in_mhz | CPU reservation in MHz. The CPU reservation in MHz is the guaranteed minimum amount of clock cycles that the vmkernel CPU scheduler will give the Edge VM in case of contention. If an Edge VM is not using its reserved resources, then other machines can use them thus preventing waste of CPU cycles on the physical host. Note: We recommend use of reservation_in_shares instead of this absolute configuration. When you specify this value, set reservation_in_shares to LOW_PRIORITY. |
int | |
| reservation_in_shares | CPU reservation in shares. Shares specify the relative importance of a virtual machine on a given host. When you assign shares to a virtual machine, you always specify the priority for that virtual machine relative to other powered-on virtual machines on the same host. The default priority for shares is HIGH_PRIORITY. |
string | Enum: EXTRA_HIGH_PRIORITY, HIGH_PRIORITY, NORMAL_PRIORITY, LOW_PRIORITY Default: "HIGH_PRIORITY" |
CaBundle (schema)
CA certificates bundle
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| certificates | X509Certificates in the bundle | array of X509Certificate | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| earliest_not_after | The earliest time in epoch milliseconds at which a certificate becomes invalid. | EpochMsTimestamp | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| not_after_list | Times for each certificate in the bundle at which the certificate becomes invalid. | array of EpochMsTimestamp | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| pem_encoded | PEM-encoded CA bundle certificates. | string | Required |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value CaBundle | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CaBundleListResult (schema)
CA Bundle query result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CA bundles list. | array of CaBundle | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CallbackAuthenticationScheme (schema)
CallbackAuthenticationScheme describes how notification requests should authenticate to the server.
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_id | Valid certificate ID Certificate ID with a valid certificate and private key, procured from trust-management API. |
string | |
| password | Password for authentication Password to use if scheme_name is BASIC_AUTH. |
string | |
| scheme_name | Authentication scheme to use when making notification requests Authentication scheme to use when making notification requests to the partner console. Specify one of BASIC_AUTH or CERTIFICATE. |
string | Required Enum: BASIC_AUTH, CERTIFICATE |
| username | Username for authentication Username to use if scheme_name is BASIC_AUTH. |
string |
CapacityDashboardUsage (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| current_usage_count | Current usage count of object type Indicate the current usage count of object type. |
integer | Required |
| current_usage_percentage | Current usage percentage Current usage percentage for object type |
number | Required |
| display_name | User friendly name for object type Display name for NSX object type. |
string | Required |
| max_supported_count | Maximum supported count for object type This is the maximum supported count for object type in consideration. |
integer | Required |
| max_threshold_percentage | Max threshold percentage for object type This indicates the maximum threshold percentage for object type. |
number | Required |
| min_threshold_percentage | Min threshold percentage for object type This indicates the minimum threshold percentage for object type. |
number | Required |
| severity | Severity calculated from percentage usage Severity calculated from percentage usage |
string | Required Enum: INFO, WARNING, CRITICAL, ERROR |
| usage_type | Object type for which usage is fetched Indicate the object type for which usage is calculated. |
string | Required |
CapacityThreshold (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| max_threshold_percentage | Maximum threshold percentage Set the maximum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as critical. |
number | Required Minimum: 0 Maximum: 100 |
| min_threshold_percentage | Minimum threshold percentage Set the minimum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as warning. |
number | Required Minimum: 0 Maximum: 100 |
| threshold_type | Object type for which threshold is to be set Indicate the object type for which threshold is to be set. |
string | Required |
CapacityThresholdList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| capacity_thresholds | List of capacity thresholds for NSX Objects | array of CapacityThreshold | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value CapacityThresholdList | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CapacityUsage (schema)
usage of each capacity type ex. vm, cpu
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| capacity_type | type of the capacity field | string | Readonly |
| usage_count | count of number of items of capacity_type | integer | Readonly |
CapacityUsageMetaInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| last_updated_timestamp | Timestamp at which capacity usage was last calculated | EpochMsTimestamp | Required |
| max_global_threshold_percentage | Maximum global threshold percentage Indicates the maximum global threshold percentage |
number | Required |
| min_global_threshold_percentage | Minimum global threshold percentage Indicates the minimum global threshold percentage |
number | Required |
CapacityUsageRequestParameters (schema)
Parameter to force inline calculation.
| Name | Description | Type | Notes |
|---|---|---|---|
| category | Category of attributes for which capacity details need to be fetched.
Supported categories are security, inventory, networking and system. User can provide comma separated list of multiple categories. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| force | Parameter to force inline calculation instead of retrieving
cached results. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
CapacityUsageResponse (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| capacity_usage | List of capacity usage for NSX Objects | array of CapacityDashboardUsage | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| meta_info | Meta data for capacity usage statistics | object | Required |
| resource_type | Must be set to the value CapacityUsageResponse | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unreported_usage_types | Unreported usage types Types for which usage data was not reported |
array of string |
CdpStatusType (schema)
Status types supported of the CrlDistributionPoint
| Name | Description | Type | Notes |
|---|---|---|---|
| CdpStatusType | Status types supported of the CrlDistributionPoint | string | Enum: NOT_READY, FETCHING, READY, ERROR |
CentralConfigProperties (schema)
Central Config properties
| Name | Description | Type | Notes |
|---|---|---|---|
| local_override | Override Central Config | boolean | Required |
CentralNodeConfigProfile (schema)
Central Node Config Profile
Central Node Config profile for NSX nodes. This set of properties will be pushed to NSX Manager and Edge nodes. SNMP properties will be pushed to KVM Hypervisors in addition to Manager and Edge nodes.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ntp | NTP service properties NTP service properties for NSX nodes. |
NtpProperties | |
| resource_type | Must be set to the value CentralNodeConfigProfile | string | |
| snmp | SNMP service properties SNMP service properties for NSX nodes. |
SnmpProperties | |
| syslog | Syslog service properties Syslog service properties for NSX nodes. |
SyslogProperties | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| timezone | Timezone Timezone to be set for NSX nodes. Only timezone strings listed in the Time Zone database (https://www.iana.org/time-zones) are allowed. |
string |
CentralNodeConfigProfileGetRequestParams (schema)
GET request parameters for Central Node Config profile
This object includes GET request parameter to indicate whether sensitive data should be returned for a central Central Node Config profile.
| Name | Description | Type | Notes |
|---|---|---|---|
| show_sensitive_data | Show sensitive data in Central Node Config profile If set to true, Central Node Config profile includes sensitive data properties like SNMP community strings if any applicable. Note that passwords are never returned. Default set to false. |
boolean | Default: "False" |
CentralNodeConfigProfileListResult (schema)
List of Central Node Config profiles
Paged collection of Central Node Config profiles.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Central Node Config profiles | array of CentralNodeConfigProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
Certificate (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| details | List of X509Certificates. | array of X509Certificate | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| has_private_key | Whether we have the private key for this certificate. | boolean | Required Readonly Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| pem_encoded | PEM encoded certificate data. | string | Required |
| purpose | Purpose of this certificate. Can be empty or set to "signing-ca". | string | Enum: signing-ca |
| resource_type | Must be set to the value Certificate | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| used_by | List of node IDs with services, that are using this certificate. | array of NodeIdServicesMap | Readonly |
CertificateCheckingStatus (schema)
Result of checking a certificate
| Name | Description | Type | Notes |
|---|---|---|---|
| error_message | Error Message Error message when checking the certificate. |
string | Readonly |
| status | Status Status of the checked certificate. |
CertificateCheckingStatusType | Required Readonly |
CertificateCheckingStatusType (schema)
Status types returned when checking a certificate
| Name | Description | Type | Notes |
|---|---|---|---|
| CertificateCheckingStatusType | Status types returned when checking a certificate | string | Enum: OK, CRL_NOT_READY, REJECTED, ERROR |
CertificateId (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_id | Certificate ID | string | Required Readonly |
CertificateKeyPair (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate | SecurityCertificate | Required | |
| rsa_private_key | PEM encoded RSA private key The private key must include the enclosing "-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----". An empty string is returned in read responses. |
string | Required Minimum length: 60 |
CertificateList (schema)
Certificate queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Certificate list. | array of Certificate | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CertificateProfile (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cluster_certificate | Cluster Certificate True if this is for a cluster certificate |
boolean | Required Readonly |
| extended_key_usage | Extended Key Usage Indicating whether this certificate is used for server-auth, client-auth or both. |
array of CertificateUsageType | Required Readonly |
| node_type | Node Type List of types of node this certificate applies to. |
array of NodeType | Required Readonly |
| profile_name | Certificate Profile Name | string | Required Readonly |
| service_type | Unique Service Type | ServiceType | Required Readonly |
| unique_use | Unique Use True if the certificate used for this service-type cannot be used anywhere else. |
boolean | Required Readonly |
CertificateProfileListResult (schema)
CertificateProfile query result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CertificateProfile list. | array of CertificateProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CertificateUsageType (schema)
Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER
| Name | Description | Type | Notes |
|---|---|---|---|
| CertificateUsageType | Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER | string | Enum: SERVER, CLIENT |
ChildALBAlertScriptConfig (schema)
Wrapper object for ChildALBAlertScriptConfig
Child wrapper for ALBAlertScriptConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAlertScriptConfig | ChildALBAlertScriptConfig Contains the actual ALBAlertScriptConfig object. |
ALBAlertScriptConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBAlertScriptConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBAnalyticsProfile (schema)
Wrapper object for ChildALBAnalyticsProfile
Child wrapper for ALBAnalyticsProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAnalyticsProfile | ChildALBAnalyticsProfile Contains the actual ALBAnalyticsProfile object. |
ALBAnalyticsProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBAnalyticsProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBApplicationPersistenceProfile (schema)
Wrapper object for ChildALBApplicationPersistenceProfile
Child wrapper for ALBApplicationPersistenceProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBApplicationPersistenceProfile | ChildALBApplicationPersistenceProfile Contains the actual ALBApplicationPersistenceProfile object. |
ALBApplicationPersistenceProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBApplicationPersistenceProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBApplicationProfile (schema)
Wrapper object for ChildALBApplicationProfile
Child wrapper for ALBApplicationProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBApplicationProfile | ChildALBApplicationProfile Contains the actual ALBApplicationProfile object. |
ALBApplicationProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBApplicationProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBAuthProfile (schema)
Wrapper object for ChildALBAuthProfile
Child wrapper for ALBAuthProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAuthProfile | ChildALBAuthProfile Contains the actual ALBAuthProfile object. |
ALBAuthProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBAuthProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBAutoScaleLaunchConfig (schema)
Wrapper object for ChildALBAutoScaleLaunchConfig
Child wrapper for ALBAutoScaleLaunchConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBAutoScaleLaunchConfig | ChildALBAutoScaleLaunchConfig Contains the actual ALBAutoScaleLaunchConfig object. |
ALBAutoScaleLaunchConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBAutoScaleLaunchConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBCertificateManagementProfile (schema)
Wrapper object for ChildALBCertificateManagementProfile
Child wrapper for ALBCertificateManagementProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBCertificateManagementProfile | ChildALBCertificateManagementProfile Contains the actual ALBCertificateManagementProfile object. |
ALBCertificateManagementProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBCertificateManagementProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBDnsPolicy (schema)
Wrapper object for ChildALBDnsPolicy
Child wrapper for ALBDnsPolicy, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBDnsPolicy | ChildALBDnsPolicy Contains the actual ALBDnsPolicy object. |
ALBDnsPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBDnsPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBErrorPageBody (schema)
Wrapper object for ChildALBErrorPageBody
Child wrapper for ALBErrorPageBody, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBErrorPageBody | ChildALBErrorPageBody Contains the actual ALBErrorPageBody object. |
ALBErrorPageBody | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBErrorPageBody | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBErrorPageProfile (schema)
Wrapper object for ChildALBErrorPageProfile
Child wrapper for ALBErrorPageProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBErrorPageProfile | ChildALBErrorPageProfile Contains the actual ALBErrorPageProfile object. |
ALBErrorPageProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBErrorPageProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBHTTPPolicySet (schema)
Wrapper object for ChildALBHTTPPolicySet
Child wrapper for ALBHTTPPolicySet, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHTTPPolicySet | ChildALBHTTPPolicySet Contains the actual ALBHTTPPolicySet object. |
ALBHTTPPolicySet | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBHTTPPolicySet | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBHardwareSecurityModuleGroup (schema)
Wrapper object for ChildALBHardwareSecurityModuleGroup
Child wrapper for ALBHardwareSecurityModuleGroup, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHardwareSecurityModuleGroup | ChildALBHardwareSecurityModuleGroup Contains the actual ALBHardwareSecurityModuleGroup object. |
ALBHardwareSecurityModuleGroup | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBHardwareSecurityModuleGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBHealthMonitor (schema)
Wrapper object for ChildALBHealthMonitor
Child wrapper for ALBHealthMonitor, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBHealthMonitor | ChildALBHealthMonitor Contains the actual ALBHealthMonitor object. |
ALBHealthMonitor | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBHealthMonitor | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBIpAddrGroup (schema)
Wrapper object for ChildALBIpAddrGroup
Child wrapper for ALBIpAddrGroup, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBIpAddrGroup | ChildALBIpAddrGroup Contains the actual ALBIpAddrGroup object. |
ALBIpAddrGroup | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBIpAddrGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBL4PolicySet (schema)
Wrapper object for ChildALBL4PolicySet
Child wrapper for ALBL4PolicySet, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBL4PolicySet | ChildALBL4PolicySet Contains the actual ALBL4PolicySet object. |
ALBL4PolicySet | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBL4PolicySet | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBNetworkProfile (schema)
Wrapper object for ChildALBNetworkProfile
Child wrapper for ALBNetworkProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBNetworkProfile | ChildALBNetworkProfile Contains the actual ALBNetworkProfile object. |
ALBNetworkProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBNetworkProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBNetworkSecurityPolicy (schema)
Wrapper object for ChildALBNetworkSecurityPolicy
Child wrapper for ALBNetworkSecurityPolicy, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBNetworkSecurityPolicy | ChildALBNetworkSecurityPolicy Contains the actual ALBNetworkSecurityPolicy object. |
ALBNetworkSecurityPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBNetworkSecurityPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBPKIProfile (schema)
Wrapper object for ChildALBPKIProfile
Child wrapper for ALBPKIProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPKIProfile | ChildALBPKIProfile Contains the actual ALBPKIProfile object. |
ALBPKIProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBPKIProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBPool (schema)
Wrapper object for ChildALBPool
Child wrapper for ALBPool, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPool | ChildALBPool Contains the actual ALBPool object. |
ALBPool | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBPool | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBPoolGroup (schema)
Wrapper object for ChildALBPoolGroup
Child wrapper for ALBPoolGroup, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPoolGroup | ChildALBPoolGroup Contains the actual ALBPoolGroup object. |
ALBPoolGroup | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBPoolGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBPoolGroupDeploymentPolicy (schema)
Wrapper object for ChildALBPoolGroupDeploymentPolicy
Child wrapper for ALBPoolGroupDeploymentPolicy, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPoolGroupDeploymentPolicy | ChildALBPoolGroupDeploymentPolicy Contains the actual ALBPoolGroupDeploymentPolicy object. |
ALBPoolGroupDeploymentPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBPoolGroupDeploymentPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBPriorityLabels (schema)
Wrapper object for ChildALBPriorityLabels
Child wrapper for ALBPriorityLabels, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBPriorityLabels | ChildALBPriorityLabels Contains the actual ALBPriorityLabels object. |
ALBPriorityLabels | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBPriorityLabels | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBProtocolParser (schema)
Wrapper object for ChildALBProtocolParser
Child wrapper for ALBProtocolParser, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBProtocolParser | ChildALBProtocolParser Contains the actual ALBProtocolParser object. |
ALBProtocolParser | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBProtocolParser | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBSSLKeyAndCertificate (schema)
Wrapper object for ChildALBSSLKeyAndCertificate
Child wrapper for ALBSSLKeyAndCertificate, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLKeyAndCertificate | ChildALBSSLKeyAndCertificate Contains the actual ALBSSLKeyAndCertificate object. |
ALBSSLKeyAndCertificate | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBSSLKeyAndCertificate | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBSSLProfile (schema)
Wrapper object for ChildALBSSLProfile
Child wrapper for ALBSSLProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSLProfile | ChildALBSSLProfile Contains the actual ALBSSLProfile object. |
ALBSSLProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBSSLProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBSSOPolicy (schema)
Wrapper object for ChildALBSSOPolicy
Child wrapper for ALBSSOPolicy, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSSOPolicy | ChildALBSSOPolicy Contains the actual ALBSSOPolicy object. |
ALBSSOPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBSSOPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBSecurityPolicy (schema)
Wrapper object for ChildALBSecurityPolicy
Child wrapper for ALBSecurityPolicy, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBSecurityPolicy | ChildALBSecurityPolicy Contains the actual ALBSecurityPolicy object. |
ALBSecurityPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBSecurityPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBServerAutoScalePolicy (schema)
Wrapper object for ChildALBServerAutoScalePolicy
Child wrapper for ALBServerAutoScalePolicy, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBServerAutoScalePolicy | ChildALBServerAutoScalePolicy Contains the actual ALBServerAutoScalePolicy object. |
ALBServerAutoScalePolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBServerAutoScalePolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBStringGroup (schema)
Wrapper object for ChildALBStringGroup
Child wrapper for ALBStringGroup, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBStringGroup | ChildALBStringGroup Contains the actual ALBStringGroup object. |
ALBStringGroup | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBStringGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBTrafficCloneProfile (schema)
Wrapper object for ChildALBTrafficCloneProfile
Child wrapper for ALBTrafficCloneProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBTrafficCloneProfile | ChildALBTrafficCloneProfile Contains the actual ALBTrafficCloneProfile object. |
ALBTrafficCloneProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBTrafficCloneProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBVSDataScriptSet (schema)
Wrapper object for ChildALBVSDataScriptSet
Child wrapper for ALBVSDataScriptSet, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBVSDataScriptSet | ChildALBVSDataScriptSet Contains the actual ALBVSDataScriptSet object. |
ALBVSDataScriptSet | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBVSDataScriptSet | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBVirtualService (schema)
Wrapper object for ChildALBVirtualService
Child wrapper for ALBVirtualService, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBVirtualService | ChildALBVirtualService Contains the actual ALBVirtualService object. |
ALBVirtualService | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBVirtualService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBVsVip (schema)
Wrapper object for ChildALBVsVip
Child wrapper for ALBVsVip, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBVsVip | ChildALBVsVip Contains the actual ALBVsVip object. |
ALBVsVip | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBVsVip | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBWafCRS (schema)
Wrapper object for ChildALBWafCRS
Child wrapper for ALBWafCRS, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafCRS | ChildALBWafCRS Contains the actual ALBWafCRS object. |
ALBWafCRS | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBWafCRS | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBWafPolicy (schema)
Wrapper object for ChildALBWafPolicy
Child wrapper for ALBWafPolicy, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafPolicy | ChildALBWafPolicy Contains the actual ALBWafPolicy object. |
ALBWafPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBWafPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBWafPolicyPSMGroup (schema)
Wrapper object for ChildALBWafPolicyPSMGroup
Child wrapper for ALBWafPolicyPSMGroup, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafPolicyPSMGroup | ChildALBWafPolicyPSMGroup Contains the actual ALBWafPolicyPSMGroup object. |
ALBWafPolicyPSMGroup | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBWafPolicyPSMGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBWafProfile (schema)
Wrapper object for ChildALBWafProfile
Child wrapper for ALBWafProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWafProfile | ChildALBWafProfile Contains the actual ALBWafProfile object. |
ALBWafProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBWafProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildALBWebhook (schema)
Wrapper object for ChildALBWebhook
Child wrapper for ALBWebhook, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBWebhook | ChildALBWebhook Contains the actual ALBWebhook object. |
ALBWebhook | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildALBWebhook | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildAntreaTraceflowConfig (schema)
Wrapper object for AnteaTraceflowConfig
Child wrapper for AntreaTraceflowConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TraceflowConfig | AntreaTraceflowConfig Contains the actual AntreaTraceflowConfig object. |
AntreaTraceflowConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildAntreaTraceflowConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildBfdProfile (schema)
Wrapper object for BfdProfile
Child wrapper for BfdProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| BfdProfile | Bfd Profile Contains the actual BfdProfile object. |
BfdProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildBfdProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildBgpNeighborConfig (schema)
Wrapper object for BgpNeighborConfig
Child wrapper object for BgpNeighborConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| BgpNeighborConfig | BgpNeighborConfig Contains the actual BgpNeighborConfig object. |
BgpNeighborConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildBgpNeighborConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildBgpRoutingConfig (schema)
Wrapper object for BgpRoutingConfig
Child wrapper object for BgpRoutingConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| BgpRoutingConfig | BgpRoutingConfig Contains the actual BgpRoutingConfig object. |
BgpRoutingConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildBgpRoutingConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildByodPolicyServiceInstance (schema)
Wrapper object for ByodPolicyServiceInstance
Child wrapper object for ByodPolicyServiceInstance used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ByodPolicyServiceInstance | ByodPolicyServiceInstance Contains actual ByodPolicyServiceInstance. |
ByodPolicyServiceInstance | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildByodPolicyServiceInstance | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildCaBundle (schema)
Child wrapper for CA certificates bundle, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| CaBundle | CaBundle Contains the actual CaBundle object. |
CaBundle | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildCaBundle | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildCommunicationEntry (schema) (Deprecated)
Wrapper object for CommunicationEntry
Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| CommunicationEntry | CommunicationEntry Contains the actual CommunicationEntry object. |
CommunicationEntry | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildCommunicationEntry | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildCommunicationMap (schema) (Deprecated)
Wrapper object for CommunicationMap
Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| CommunicationMap | CommunicationMap Contains the actual CommunicationMap object. |
CommunicationMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildCommunicationMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildCommunityList (schema)
Wrapper object for CommunityList
Child wrapper object for CommunityList, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| CommunityList | CommunityList Contains the actual CommunityList object |
CommunityList | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildCommunityList | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildComputeClusterIdfwConfiguration (schema)
Wrapper object for ComputeClusterIdfwConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| ComputeClusterIdfwConfiguration | ComputeClusterIdfwConfiguration Contains the actual compute cluster idfw configuration object. |
ComputeClusterIdfwConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildComputeClusterIdfwConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildConstraint (schema)
Wrapper object for Constraint
Child wrapper object for Constraint, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Constraint | Constraint Contains the actual Constraint object |
Constraint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildConstraint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDeploymentZone (schema) (Deprecated)
Wrapper object for DeploymentZone
Child wrapper object for DeploymentZone, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DeploymentZone | DeploymentZone Contains the actual DeploymentZone object |
DeploymentZone | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDeploymentZone | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDfwFirewallConfiguration (schema) (Experimental)
Wrapper object for FirewallConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| DfwFirewallConfiguration | Dfw Firewall Configuration Contains the actual dfw firewall configuration list object. |
DfwFirewallConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDfwFirewallConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDhcpRelayConfig (schema)
Wrapper object for DhcpRelayConfig
Child wrapper object for DhcpRelayConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DhcpRelayConfig | DhcpRelayConfig Contains the actual DhcpRelayConfig object |
DhcpRelayConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDhcpRelayConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDhcpServerConfig (schema)
Wrapper object for DhcpServerConfig
Child wrapper object for DhcpServerConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DhcpServerConfig | DhcpServerConfig Contains the actual DhcpServerConfig object |
DhcpServerConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDhcpServerConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDhcpStaticBindingConfig (schema)
Wrapper object for DhcpStaticBindingConfig
Child wrapper for DhcpStaticBindingConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| DhcpStaticBindingConfig | DhcpStaticBindingConfig Contains the actual DhcpStaticBindingConfig object. |
DhcpStaticBindingConfig (Abstract type: pass one of the following concrete types) DhcpV4StaticBindingConfig DhcpV6StaticBindingConfig |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDhcpStaticBindingConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDnsSecurityProfile (schema)
Wrapper object for DnsSecurityProfile
Child wrapper object for DnsSecurityProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DnsSecurityProfile | DnsSecurityProfile Contains the actual DnsSecurityProfile object |
DnsSecurityProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDnsSecurityProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDnsSecurityProfileBindingMap (schema)
Wrapper object for DnsSecurityProfileBindingMap
Child wrapper obejct for DnsSecurityProfileBindingMap used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DnsSecurityProfileBindingMap | DnsSecurityProfileBindingMap Contains the actual DnsSecurityProfileBindingMap object |
DnsSecurityProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDnsSecurityProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDomain (schema)
Wrapper object for Domain
Child wrapper object for domain, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Domain | Domain Contains the actual domain object. |
Domain | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDomain | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDomainDeploymentMap (schema)
Wrapper object for DomainDeploymentMap
Child wrapper object for DomainDeploymentMap, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| DomainDeploymentMap | DomainDeploymentMap Contains the actual DomainDeploymentMap object. |
DomainDeploymentMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDomainDeploymentMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEndpointPolicy (schema)
Wrapper object for Endpoint Policy
Child wrapper object for EndpointPolicy used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EndpointPolicy | EndpointPolicy Contains actual EndpointPolicy. |
EndpointPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEndpointPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEndpointRule (schema)
Wrapper object for Endpoint Rule
Child wrapper object for EndpointRule used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EndpointRule | EndpointRule Contains actual EndpointRule. |
EndpointRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEndpointRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEnforcementPoint (schema)
Wrapper object for EnforcementPoint
Child wrapper object for EnforcementPoint, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EnforcementPoint | EnforcementPoint Contains the actual Enforcement point object. |
EnforcementPoint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEnforcementPoint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEvpnConfig (schema)
Wrapper object for EvpnConfig
Child wrapper object for EvpnConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EvpnConfig | EvpnConfig Contains the actual EvpnConfig object. |
EvpnConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEvpnConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEvpnTunnelEndpointConfig (schema)
Wrapper object for EvpnTunnelEndpointConfig
Child wrapper object for EvpnTunnelEndpointConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EvpnTunnelEndpointConfig | EvpnTunnelEndpointConfig Contains the actual EvpnTunnelEndpointConfig object. |
EvpnTunnelEndpointConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEvpnTunnelEndpointConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildFloodProtectionProfile (schema)
Wrapper object for FloodProtectionProfile
Child wrapper object for FloodProtectionProfile,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| FloodProtectionProfile | FloodProtectionProfile Contains the actual FloodProtectionProfile object |
FloodProtectionProfile (Abstract type: pass one of the following concrete types) DistributedFloodProtectionProfile GatewayFloodProtectionProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildFloodProtectionProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildFloodProtectionProfileBindingMap (schema)
Wrapper object for FloodProtectionProfileBindingMap
Child wrapper object for FloodProtectionProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| FloodProtectionProfileBindingMap | FloodProtectionProfileBindingMap Contains the actual FloodProtectionProfileBindingMap object |
FloodProtectionProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildFloodProtectionProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildForwardingPolicy (schema)
Wrapper object for children of type ForwardingPolicy
Child wrapper object for ForwardingPolicy used in Hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ForwardingPolicy | ForwardingPolicy Contains actual ForwardingPolicy. |
ForwardingPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildForwardingPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildForwardingRule (schema)
Wrapper object for ForwardingRule
Child wrapper object for ForwardingRule used in Hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ForwardingRule | ForwardingRule Contains actual ForwardingRule. |
ForwardingRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildForwardingRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildFqdnAnalysisConfig (schema)
Wrapper object for FqdnAnalysisConfig
Child wrapper object for FqdnAnalysisConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| FqdnAnalysisConfig | FQDN Analysis Config Contains the actual FqdnAnalysisConfig object |
FqdnAnalysisConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildFqdnAnalysisConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGatewayPolicy (schema)
Wrapper object for GatewayPolicy
Child wrapper object for GatewayPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GatewayPolicy | GatewayPolicy Contains the actual GatewayPolicy object |
GatewayPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGatewayPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGatewayQosProfile (schema)
Wrapper object for GatewayQosProfile
Child wrapper for GatewayQosProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| QosProfile | GatewayQosProfile Contains the actual GatewayQosProfile object. |
GatewayQosProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGatewayQosProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGeneralSecurityProfile (schema)
Wrapper object for GeneralSecurityProfile
Child wrapper object for GeneralSecurityProfile,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GeneralSecurityProfile | GeneralSecurityProfile Contains the actual GeneralSecurityProfile object |
GeneralSecurityProfile (Abstract type: pass one of the following concrete types) GatewayGeneralSecurityProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGeneralSecurityProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGeneralSecurityProfileBindingMap (schema)
Wrapper object for GeneralSecurityProfileBindingMap
Child wrapper object for GeneralSecurityProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GeneralSecurityProfileBindingMap | GeneralSecurityProfileBindingMap Contains the actual GeneralSecurityProfileBindingMap object |
GeneralSecurityProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGeneralSecurityProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGlobalConfig (schema)
Wrapper object for GlobalConfig
Child wrapper object for GlobalConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalConfig | GlobalConfig Contains the actual GlobalConfig object. |
GlobalConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGlobalConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGlobalIdsSignature (schema)
Wrapper object for GlobalIdsSignature
Child wrapper object for GlobalIdsSignature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalIdsSignature | GlobalIdsSignature Contains the GlobalIdsSignature object |
GlobalIdsSignature | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGlobalIdsSignature | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGlobalManager (schema)
Wrapper object for Global Manager
Child wrapper object for Global Manager, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalManager | GlobalManager Contains the actual Global Manager object. |
GlobalManager | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGlobalManager | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGroup (schema)
Wrapper object for Group
Child wrapper object for group, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Group | Group Contains the actual group objects. |
Group | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGroupDiscoveryProfileBindingMap (schema)
Wrapper object for GroupDiscoveryProfileBindingMap
Child wrapper obejct for GroupDiscoveryProfileBindingMap used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GroupDiscoveryProfileBindingMap | GroupDiscoveryProfileBindingMap Contains the actual GroupDiscoveryProfileBindingMap object |
GroupDiscoveryProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGroupDiscoveryProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGroupMonitoringProfileBindingMap (schema)
Wrapper object for GroupMonitoringProfileBindingMap
Child wrapper object for GroupMonitoringProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GroupMonitoringProfileBindingMap | GroupMonitoringProfileBindingMap Contains the actual GroupMonitoringProfileBindingMap object |
GroupMonitoringProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGroupMonitoringProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildHostTransportNode (schema)
Wrapper object for Host Transport Node
Child wrapper for Host Transport Node, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| HostTransportNode | Host Transport Node Contains the actual Host Transport Node object. |
HostTransportNode | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildHostTransportNode | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildHostTransportNodeCollection (schema)
Wrapper object for Transport Node Collection
Child wrapper for Transport Collection, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| HostTransportNodeCollection | Transport Node Collection Contains the actual Transport Node Collection object. |
HostTransportNodeCollection | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildHostTransportNodeCollection | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPDiscoveryProfile (schema)
Wrapper object for IPDiscoveryProfile
Child wrapper object for IPDiscoveryProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPDiscoveryProfile | IPDiscoveryProfile Contains the actual IPDiscoveryProfile object |
IPDiscoveryProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPDiscoveryProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPFIXDFWCollectorProfile (schema)
Wrapper object for IPFIXDFWCollectorProfile
Child wrapper object for IPFIXDFWCollectorProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPFIXDFWCollectorProfile | IPFIXDFWCollectorProfile Contains the actual IPFIXDFWCollectorProfile object |
IPFIXDFWCollectorProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPFIXDFWCollectorProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPFIXDFWProfile (schema)
Wrapper object for IPFIXDFWProfile
Child wrapper object for IPFIXDFWProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPFIXDFWProfile | IPFIXDFWProfile Contains the actual IPFIXDFWProfile object |
IPFIXDFWProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPFIXDFWProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPFIXL2CollectorProfile (schema)
Wrapper object for IPFIXL2CollectorProfile
Child wrapper object for IPFIXL2CollectorProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPFIXL2CollectorProfile | IPFIXL2CollectorProfile Contains the actual IPFIXL2CollectorProfile object |
IPFIXL2CollectorProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPFIXL2CollectorProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPFIXL2Profile (schema)
Wrapper object for IPFIXL2Profile
Child wrapper object for IPFIXL2Profile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPFIXL2Profile | IPFIXL2Profile Contains the actual IPFIXL2Profile object |
IPFIXL2Profile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPFIXL2Profile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnDpdProfile (schema)
Wrapper object for IPSecVpnDpdProfile
Child wrapper object for IPSecVpnDpdProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnDpdProfile | IPSecVpnDpdProfile Contains the actual IPSecVpnDpdProfile object. |
IPSecVpnDpdProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnDpdProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnIkeProfile (schema)
Wrapper object for IPSecVpnIkeProfile
Child wrapper object for IPSecVpnIkeProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnIkeProfile | IPSecVpnIkeProfile Contains the actual IPSecVpnIkeProfile object. |
IPSecVpnIkeProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnIkeProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnLocalEndpoint (schema)
Wrapper object for IPSecVpnLocalEndpoint
Child wrapper object for IPSecVpnLocalEndpoint, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnLocalEndpoint | IPSecVpnLocalEndpoint Contains the actual IPSecVpnLocalEndpoint object. |
IPSecVpnLocalEndpoint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnLocalEndpoint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnService (schema)
Wrapper object for IPSecVpnService
Child wrapper object for IPSecVpnService, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnService | IPSecVpnService Contains the actual IPSecVpnService object. |
IPSecVpnService | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnSession (schema)
Wrapper object for IPSecVpnSession
Child wrapper object for IPSecVpnSession, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnSession | IPSecVpnSession Contains the actual IPSecVpnSession object. |
IPSecVpnSession (Abstract type: pass one of the following concrete types) PolicyBasedIPSecVpnSession RouteBasedIPSecVpnSession |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnSession | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnTunnelProfile (schema)
Wrapper object for IPSecVpnTunnelProfile
Child wrapper object for IPSecVpnTunnelProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnTunnelProfile | IPSecVpnTunnelProfile Contains the actual IPSecVpnTunnelProfile object |
IPSecVpnTunnelProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnTunnelProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsClusterConfig (schema)
Wrapper object for IdsClusterConfig
Child wrapper object for IdsClusterConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsClusterConfig | IdsClusterConfig Contains the IdsClusterConfig object |
IdsClusterConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsClusterConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsGatewayPolicy (schema)
Wrapper object for IdsGatewayPolicy
Child wrapper object for IdsGatewayPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsGatewayPolicy | IdsGatewayPolicy Contains the IdsGatewayPolicy object |
IdsGatewayPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsGatewayPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsGlobalEventConfig (schema)
Wrapper object for IdsGlobalEventConfig
Child wrapper object for IdsGlobalEventConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsGlobalEventConfig | IdsGlobalEventConfig Contains the IdsGlobalEventConfig object |
IdsGlobalEventConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsGlobalEventConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsProfile (schema)
Wrapper object for IdsProfile
Child wrapper object for IdsProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsProfile | IdsProfile Contains the IdsProfile object |
IdsProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsRule (schema)
Wrapper object for IdsRule
Child wrapper object for IdsRule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsRule | IdsRule Contains the IdsRule object |
IdsRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSecurityPolicy (schema)
Wrapper object for IdsSecurityPolicy
Child wrapper object for IdsSecurityPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSecurityPolicy | IdsSecurityPolicy Contains the IdsSecurityPolicy object |
IdsSecurityPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSecurityPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSettings (schema)
Wrapper object for IdsSettings
Child wrapper object for IdsSettings, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSettings | IdsSettings Contains the IdsSettings object |
IdsSettings | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSettings | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSignature (schema)
Wrapper object for IdsSignature
Child wrapper object for IdsSignature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSignature | IdsSignature Contains the IdsSignature object |
IdsSignature | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSignature | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSignatureStatus (schema)
Wrapper object for IdsSignatureStatus
Child wrapper object for IdsSignatureStatus, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSignatureStatus | IdsSignatureStatus Contains the IdsSignatureStatus object |
IdsSignatureStatus | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSignatureStatus | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsStandaloneHostConfig (schema)
Wrapper object for IdsStandaloneHostConfig
Child wrapper object for IdsStandaloneHostConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsStandaloneHostConfig | IdsStandaloneHostConfig Contains the IdsStandaloneHostConfig object |
IdsStandaloneHostConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsStandaloneHostConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildInfra (schema)
Wrapper object for Infra
Child wrapper object for Infra, used in multi-tenancy hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Infra | Infra Contains the actual Infra object |
Infra | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildInfra | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpAddressAllocation (schema)
Wrapper object for IpAddressAllocation
Child wrapper object for IpAddressAllocation, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IpAddressAllocation | IpAddressAllocation Contains the actual IpAddressAllocation object |
IpAddressAllocation | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpAddressAllocation | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpAddressBlock (schema)
Wrapper object for IpAddressBlock
Child wrapper object for IpAddressBlock, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IpAddressBlock | IpAddressBlock Contains the actual IpAddressBlock object |
IpAddressBlock | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpAddressBlock | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpAddressPool (schema)
Wrapper object for IpAddressPool
Child wrapper object for IpAddressPool, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IpAddressPool | IpAddressPool Contains the actual IpAddressPool object |
IpAddressPool | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpAddressPool | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpAddressPoolSubnet (schema)
Wrapper object for IpAddressPoolSubnet
Child wrapper object for IpAddressPoolSubnet, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IpAddressPoolSubnet | IpAddressPoolSubnet Contains the actual IpAddressPoolSubnet object |
IpAddressPoolSubnet (Abstract type: pass one of the following concrete types) IpAddressPoolBlockSubnet IpAddressPoolStaticSubnet |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpAddressPoolSubnet | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpv6DadProfile (schema)
Wrapper object for Ipv6DadProfile
Child wrapper object for Ipv6DadProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Ipv6DadProfile | Ipv6DadProfile Contains the actual Ipv6DadProfile objects |
Ipv6DadProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpv6DadProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpv6NdraProfile (schema)
Wrapper object for Ipv6NdraProfile
Child wrapper object for Ipv6NdraProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Ipv6NdraProfile | Ipv6NdraProfile Contains the actual Ipv6NdraProfile objects |
Ipv6NdraProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpv6NdraProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2BridgeEndpointProfile (schema)
Wrapper object for L2BridgeEndpointProfile
Child wrapper object for L2BridgeEndpointProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| L2BridgeEndpointProfile | L2BridgeEndpointProfile Contains the actual L2BridgeEndpointProfile object |
L2BridgeEndpointProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2BridgeEndpointProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2VPNService (schema)
Wrapper object for L2VPNService
Child wrapper object for L2VPNService, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L2VPNService | L2VPNService Contains the actual L2VPNService object. |
L2VPNService | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2VPNService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2VPNSession (schema)
Wrapper object for L2VPNSession
Child wrapper object for L2VPNSession, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L2VPNSession | L2VPNSession Contains the actual L2VPNSession object. |
L2VPNSession | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2VPNSession | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2Vpn (schema) (Deprecated)
Wrapper object for L2Vpn
Child wrapper object for L2Vpn, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L2Vpn | L2Vpn Contains the actual L2Vpn object. |
L2Vpn | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2Vpn | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2VpnContext (schema) (Deprecated)
Wrapper object for L2VpnContext
Child wrapper object for L2VpnContext, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L2VpnContext | L2VpnContext Contains the actual L2VpnContext object. |
L2VpnContext | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2VpnContext | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL3Vpn (schema) (Deprecated)
Wrapper object for L3Vpn
Child wrapper object for L3Vpn, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L3Vpn | L3Vpn Contains the actual L3Vpn object. |
L3Vpn | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL3Vpn | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL3VpnContext (schema) (Deprecated)
Wrapper object for L3VpnContext
Child wrapper object for L3VpnContext, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L3VpnContext | L3VpnContext Contains the actual L3VpnContext object. |
L3VpnContext | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL3VpnContext | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL7AccessEntry (schema)
Wrapper object for L7 Access Entry
Child wrapper object for L7 Access Entry, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| L7AccessEntry | L7 Access Entry Contains the actual L7 access entry object |
L7AccessEntry | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL7AccessEntry | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL7AccessProfile (schema)
Wrapper object for L7 Access Profile
Child wrapper object for L7 Access Profile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| L7AccessProfile | L7 access profile Contains the actual L7 access profile object |
L7AccessProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL7AccessProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBAppProfile (schema)
Wrapper object for LBAppProfile
Child wrapper for LBAppProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBAppProfile | LBAppProfile Contains the actual LBAppProfile object. |
LBAppProfile (Abstract type: pass one of the following concrete types) LBFastTcpProfile LBFastUdpProfile LBHttpProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBAppProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBClientSslProfile (schema) (Deprecated)
Wrapper object for LBClientSslProfile
Child wrapper for LBClientSslProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBClientSslProfile | LBClientSslProfile Contains the actual LBClientSslProfile object. |
LBClientSslProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBClientSslProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBMonitorProfile (schema) (Deprecated)
Wrapper object for LBMonitorProfile
Child wrapper for LBMonitorProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBMonitorProfile | LBMonitorProfile Contains the actual LBMonitorProfile object. |
LBMonitorProfile (Abstract type: pass one of the following concrete types) LBActiveMonitor LBHttpMonitorProfile LBHttpsMonitorProfile LBIcmpMonitorProfile LBPassiveMonitorProfile LBTcpMonitorProfile LBUdpMonitorProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBMonitorProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBPersistenceProfile (schema)
Wrapper object for LBPersistenceProfile
Child wrapper for LBPersistenceProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBPersistenceProfile | LBPersistenceProfile Contains the actual LBPersistenceProfile object. |
LBPersistenceProfile (Abstract type: pass one of the following concrete types) LBCookiePersistenceProfile LBGenericPersistenceProfile LBSourceIpPersistenceProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBPersistenceProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBPool (schema)
Wrapper object for LBPool
Child wrapper for LBPool, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBPool | LBPool Contains the actual LBPool object. |
LBPool | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBPool | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBServerSslProfile (schema) (Deprecated)
Wrapper object for LBServerSslProfile
Child wrapper for LBServerSslProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBServerSslProfile | LBServerSslProfile Contains the actual LBServerSslProfile object. |
LBServerSslProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBServerSslProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBService (schema)
Wrapper object for LBService
Child wrapper for LBService, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBService | LBService Contains the actual LBService object. |
LBService | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBVirtualServer (schema)
Wrapper object for LBVirtualServer
Child wrapper for LBVirtualServer, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBVirtualServer | LBVirtualServer Contains the actual LBVirtualServer object. |
LBVirtualServer | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBVirtualServer | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLiveTraceConfig (schema)
Wrapper object for LiveTraceConfig
Child wrapper for LiveTraceConfig for Hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| LiveTraceConfig | LiveTraceConfig The actual LiveTraceConfig object. |
LiveTraceConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLiveTraceConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLocaleServices (schema)
Wrapper object for LocaleServices
Child wrapper object for LocaleServices, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| LocaleServices | LocaleServices Contains the actual LocaleServices object |
LocaleServices | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLocaleServices | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildMacDiscoveryProfile (schema)
Wrapper object for MacDiscoveryProfile
Child wrapper object for MacDiscoveryProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| MacDiscoveryProfile | MacDiscoveryProfile Contains the actual MacDiscoveryProfile object |
MacDiscoveryProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildMacDiscoveryProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildMalwarePreventionProfile (schema)
Wrapper object for MalwarePreventionProfile
Child wrapper object for MalwarePreventionProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| MalwarePreventionProfile | MalwarePreventionProfile Contains the MalwarePreventionProfile object |
MalwarePreventionProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildMalwarePreventionProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildMalwarePreventionSignature (schema)
Wrapper object for MalwarePreventionSignature
Child wrapper object for MalwarePreventionSignature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| MalwarePreventionSignature | MalwarePreventionSignature Contains the MalwarePreventionSignature object |
MalwarePreventionSignature | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildMalwarePreventionSignature | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildMetadataProxyConfig (schema)
Wrapper object for MetadataProxyConfig
| Name | Description | Type | Notes |
|---|---|---|---|
| MetadataProxyConfig | MetadataProxyConfig Contains the actual MetadataProxyConfig object. |
MetadataProxyConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildMetadataProxyConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOpsGlobalConfig (schema)
Wrapper object for OpsGlobalConfig
Child wrapper object for OpsGlobalConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalConfig | OpsGlobalConfig Contains the actual OpsGlobalConfig object. |
OpsGlobalConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOpsGlobalConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOspfAreaConfig (schema)
Wrapper object for OSPF routing config
Child wrapper object for OspfAreaConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| OspfAreaConfig | OspfAreaConfig Contains actual OspfAreaConfig. |
OspfAreaConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOspfAreaConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOspfRoutingConfig (schema)
Wrapper object for OSPF routing config
Child wrapper object for OspfRoutingConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| OspfRoutingConfig | OspfRoutingConfig Contains actual OspfRoutingConfig. |
OspfRoutingConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOspfRoutingConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyConfigResource (schema)
Represents the desired state object as child resource
Represents an object on the desired state
This is an abstract type. Concrete child types:
ChildALBAlertScriptConfig
ChildALBAnalyticsProfile
ChildALBApplicationPersistenceProfile
ChildALBApplicationProfile
ChildALBAuthProfile
ChildALBAutoScaleLaunchConfig
ChildALBCertificateManagementProfile
ChildALBDnsPolicy
ChildALBErrorPageBody
ChildALBErrorPageProfile
ChildALBHTTPPolicySet
ChildALBHardwareSecurityModuleGroup
ChildALBHealthMonitor
ChildALBIpAddrGroup
ChildALBL4PolicySet
ChildALBNetworkProfile
ChildALBNetworkSecurityPolicy
ChildALBPKIProfile
ChildALBPool
ChildALBPoolGroup
ChildALBPoolGroupDeploymentPolicy
ChildALBPriorityLabels
ChildALBProtocolParser
ChildALBSSLKeyAndCertificate
ChildALBSSLProfile
ChildALBSSOPolicy
ChildALBSecurityPolicy
ChildALBServerAutoScalePolicy
ChildALBStringGroup
ChildALBTrafficCloneProfile
ChildALBVSDataScriptSet
ChildALBVirtualService
ChildALBVsVip
ChildALBWafCRS
ChildALBWafPolicy
ChildALBWafPolicyPSMGroup
ChildALBWafProfile
ChildALBWebhook
ChildAntreaTraceflowConfig
ChildBfdProfile
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCaBundle
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDhcpStaticBindingConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildEvpnConfig
ChildEvpnTunnelEndpointConfig
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildFqdnAnalysisConfig
ChildGatewayPolicy
ChildGatewayQosProfile
ChildGeneralSecurityProfile
ChildGeneralSecurityProfileBindingMap
ChildGlobalIdsSignature
ChildGlobalManager
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildHostTransportNode
ChildHostTransportNodeCollection
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIdsClusterConfig
ChildIdsGatewayPolicy
ChildIdsGlobalEventConfig
ChildIdsProfile
ChildIdsRule
ChildIdsSecurityPolicy
ChildIdsSettings
ChildIdsSignature
ChildIdsSignatureStatus
ChildIdsStandaloneHostConfig
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildL7AccessEntry
ChildL7AccessProfile
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLiveTraceConfig
ChildLocaleServices
ChildMacDiscoveryProfile
ChildMalwarePreventionProfile
ChildMalwarePreventionSignature
ChildMetadataProxyConfig
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallScheduler
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLatencyStatProfile
ChildPolicyNat
ChildPolicyNatRule
ChildPolicySIExcludeList
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTlsConfigProfile
ChildPolicyTransportZone
ChildPolicyTransportZoneProfile
ChildPolicyUrlCategorizationConfig
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSIStatusConfiguration
ChildSecurityFeatures
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildShaDynamicPlugin
ChildShaPluginProfile
ChildShaPredefinedPlugin
ChildSite
ChildSpoofGuardProfile
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticMimeContent
ChildStaticRouteBfdPeer
ChildStaticRoutes
ChildTagBulkOperation
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier0SecurityFeatures
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsConfigProfileBindingMap
ChildTlsCrl
ChildTlsPolicy
ChildTlsProfile
ChildTlsRule
ChildTlsTrustData
ChildTraceflowConfig
ChildVMTagReplicationPolicy
ChildVirtualEndpoint
ChildVniPoolConfig
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyConfigResource | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyContextProfile (schema)
Wrapper object for PolicyContextProfile
Child wrapper object for PolicyContextProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyContextProfile | PolicyContextProfile Contains the actual PolicyContextProfile objects |
PolicyContextProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyContextProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyCustomAttributes (schema)
Wrapper object for PolicyCustomAttributes
Child wrapper object for PolicyCustomAttributes, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyCustomAttributes | PolicyCustomAttributes Contains the actual PolicyCustomAttributes objects |
PolicyCustomAttributes | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyCustomAttributes | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyDnsForwarder (schema)
Wrapper object for PolicyDnsForwarder
Child wrapper object for PolicyDnsForwarder, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyDnsForwarder | PolicyDnsForwarder Contains the actual PolicyDnsForwarder object |
PolicyDnsForwarder | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyDnsForwarder | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyDnsForwarderZone (schema)
Wrapper object for PolicyDnsForwarderZone
Child wrapper object for PolicyDnsForwarderZone, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyDnsForwarderZone | PolicyDnsForwarderZone Contains the actual PolicyDnsForwarderZone object |
PolicyDnsForwarderZone | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyDnsForwarderZone | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyEdgeCluster (schema)
Wrapper object for PolicyEdgeCluster
Child wrapper object for PolicyEdgeCluster, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyEdgeCluster | PolicyEdgeCluster Contains the actual PolicyEdgeCluster object. |
PolicyEdgeCluster | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyEdgeCluster | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyEdgeNode (schema)
Wrapper object for PolicyEdgeNode
Child wrapper object for PolicyEdgeNode, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyEdgeNode | PolicyEdgeNode Contains the actual PolicyEdgeNode object. |
PolicyEdgeNode | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyEdgeNode | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyExcludeList (schema)
Wrapper object for PolicyExcludeList
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyExcludeList | PolicyExcludeList Contains the actual policy exclude list object. |
PolicyExcludeList | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyExcludeList | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallCPUMemThresholdsProfileBindingMap (schema)
Wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap
Child wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap,
used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallCPUMemThresholdsProfileBindingMap | PolicyFirewallCPUMemThresholdsProfileBindingMap Contains the actual PolicyFirewallCPUMemThresholdsProfileBindingMap object. |
PolicyFirewallCPUMemThresholdsProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallCPUMemThresholdsProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallCpuMemThresholdsProfile (schema)
Wrapper object for PolicyFirewallCpuMemThresholdsProfile
Child wrapper object for PolicyFirewallCpuMemThresholdsProfile, used in
hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallCpuMemThresholdsProfile | PolicyFirewallCpuMemThresholdsProfile Contains the actual PolicyFirewallCpuMemThresholdsProfile object |
PolicyFirewallCpuMemThresholdsProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallCpuMemThresholdsProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallFloodProtectionProfileBindingMap (schema)
Wrapper object for PolicyFirewallFloodProtectionProfileBindingMap
Child wrapper object for PolicyFirewallFloodProtectionProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallFloodProtectionProfileBindingMap | PolicyFirewallFloodProtectionProfileBindingMap Contains the actual PolicyFirewallFloodProtectionProfileBindingMap object |
PolicyFirewallFloodProtectionProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallFloodProtectionProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallScheduler (schema)
Wrapper object for PolicyFirewallScheduler
Child wrapper object for PolicyFirewallScheduler, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallScheduler | PolicyFirewallScheduler Contains the actual PolicyFirewallScheduler objects |
PolicyFirewallScheduler | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallScheduler | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallSessionTimerProfile (schema)
Wrapper object for PolicyFirewallSessionTimerProfile
Child wrapper object for PolicyFirewallSessionTimerProfile,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallSessionTimerProfile | PolicyFirewallSessionTimerProfile Contains the actual PolicyFirewallSessionTimerProfile object |
PolicyFirewallSessionTimerProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallSessionTimerProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallSessionTimerProfileBindingMap (schema)
Wrapper object for PolicyFirewallSessionTimerProfileBindingMap
Child wrapper object for PolicyFirewallSessionTimerProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallSessionTimerProfileBindingMap | PolicyFirewallSessionTimerProfileBindingMap Contains the actual PolicyFirewallSessionTimerProfileBindingMap object |
PolicyFirewallSessionTimerProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallSessionTimerProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyIgmpProfile (schema)
Wrapper object for PolicyIgmpProfile
Child wrapper object for PolicyIgmpProfile used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyIgmpProfile | PolicyIgmpProfile Contains actual PolicyIgmpProfile. |
PolicyIgmpProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyIgmpProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyLabel (schema)
Wrapper object for PolicyLabel
Child wrapper object for PolicyLabel, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyLabel | PolicyLabel Contains the actual PolicyLabel object |
PolicyLabel | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyLabel | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyLatencyStatProfile (schema)
Wrapper object for PolicyLatencyStatProfile
Child wrapper object for PolicyLatencyStatProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyLatencyStatProfile | PolicyLatencyStatProfile Contains the actual PolicyLatencyStatProfile object |
PolicyLatencyStatProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyLatencyStatProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyMulticastConfig (schema)
Wrapper object for PolicyMulticastConfig
Child wrapper object for PolicyMulticastConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyMulticastConfig | PolicyMulticastConfig Contains actual PolicyMulticastConfig. |
PolicyMulticastConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyMulticastConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyNat (schema)
Wrapper object for PolicyNat
Child wrapper object for PolicyNat, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyNat | PolicyNat Contains the actual PolicyNAT object |
PolicyNat | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyNat | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyNatRule (schema)
Wrapper object for PolicyNatRule
Child wrapper object for PolicyNatRule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyNatRule | PolicyNatRule Contains the actual PolicyNatRule object |
PolicyNatRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyNatRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyPimProfile (schema)
Wrapper object for PolicyPimProfile
Child wrapper object for PolicyPimProfile used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyPimProfile | PolicyPimProfile Contains actual PolicyPimProfile. |
PolicyPimProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyPimProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicySIExcludeList (schema)
Wrapper object for PolicySIExcludeList
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicySIExcludeList | PolicySIExcludeList Contains the actual policy exclude list object. |
PolicySIExcludeList | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicySIExcludeList | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyServiceChain (schema)
Wrapper object for PolicyServiceChain
Child wrapper object for PolicyServiceInstance used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyServiceChain | PolicyServiceChain Contains actual PolicyServiceChain. |
PolicyServiceChain | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyServiceChain | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyServiceInstance (schema)
Wrapper object for PolicyServiceInstance
Child wrapper object for PolicyServiceInstance used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyServiceInstance | PolicyServiceInstance Contains actual PolicyServiceInstance. |
PolicyServiceInstance | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyServiceInstance | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyServiceProfile (schema)
Wrapper object for PolicyServiceProfile
Child wrapper object for PolicyServiceProfile used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyServiceProfile | PolicyServiceProfile Contains actual PolicyServiceProfile. |
PolicyServiceProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyServiceProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyTier1MulticastConfig (schema)
Wrapper object for PolicyTier1MulticastConfig
Child wrapper object for PolicyTier1MulticastConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyTier1MulticastConfig | PolicyTier1MulticastConfig Contains actual PolicyTier1MulticastConfig. |
PolicyTier1MulticastConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyTier1MulticastConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyTlsConfigProfile (schema)
Wrapper object for PolicyTlsConfigProfile
Child wrapper object for PolicyTlsConfigProfile,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyTlsConfigProfile | PolicyTlsConfigProfile Contains the actual PolicyTlsConfigProfile object |
PolicyTlsConfigProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyTlsConfigProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyTransportZone (schema)
Wrapper object for PolicyTransportZone
Child wrapper object for PolicyTransportZone, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyTransportZone | PolicyTransportZone Contains the actual PolicyTransportZone object. |
PolicyTransportZone | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyTransportZone | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyTransportZoneProfile (schema)
Wrapper object for PolicyTransportZoneProfile
Child wrapper object for PolicyTransportZoneProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyTransportZoneProfile | PolicyTransportZoneProfile Contains the actual PolicyTransportZoneProfile object. |
PolicyTransportZoneProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyTransportZoneProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyUrlCategorizationConfig (schema)
Wrapper object for PolicyUrlCategorizationConfig
Child wrapper object for PolicyUrlCategorizationConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyUrlCategorizationConfig | URL Categorization Config Contains the actual PolicyUrlCategorizationConfig object |
PolicyUrlCategorizationConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyUrlCategorizationConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortDiscoveryProfileBindingMap (schema)
Wrapper object for PortDiscoveryProfileBindingMap
Child wrapper object for PortDiscoveryProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortDiscoveryProfileBindingMap | PortDiscoveryProfileBindingMap Contains the actual PortDiscoveryProfileBindingMap object |
PortDiscoveryProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortDiscoveryProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortMirroringProfile (schema)
Wrapper object for PortMirroringProfile
Child wrapper object for PortMirroringProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortMirroringProfile | PortMirroringProfile Contains the actual PortMirroringProfile object |
PortMirroringProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortMirroringProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortMonitoringProfileBindingMap (schema)
Wrapper object for PortMonitoringProfileBindingMap
Child wrapper object for PortMonitoringProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortMonitoringProfileBindingMap | PortMonitoringProfileBindingMap Contains the actual PortMonitoringProfileBindingMap object |
PortMonitoringProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortMonitoringProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortQoSProfileBindingMap (schema)
Wrapper object for PortQoSProfileBindingMap
Child wrapper object for PortQoSProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortQoSProfileBindingMap | PortQoSProfileBindingMap Contains the actual PortQoSProfileBindingMap object |
PortQoSProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortQoSProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortSecurityProfileBindingMap (schema)
Wrapper object for PortSecurityProfileBindingMap
Child wrapper object for PortSecurityProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortSecurityProfileBindingMap | PortSecurityProfileBindingMap Contains the actual PortSecurityProfileBindingMap object |
PortSecurityProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortSecurityProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPrefixList (schema)
Wrapper object for PrefixList
Child wrapper object for PrefixList, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PrefixList | PrefixList Contains the actual PrefixList object. |
PrefixList | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPrefixList | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildQoSProfile (schema)
Wrapper object for QoSProfile
Child wrapper object for QoSProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| QoSProfile | QoSProfile Contains the actual QoSProfile object |
QoSProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildQoSProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildReaction (schema)
Wrapper object for Reaction
Child wrapper object for Reaction used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Reaction | Reaction Contains the actual Reaction object. |
Reaction | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildReaction | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildRedirectionPolicy (schema)
Wrapper object for RedirectionPolicy
Child wrapper object for RedirectionPolicy used in Hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| RedirectionPolicy | RedirectionPolicy Contains actual RedirectionPolicy. |
RedirectionPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildRedirectionPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildRedirectionRule (schema)
Wrapper object for RedirectionRule
Child wrapper object for ChildRedirectionRule used in Hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| RedirectionRule | RedirectionRule Contains actual RedirectionRule. |
RedirectionRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildRedirectionRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildResourceReference (schema)
Represents the reference to ChildPolicyConfigResource
Represents a reference to ChildPolicyConfigResource in the hierarchical API. resource_type, id and target_type are mandatory fields.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildResourceReference | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target_type | The target type of this reference | string | Required |
ChildRule (schema)
Wrapper object for Rule
Child wrapper object for Rule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Rule | Rule Contains the actual Rule object |
Rule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSIStatusConfiguration (schema) (Experimental)
Wrapper object for PolicySIStatusConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicySIStatusConfiguration | Contains the actual service insertion status configuration list object.
|
PolicySIStatusConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSIStatusConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSecurityFeatures (schema)
Wrapper object for Security Feature
Child wrapper object for T1 Security Feature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SecurityFeatures | Security configs Contains the actual SecurityFeatures object |
SecurityFeatures | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSecurityFeatures | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSecurityPolicy (schema)
Wrapper object for SecurityPolicy
Child wrapper object for SecurityPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SecurityPolicy | SecurityPolicy Contains the actual SecurityPolicy object |
SecurityPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSecurityPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegment (schema)
Wrapper object for Segment
Child wrapper object for Segment, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Segment | Segment Contains the actual Segment object. |
Segment | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegment | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentDiscoveryProfileBindingMap (schema)
Wrapper object for SegmentDiscoveryProfileBindingMap
Child wrapper object for SegmentDiscoveryProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentDiscoveryProfileBindingMap | SegmentDiscoveryProfileBindingMap Contains the actual SegmentDiscoveryProfileBindingMap object |
SegmentDiscoveryProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentDiscoveryProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentMonitoringProfileBindingMap (schema)
Wrapper object for SegmentMonitoringProfileBindingMap
Child wrapper object for SegmentMonitoringProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentMonitoringProfileBindingMap | SegmentMonitoringProfileBindingMap Contains the actual SegmentMonitoringProfileBindingMap object |
SegmentMonitoringProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentMonitoringProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentPort (schema)
Wrapper object for SegmentPort
Child wrapper object for SegmentPort, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentPort | SegmentPort Contains the actual SegmentPort object |
SegmentPort | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentPort | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentQoSProfileBindingMap (schema)
Wrapper object for SegmentQoSProfileBindingMap
Child wrapper object for SegmentQoSProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentQoSProfileBindingMap | SegmentQoSProfileBindingMap Contains the actual SegmentQoSProfileBindingMap object |
SegmentQoSProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentQoSProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentSecurityProfile (schema)
Wrapper object for SegmentSecurityProfile
Child wrapper object for SegmentSecurityProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentSecurityProfile | SegmentSecurityProfile Contains the actual SegmentSecurityProfile object |
SegmentSecurityProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentSecurityProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentSecurityProfileBindingMap (schema)
Wrapper object for SegmentSecurityProfileBindingMap
Child wrapper object for SegmentSecurityProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentSecurityProfileBindingMap | SegmentSecurityProfileBindingMap Contains the actual SegmentSecurityProfileBindingMap object |
SegmentSecurityProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentSecurityProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildService (schema)
Wrapper object for Service
Child wrapper object for Service, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Service | Service Contains the actual Service object. |
Service | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceEntry (schema)
Wrapper object for ServiceEntry
Child wrapper object for ServiceEntry, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Service | ServiceEntry This is a deprecated property, Please use 'ServiceEntry' instead. |
ServiceEntry (Abstract type: pass one of the following concrete types) ALGTypeServiceEntry EtherTypeServiceEntry ICMPTypeServiceEntry IGMPTypeServiceEntry IPProtocolServiceEntry L4PortSetServiceEntry NestedServiceServiceEntry |
Deprecated |
| ServiceEntry | ServiceEntry Contains the actual ServiceEntry object. |
ServiceEntry (Abstract type: pass one of the following concrete types) ALGTypeServiceEntry EtherTypeServiceEntry ICMPTypeServiceEntry IGMPTypeServiceEntry IPProtocolServiceEntry L4PortSetServiceEntry NestedServiceServiceEntry |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceEntry | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceInstanceEndpoint (schema)
Wrapper object for ServiceInstanceEndpoint
Child wrapper object for ServiceInstanceEndpoint used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ServiceInstanceEndpoint | ServiceInstanceEndpoint Contains actual ServiceInstanceEndpoint. |
ServiceInstanceEndpoint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceInstanceEndpoint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceInterface (schema)
Wrapper object for ServiceInterface
Child wrapper object for ServiceInterface, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ServiceInterface | ServiceInterface Contains the actual ServiceInterface object. |
ServiceInterface | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceInterface | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceReference (schema)
Wrapper object for ServiceReference
Child wrapper object for ServiceReference used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ServiceReference | ServiceReference Contains actual ServiceReference. |
ServiceReference | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceReference | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceSegment (schema)
Wrapper object for SerivceSegment
Child wrapper object for ServiceSegment, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| ServiceSegment | ServiceSegments Contains the actual ServiceSegment objects |
ServiceSegment | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceSegment | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSessionTimerProfileBindingMap (schema)
Wrapper object for SessionTimerProfileBindingMap
Child wrapper object for SessionTimerProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SessionTimerProfileBindingMap | SessionTimerProfileBindingMap Contains the actual SessionTimerProfileBindingMap object |
SessionTimerProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSessionTimerProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildShaDynamicPlugin (schema)
Wrapper object for ShaDynamicPlugin
Child wrapper object for ShaDynamicPlugin, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| ShaPluginProfile | ShaDynamicPlugin Contains the actual ShaDynamicPlugin object |
ShaDynamicPlugin | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildShaDynamicPlugin | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildShaPluginProfile (schema)
Wrapper object for ShaPluginProfile
Child wrapper object for ShaPluginProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| ShaPluginProfile | ShaPluginProfile Contains the actual ShaPluginProfile object |
ShaPluginProfile (Abstract type: pass one of the following concrete types) ShaDynamicPluginProfile ShaPredefinedPluginProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildShaPluginProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildShaPredefinedPlugin (schema)
Wrapper object for ShaDynamicPlugin
Child wrapper object for ShaPredefinedPlugin, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| ShaPluginProfile | ShaPredefinedPlugin Contains the actual ShaPredefinedPlugin object |
ShaPredefinedPlugin | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildShaPredefinedPlugin | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSite (schema)
Wrapper object for Site
Child wrapper object for Site, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Site | Site Contains the actual Site object. |
Site | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSite | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSpoofGuardProfile (schema)
Wrapper object for SpoofGuardProfile
Child wrapper object for SpoofGuardProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SpoofGuardProfile | SpoofGuardProfile Contains the actual SpoofGuardProfile object |
SpoofGuardProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSpoofGuardProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStandaloneHostIdfwConfiguration (schema)
Wrapper object for StandaloneHostIdfwConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| StandaloneHostIdfwConfiguration | StandaloneHostIdfwConfiguration Contains the actual standalone host idfw configuration object. |
StandaloneHostIdfwConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStandaloneHostIdfwConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStaticARPConfig (schema)
Wrapper object for StaticARPConfig
Child wrapper object for StaticARPConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| StaticARPConfig | StaticARPConfig Contains the actual StaticARPConfig object. |
StaticARPConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStaticARPConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStaticMimeContent (schema)
Wrapper object for Child Static MIME content
Child wrapper object for Static MIME content, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsProfile | Static Mime Content Contains the actual Static MIME content object. |
StaticMimeContent | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStaticMimeContent | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStaticRouteBfdPeer (schema)
Wrapper object for StaticRouteBfdPeer
Child wrapper for StaticRouteBfdPeer, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| BfdPeer | Static Route BFD Peer Contains the actual StaticRouteBfdPeer object. |
StaticRouteBfdPeer | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStaticRouteBfdPeer | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStaticRoutes (schema)
Wrapper object for StaticRoutes
Child wrapper object for StaticRoutes, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| StaticRoutes | StaticRoutes Contains the actual StaticRoutes object. |
StaticRoutes | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStaticRoutes | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTagBulkOperation (schema)
Child wrapper object for TagBulkOperation
Child wrapper object for TagBulkOperation, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TagBulkOperation | TagBulkOperation Contains actual TagBulkOperation object. |
TagBulkOperation | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTagBulkOperation | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0 (schema)
Wrapper object for Tier-0
Child wrapper object for Tier-0, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0 | Tier-0 Contains the actual Tier-0 object. |
Tier0 | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0 | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0DeploymentMap (schema)
Wrapper object for Tier0DeploymentMap
Child wrapper object for Tier0DeploymentMap, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0DeploymentMap | Tier0DeploymentMap Contains the actual Tier0DeploymentMap object. |
Tier0DeploymentMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0DeploymentMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0Interface (schema)
Wrapper object for Tier0Interface
Child wrapper object for Tier0Interface, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0Interface | Tier0Interface Contains the actual Tier0Interface object. |
Tier0Interface | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0Interface | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0RouteMap (schema)
Wrapper object for Tier0RouteMap
Child wrapper object for Tier0RouteMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0RouteMap | Tier0RouteMap Contains the actual Tier0RouteMap object |
Tier0RouteMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0RouteMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0SecurityFeatures (schema)
Wrapper object for T0 Security Feature
Child wrapper object for T0 Security Feature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0SecurityFeatures | T0 Security configs Contains the actual TO SecurityFeatures object |
Tier0SecurityFeatures | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0SecurityFeatures | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier1 (schema)
Wrapper object for Tier-1
Child wrapper object for Tier-1 , used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier1 | Tier-1 Contains the actual Tier-1 object. |
Tier1 | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier1 | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier1DeploymentMap (schema)
Wrapper object for Tier1DeploymentMap
Child wrapper object for Tier1DeploymentMap, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier1DeploymentMap | Tier1DeploymentMap Contains the actual Tier1DeploymentMap object. |
Tier1DeploymentMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier1DeploymentMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier1Interface (schema)
Wrapper object for Tier1Interface
Child wrapper object for Tier1Interface, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier1Interface | Tier1Interface Contains the actual Tier1Interface object. |
Tier1Interface | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier1Interface | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsCertificate (schema)
Wrapper object for TlsCertificate
Child wrapper for TlsCertificate, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsCertificate | TlsCertificate Contains the actual TlsCertificate object. |
TlsCertificate | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsCertificate | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsConfigProfileBindingMap (schema)
Wrapper object for TlsConfigProfileBindingMap
Child wrapper object for TlsConfigProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SessionTimerProfileBindingMap | TlsConfigProfileBindingMap Contains the actual TlsConfigProfileBindingMap object |
TlsConfigProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsConfigProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsCrl (schema)
Wrapper object for TlsCrl
Child wrapper for TlsCrl, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsCrl | TlsCrl Contains the actual TlsCrl object. |
TlsCrl | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsCrl | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsPolicy (schema)
Wrapper object for TlsPolicy
Child wrapper object for TLSPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsPolicy | TlsPolicy Contains the actual TLSPolicy object |
TlsPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsProfile (schema)
Wrapper object for Child TLS Profile
Child wrapper object for TLS Profile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsProfile | TLS Profile Contains the actual TLS profile object. |
TlsProfile (Abstract type: pass one of the following concrete types) TlsInspectionExternalProfile TlsInspectionInternalProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsRule (schema)
Wrapper object for Rule
Child wrapper object for Rule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsRule | TLS Rule Contains the actual TLS Rule object |
TlsRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsTrustData (schema)
Wrapper object for TlsTrustData
Child wrapper for TlsTrustData, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsTrustData | TlsTrustData Contains the actual TlsTrustData object. |
TlsTrustData | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsTrustData | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTraceflowConfig (schema)
Wrapper object for TraceflowConfig
Child wrapper for TraceflowConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TraceflowConfig | TraceflowConfig Contains the actual TraceflowConfig object. |
TraceflowConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTraceflowConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTypesRequestParameter (schema)
Filter to populate child types of the policyConfigResource
Specified child resource types will be populated in the response body
| Name | Description | Type | Notes |
|---|---|---|---|
| base_path | Base Path for retrieving hierarchical intent Base path of the resource for which user wants to retrieve the hierarchy. This should be the fully qualified path for the resource. - Sample examples - base_path=/infra/domains/default/groups/Group1 base_path=/infra/domains/default/security-policies/SecurityPolicy1/rules/Rule1 |
string | |
| filter | Filter string as java regex Filter string, can contain multiple or single java regular expressions separated by ';'. By default populates immediate child resources of the resource indicated by the URL. These child resources will be filtered by the type provided in the filter. It is recommended to use type_filter parameter instead of filter parameter. - Sample query string to prevent loading services and deployment zones: filter=Type-^(?!.*?(?:Service|DeploymentZone)).*$ - Sample query string to populate all the Group objects under Infra & Domain: filter=Type-Domain%7CGroup - Sample query string to load every policy object under Infra: filter=Type-.* |
string | |
| type_filter | Filter string to retrieve hierarchy. Advanced filter string in which user can directly specify the resourceTypes to be filtered. Can be used in conjunction with base_path. - Sample example of type_filter to load all groups - type_filter=Group - Sample example of multiple type_filter - type_filter=Group;SercurityPolicy;RedirectionPolicy - Sample eaxmple to load all groups in default domain using base_path in conjunction with type_filter - base_path=/infra/domains/default&type_filter=Group |
string |
ChildVMTagReplicationPolicy (schema)
Wrapper object for VMTagReplicationPolicy
Child wrapper object for VMTagReplicationPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| VMTagReplicationPolicy | VMTagReplicationPolicy Contains the actual VMTagReplicationPolicy object |
VMTagReplicationPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVMTagReplicationPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildVirtualEndpoint (schema)
Wrapper object for VirtualEndpoint
Child wrapper object for VirtualEndpoint used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| VirtualEndpoint | VirtualEndpoint Contains reference to actual VirtualEndpoint. |
VirtualEndpoint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVirtualEndpoint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildVniPoolConfig (schema)
Wrapper object for VniPoolConfig
Child wrapper object for VniPoolConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| VniPoolConfig | VniPoolConfig Contains the actual VniPoolConfig object. |
VniPoolConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVniPoolConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CidrArrayConstraintValue (schema)
Array of CIDR Values to perform operation
List of CIDR values
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Must be set to the value CidrArrayConstraintValue | string | Required Enum: StringArrayConstraintValue, CidrArrayConstraintValue, IntegerArrayConstraintValue |
| values | Array of IP addresses This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64". |
array of IPElement | Required Minimum items: 1 Maximum items: 100 |
CidrBlock (schema)
IPv4 CIDR Block
Stores information about IPv4 CIDR block.
| Name | Description | Type | Notes |
|---|---|---|---|
| CidrBlock | IPv4 CIDR Block Stores information about IPv4 CIDR block. |
string | Format: ipv4-cidr-block |
CipherSuite (schema)
TLS cipher suite
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Enable status for this cipher suite | boolean | Required |
| name | Name of the TLS cipher suite | string | Required |
ClasslessStaticRoute (schema) (Deprecated)
DHCP classless static route option
DHCP classless static route option.
| Name | Description | Type | Notes |
|---|---|---|---|
| network | Destination in CIDR Destination network in CIDR format. |
IPElement | Required |
| next_hop | Router IP address of next hop of the route. |
IPAddress | Required |
ClearPasswordActionParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | string | Enum: clear_password |
ClientAuthType (schema) (Deprecated)
client authentication mode
Client authentication could be REQUIRED or IGNORE.
REQUIRED means that client is required to present its
certificate to the server for authentication. To be accepted, client
certificate must be signed by one of the trusted Certificate
Authorities (CAs), also referred to as root CAs, whose self signed
certificates are specified in the same client SSL profile binding.
IGNORE means that client certificate would be ignored.
| Name | Description | Type | Notes |
|---|---|---|---|
| ClientAuthType | client authentication mode Client authentication could be REQUIRED or IGNORE. REQUIRED means that client is required to present its certificate to the server for authentication. To be accepted, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified in the same client SSL profile binding. IGNORE means that client certificate would be ignored. |
string | Deprecated Enum: REQUIRED, IGNORE |
ClientSslProfileBinding (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_chain_depth | the maximum traversal depth of client certificate chain authentication depth is used to set the verification depth in the client certificates chain. |
integer | Minimum: 1 Maximum: 2147483647 Default: "3" |
| client_auth | client authentication mode | ClientAuthType | Default: "IGNORE" |
| client_auth_ca_ids | CA identifier list to verify client certificate If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified. |
array of string | |
| client_auth_crl_ids | CRL identifier list to verify client certificate A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates. |
array of string | |
| default_certificate_id | default service certificate identifier A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension. |
string | Required |
| sni_certificate_ids | SNI certificate identifier list Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server. |
array of string | |
| ssl_profile_id | client SSL profile identifier Client SSL profile defines reusable, application-independent client side SSL properties. |
string |
ClientTypeCollectionConfiguration (schema)
HPM client data collection configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| client_type | Client Type The client type for which this data collection frequency setting applies |
string | Required Enum: HYPERVISOR, EDGE, CONTROL_PLANE, CONTROL_PLANE_PLATFORM, MANAGEMENT_PLANE, MANAGEMENT_PLANE_PLATFORM |
| data_type_configurations | Data type configurations The set of data collection type configurations, one for each data collection type |
array of DataTypeCollectionConfiguration | Required |
CloudAccount (schema)
Cloud Account
Stores information about a cloud account like cloud type and insatnce
statistics.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| auth_users | Authrized Users List of authorized users. |
array of CloudUserInfo | Readonly |
| cloud_type | Cloud Type | string | Required Enum: AWS, AZURE, GOOGLE, AZURE_GOV_US, AWS_GOV_US_EAST, AWS_GOV_US_WEST |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| instance_stats | Instance statistics Stores statistics of the number of managed, unmanaged and error virtual machines. |
InstanceStats | Readonly |
| last_inventory_sync_date | Last inventory sync date Time when last inventory syncing completed. |
integer | Readonly |
| regions_config | List of regions configuration for the cloud account Configured list of regions to be used for the cloud account. |
RegionListConfig | |
| resource_type | Must be set to the value CloudAccount | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tenant_id | Tenant ID Tenant ID of the cloud account. |
string | Readonly |
CloudAccountStatus (schema)
Cloud Account status
Stores the status of cloud account like credentials validity status and
inventory synchronization status.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| credentials_status | Credentials Status Status of the cloud account credentials synced at the auto interval. |
string | Readonly Enum: VALID, INVALID |
| inventory_sync_status | Inventory Synchronization Status Status of inventory synchronization process. |
string | Readonly Enum: SYNCED, IN_PROGRESS |
CloudErrorDetails (schema)
Cloud Error Details
Stores information about error.
| Name | Description | Type | Notes |
|---|---|---|---|
| error_id | Error ID ID of the error. |
integer | Readonly |
| error_message | Error Message Detailed message about the error. |
string | Readonly |
CloudGatewayPrivateIpAddress (schema)
Private IP address of the gateway
| Name | Description | Type | Notes |
|---|---|---|---|
| gateway_ha_index | Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. | integer | Readonly Minimum: 0 |
| private_ip | Secondary Private IP The secondary Private IP allocated on the gateway's uplink interface. |
string | Readonly Format: ipv4 |
CloudIpAllocationConfig (schema)
Cloud IP Allocation Configuration
Configuration parameters to create IP allocations that will be used for
containers. These containers will be deployed in an Aws Vpc or Azure Vnet.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cloud_account_id | Cloud Account ID ID of the Cloud Account in which the IPs are allocated. |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip_allocation_mode | IP Allocation Mode PUBLIC_IP: Allocate new public IP. LINK_LOCAL_IP: Allocate new link local IP. |
string | Enum: PUBLIC_IP, LINK_LOCAL_IP Default: "PUBLIC_IP" |
| ip_allocation_type | IP allocation type Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT. |
string | Enum: PAS, NAT Default: "PAS" |
| number_of_allocations | Number of IP allocations required. | integer | Required |
| resource_type | Must be set to the value CloudIpAllocationConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CloudIpAllocationMapping (schema)
Cloud IP Allocation Mapping
Information about Cloud IP mapping and allocation state.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| allocated_ip | Public/link local IP | string | Readonly Format: ipv4 |
| gateway_private_ips | Secondary Private IP Addresses List of secondary Private IPs allocated on the gateway's uplink interface. |
array of CloudGatewayPrivateIpAddress | Readonly |
CloudIpAllocationMappings (schema)
Cloud IP Allocation Mappings
Information about Cloud IP mappings.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cloud_account_id | Cloud Account ID ID of the Cloud Account in which the IPs are allocated. |
string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| error_code | Error code for IP allocation failure | integer | Readonly |
| error_message | Error message for IP allocation failure | string | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| ip_allocation_type | IP allocation type Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT. |
string | Readonly Enum: PAS, NAT Default: "PAS" |
| ip_mappings | IP mappings for a foundation. | array of CloudIpAllocationMapping | Readonly |
| ip_operation_status | IP Allocation State Indicates the state of the IP allocation or de-allocation. ALLOCATION_IN_PROGRESS: IP allocation is in progress. DELETION_IN_PROGRESS: IP de-allocation or deletion is in progress. SUCCESSFUL: IP allocation is successful. Successful de-allocation can be confirmed if the status API for this mapping returns a 404 error. FAILED: IP allocation or de-allocation failed. |
string | Readonly Enum: ALLOCATION_IN_PROGRESS, DELETION_IN_PROGRESS, SUCCESSFUL, FAILED |
| resource_type | Must be set to the value CloudIpAllocationMappings | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CloudNativeDeploymentAction (schema)
Action
Action to be perform on deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Deployment action Action can be deploy or undeploy. DEPLOY - Deploy NSX Application Platform charts. UNDEPLOY - Undeploy NSX Application Platform charts. REDEPLOY - Redeploy NSX Application Platform charts. UPDATE_FORMFACTOR - Upgrade NSX Application Platform charts. REDEPLOY_UPDATE_FORMFACTOR - Retry update NSX Application Platform charts. FORCE_UNDEPLOY - Undeploy forcefully. RESTART - Restart deployment. RESET - Reset deployment. |
string | Required Enum: DEPLOY, UNDEPLOY, REDEPLOY, UPDATE_FORMFACTOR, REDEPLOY_UPDATE_FORMFACTOR, FORCE_UNDEPLOY, RESTART, RESET |
CloudNativeDeploymentConfig (schema)
Common configuration for NSX Application Platform deployments
Configuration for NSX Application Platform deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cluster_id | Kubernetes cluster id Unique id to identify kubernetes guest cluster. |
string | |
| deployment_action | Deployment action Deployment action. |
CloudNativeDeploymentAction | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| kubeconf_info | Kubeconfig info Information about kubeconfig file. |
KubeconfigInfo | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value CloudNativeDeploymentConfig | string | |
| storage_class | Kubernetes storage class Kubernetes storage class |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| version | Deployment version in use Deployment version in use. |
string |
CloudNativeServiceInstance (schema)
Stores the information about cloud native service instance.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External id of cloud native service instance in the system. Id of service instance fetched from public cloud. |
string | Required Readonly |
| resource_type | Must be set to the value CloudNativeServiceInstance | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| service_type | Type of cloud native service; possible values are ELB, RDS Type of cloud native service. |
string | Required Readonly |
| source | Reference of the public cloud gateway Reference of the public cloud gateway that reported the service instance. |
ResourceReference | Required Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CloudNativeServiceInstanceListRequestParameters (schema)
Request parameters to get list of cloud native service instances.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| display_name | Display Name of the cloud native service instance Name of cloud native service instance. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| service_type | Type of cloud native service; possible values are ELB, RDS Type of cloud native service. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| source | NSX node id of the public cloud gateway that reported the service instance NSX node id of the public cloud gateway that reported the service instance. |
string |
CloudNativeServiceInstanceListResult (schema)
Stores a list of cloud native service instances and information about them.
NSX supported service instances are currently limited to
Relational Database Service (RDS),Elastic Load Balancing (ELB).
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CloudNativeServiceInstance list results List of cloud native service instances |
array of CloudNativeServiceInstance | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CloudSecurityGroup (schema)
Cloud Security Group
Stores information about a cloud security group.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cloud_tags | Cloud Tags Array of tags associated to a cloud security group. |
array of CloudTag | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| instances_count | Count Of Instances Number of instances associated to cloud security group. |
integer | Readonly |
| is_managed_by_nsx | Is Managed By NSX If the flag is true, the cloud security group is managed by NSX. |
boolean | Readonly |
| region_id | Region ID ID of the cloud region. |
string | Readonly |
| resource_type | Must be set to the value CloudSecurityGroup | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| security_group_id | Security Group ID ID of the cloud security group. |
string | Readonly |
| security_group_name | Security Group Name Name of the cloud security group. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CloudSecurityGroupRule (schema)
Cloud Security Group Rule
Stores information about a cloud security group rule.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination | Destination Destination corresponding to the cloud security group rule. |
string | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| port_range | Port Range Port range corresponding to the cloud security group rule. |
string | Readonly |
| protocol | Protocol Protocol corresponding to the cloud security group rule. |
string | Readonly |
| resource_type | Must be set to the value CloudSecurityGroupRule | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| source | Source Source corresponding to the cloud security group rule. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CloudServiceEndpoint (schema)
Cloud Service Endpoint
Stores information about any service endpoint which is provided in the
cloud. Example services include the cloud provided equivalent service for
Storage, Database or Load Balancer.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| nsx_security_groups | NSX security groups array Stores an array of NSX security groups associated to this cloud service endpoint. |
array of SecurityGroup | Readonly |
| resource_type | Must be set to the value CloudServiceEndpoint | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| service_endpoint_id | Service Endpoint ID Cloud provided ID of the service endpoint. |
string | Readonly |
| service_endpoint_type | Service Endpoint Type Cloud provided type of the service endpoint. |
string | Readonly |
| service_name | Service Name Name of the cloud service the endpoint is associated with. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CloudTag (schema)
Cloud Tag
Stores the key-value pair of cloud tag.
| Name | Description | Type | Notes |
|---|---|---|---|
| key | Tag Key Key of the cloud tag. |
string | Readonly |
| value | Tag Value Value of the cloud tag. |
string | Readonly |
CloudTypeConfig (schema)
Cloud types information
These parameters will be used to display the list of clouds and
whether they are enabled (desired) / disabled (undesired) by the user.
| Name | Description | Type | Notes |
|---|---|---|---|
| cloud_type | Cloud Type Name of the cloud vendor. |
string | Readonly Enum: AWS, AZURE, AWS_GOV_US_EAST, AWS_GOV_US_WEST, AZURE_GOV_US |
| enabled | Flag to enable specific cloud-type to be managed by CSM A particular cloud type is configured by the user to be enabled or not in the list of desired cloud types. |
boolean | Required |
CloudTypeConfigList (schema)
Cloud types list
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cloud_types | Cloud types list | array of CloudTypeConfig | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CloudTypeInfo (schema)
Cloud Type information
| Name | Description | Type | Notes |
|---|---|---|---|
| cloud_type | Cloud Type Name of the cloud vendor. |
string | Readonly Enum: AWS, AZURE, AWS_GOV_US_EAST, AWS_GOV_US_WEST, AZURE_GOV_US |
CloudUserInfo (schema)
User information
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Display name of the user | string | Readonly |
| id | ID of the user | string | Readonly |
CloudVirtualMachine (schema)
Cloud Virtual Machine Information
Stores information about a Virtual Machine
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| agent_status | Agent Status UP - NSX Agent is up and running DOWN - NSX Agent is down NO_AGENT - No NSX Agent installed on instance UNKNOWN - NSX Agent status is unknown NEEDS_UPDATE - NSX Agent running on instance needs to be updated |
string | Readonly Enum: UP, DOWN, NO_AGENT, UNKNOWN, NEEDS_UPDATE |
| agent_version | Agent version details | string | Readonly |
| associated_account_ids | Associated Cloud Account IDs Array of associated cloud account IDs. |
array of string | |
| cloud_instance_type | Cloud Instance Type This field represents various type of service instances in cloud. VIRTUAL_MACHINE: Virtual machine deployed in public cloud. AWS_RDS_INSTANCE: Amazon Relational Database Service Instance. AWS_RDS_CLUSTER: Amazon Relational Database Service Cluster. AWS_APPLICATION_ELB_INSTANCE: Amazon Application Elastic LoadBalancer. AWS_CLASSIC_ELB_INSTANCE: Amazon Classic Elastic LoadBalancer. HORIZON_MANAGEMENT: Virtual Machines that are deployed on Microsoft Azure using Horizon Cloud Services(HCS) that are used for managing other instances in the network. This includes, Management VMs, Unified Access Gateway (UAG) VMs, Base VMs. HORIZON_VDI: Virtual Desktop Image (VDI) deployed on Microsoft Azure using Horizon Cloud Services(HCS). |
string | Readonly Enum: VIRTUAL_MACHINE, AWS_RDS_INSTANCE, AWS_RDS_CLUSTER, AWS_APPLICATION_ELB_INSTANCE, AWS_CLASSIC_ELB_INSTANCE, HORIZON_MANAGEMENT, HORIZON_VDI |
| cloud_tags | Cloud tags for the instance | array of CloudTag | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| error_messages | List of error messages List of error messages identified. Returns only error messages identified in the last 1 hour. |
array of ComputeInstanceErrorMessage | Readonly |
| gateway_ha_index | Gateway HA Index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. |
integer | |
| gateway_status | Gateway Status | string | Readonly Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING, COPYING_IMAGE |
| id | Unique identifier of this resource | string | Sortable |
| is_gateway | Flag to identify if this instance is a gateway node | boolean | Readonly |
| is_gateway_active | Flag to identify if this instance is an active gateway node | boolean | Readonly |
| logical_switch_display_name | Logical Switch display name | string | Readonly |
| logical_switch_id | Logical Switch ID | string | Readonly |
| managed_by_nsx | Indicate if instance is managed by NSX or not | boolean | Required Readonly |
| nsx_failed_rules_count | NSX failed rules count Number of NSX firewall rules failed to realize on cloud for the instance. |
integer | Readonly |
| nsx_ip | IP address provided by NSX | string | Readonly |
| nsx_security_group_mapping | NSX Security Group Mapping Map of cloud security groups associated to the instance and corresponding NSX security groups. |
array of SecurityGroupDetails | Readonly |
| nsx_security_rule_errors | NSX Security Rule Errors DEPRECATED. Array of NSX security rule realization errors. To get this information call /csm/virtual-machines/ |
array of NsxSecurityRuleErrorDetails | Deprecated Readonly |
| nsx_security_rule_errors_count | NSX Security Rule Errors Count DEPRECATED. Count of the NSX security rule realization errors. To get this information call /csm/virtual-machines/ |
integer | Deprecated Readonly |
| nsx_successful_rules_count | NSX successful rules count Number of NSX firewall rules successfully configured for this instance. |
integer | Readonly |
| os_details | Operating system details | string | Readonly |
| os_type | Operating system of the instance | string | Readonly |
| private_ip | Private IP address of the instance | string | Readonly |
| public_ip | Public IP address of the instance | string | Readonly |
| quarantine_state | Quarantine State Indicates the quarantine state of the instance. QUARANTINED - This state implies instance is moved to quarantine security group because some threat has been detected. NOT_QUARANTINED - This state implies no quarantine action has been taken. UNKNOWN - This state implies either quarantine policy is disabled or quarantine information is not available. OVERRIDDEN - This state implies instance is associated with vm_override_sg which overrides any action based on threat detection. WHITELISTED - This state implies that quarantine operation will not be performed on the instance [DEPRECATED - replaced with USERMANAGED]. USERMANAGED - This state implies that quarantine operation will not be performed on the instance. NOT_APPLICABLE - This state will be populated for agentless instance, Horizon Management instance. |
string | Readonly Enum: QUARANTINED, NOT_QUARANTINED, UNKNOWN, OVERRIDDEN, WHITELISTED, USERMANAGED, NOT_APPLICABLE |
| resource_type | Must be set to the value CloudVirtualMachine | string | Required Enum: AwsVirtualMachine, AzureVirtualMachine |
| segment_display_name | Segment display name Segment display name on which this instance resides. |
string | Readonly |
| segment_id | Segment ID Segment ID on which this instance resides. |
string | Readonly |
| status | Instance status POWERED_ON - Powered on instance POWERED_OFF - Powered off instance MANAGED_GATEWAY - Instances that are public cloud gateways MANAGED - Instances that are managed by NSX UNMANAGED - Instances that are not managed by NSX or untagged ERRORED - Instances with no NSX Agent connectivity, NSX Agent is down, No NSX Policy configured for Agentless VMs or Error on NSX Policy rule realization. QUARANTINED - Instances which have been quarantined WHITELISTED - Instances which have been whitelisted [DEPRECATED - replaced with USERMANAGED] USERMANAGED - Instances which have been marked as usermanaged. |
string | Readonly Enum: POWERED_ON, POWERED_OFF, UNMANAGED, MANAGED_GATEWAY, MANAGED, ERRORED, QUARANTINED, WHITELISTED, USERMANAGED |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| threat_state | Threat State Indicates the threat state of the instance. NORMAL - This state implies no threat has been detected and instance is functioning as expected. THREAT - This state implies quarantine enabling threat has been detected. INVALID - This state implies either instance is unmanaged or threat related information is not available. NOT_APPLICABLE - This state will be populated for agentless instance. |
string | Readonly Enum: NORMAL, THREAT, INVALID, NOT_APPLICABLE |
| vm_config_status | Status for user configurable properties | VmConfigStatus | Readonly |
| vm_extension_execution_status | VM extension script execution status UNKNOWN - This is the default state. Indicates no information available regarding extension execution. This can potentially occur for a VM when agent is installed out of band or if cloud_agent_automated_install_enabled flag is enabled for the VNET/VPC which already has managed VMs. SUCCESSFUL - Indicates VM extension script execution was successful. This does not necessarily mean agent installation was successful. FAILED - Indicates VM extension script execution failed. |
string | Readonly |
CloudVirtualMachinesListRequestParameters (schema)
Cloud Virtual Machines List Request Parameters
A set of optional filter parameters to list cloud virtual machines
| Name | Description | Type | Notes |
|---|---|---|---|
| account_id | Account ID Optional identifier for account based on which virtual machines are to be filtered |
string | |
| agent_status | Agent Status UP - NSX Agent is up and running DOWN - NSX Agent is down NO_AGENT - No NSX Agent installed on instance UNKNOWN - NSX Agent status is unknown UPDATE_AVAILABLE - NSX Tools can be upgraded to a newer version that's available NEEDS_UPDATE - NSX Tools running on the instance needs to be updated for proper functioning |
string | Readonly Enum: UP, DOWN, NO_AGENT, UNKNOWN, UPDATE_AVAILABLE, NEEDS_UPDATE |
| cloud_security_group_id | Security Group ID Optional identifier to limit results of VMs associated with the provided cloud security group. For AWS, provide the group id. For Azure, provide the resourceGuid of the Azure security group. |
string | Readonly |
| cloud_type | Cloud Type Optional identifier for cloud provider based on which Virtual Machines are to be filtered |
string | Enum: AWS, AZURE |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| instance_id | Instance ID Optional identifier for virtual machine based on which the list can be filtered |
string | |
| is_gateway | Is the VM a gateway node? Optional identifier based on which only gateway Virtual Machines can be filtered |
boolean | |
| logical_switch_id | Logical Switch ID Optional identifier for logical switch based on which Aws Virtual Machines are to be filtered |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| public_ip | Public IP address of the virtual machine Optional identifier for public IP based on which Virtual Machines are to be filtered |
string | |
| quarantine_state | Quarantine State Identifier for quarantine state based on which Virtual Machines are to be filtered. QUARANTINED - This state implies instance is moved to quarantine security group because some threat has been detected. NOT_QUARANTINED - This state implies no quarantine action has been taken. UNKNOWN - This state implies either quarantine policy is disabled or quarantine information is not available. OVERRIDDEN - This state implies instance is associated with vm_override_sg which overrides any action based on threat detection. |
string | Readonly Enum: QUARANTINED, NOT_QUARANTINED, UNKNOWN, OVERRIDDEN |
| region_id | Region ID Optional identifier for AWS or Azure region based on which Virtual Machines are to be filtered |
string | |
| resource_type | Resource Type Optional identifier for listing virtual machines of a particular cloud provider. Possible values are in the form of VirtualMachine prefixed by cloud name. For example, AwsVirtualMachine or AzureVirtualMachine. |
string | Enum: AwsVirtualMachine, AzureVirtualMachine |
| segment_id | Segment ID Optional identifier for segment based on which Virtual Machines are to be filtered. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| status_filter | Filter by Virtual machine status POWERED_OFF - Powered off instances. MANAGED - Instances that are managed by NSX or tagged. UNMANAGED - Instances that are not managed by NSX or untagged. ERRORED - Instances with no NSX Tools connectivity, NSX Tools is down, No NSX Policy configured for Native cloud security enforced instances or Error on NSX Policy rule realization. WHITELISTED - Instances which have been marked allowed by NSX [DEPRECATED - replaced with USERMANAGED]. USERMANAGED - Instances which have been marked allowed by NSX. QUARANTINED - Instances that have been quarantined because some threat has been detected. NEEDS_UPDATE - NSX Tools running on instance is out of date and needs to be updated. HORIZON_VDI - Instances on Microsoft Azure that are part of the Horizon Cloud Services (HCS). |
string | Readonly Enum: POWERED_OFF, MANAGED, UNMANAGED, ERRORED, WHITELISTED, USERMANAGED, QUARANTINED, NEEDS_UPDATE, HORIZON_VDI |
| vnet_id | Azure virtual network ID Optional identifier for Azure virtual network based on which Azure Virtual Machines are to be filtered. It consists of resourceGuid of Azure Vnet. |
string | |
| vpc_id | AWS VPC ID Optional identifier for AWS VPC based on which Virtual Machines are to be filtered |
string |
CloudVirtualMachinesListResult (schema)
Cloud Virtual Machines List Result
Stores a list of cloud virtual machines
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of cloud virtual machines |
array of CloudVirtualMachine (Abstract type: pass one of the following concrete types) AwsVirtualMachine AzureVirtualMachine CloudVirtualMachine |
|
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterBackupInfo (schema)
Cluster backup details
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_address | IP address or FQDN of the node from which the backup was taken | string | Required Readonly Format: hostname-or-ip |
| node_id | ID of the node from which the backup was taken | string | Required Readonly |
| restore_type | Type of restore allowed | array of string | Readonly Enum: REGULAR_RESTORE, POLICY_ONLY_RESTORE Default: "[]" |
| timestamp | timestamp of the cluster backup file | EpochMsTimestamp | Required Readonly |
ClusterBackupInfoListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of timestamps of backed-up cluster files | array of ClusterBackupInfo | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterCertificateId (schema)
Cluster Certificate ID
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_id | Certificate ID | string | Required |
ClusterConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cluster_id | Unique identifier of this cluster | string | Required Readonly |
| control_cluster_changes_allowed | True if control cluster nodes may be added or removed | boolean | |
| mgmt_cluster_changes_allowed | True if management cluster nodes may be added or removed | boolean | |
| nodes | Configuration of each node in cluster | array of ClusterNodeInfo |
ClusterConfiguration (schema)
Cluster configuration
The configuration of the NSX cluster. The cluster configuration consists of a list of cluster node attributes.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | UUID of the cluster | string | Readonly |
| config_version | Cluster configuration version | integer | Readonly |
| nodes | Nodes in the cluster configuration | array of ClusterNode | Readonly |
ClusterControlPlane (schema)
Cluster Control Plane
Cluster control plane is a hierarchical extension of the NSX-T control plane.
It allows NSX to manage multiple clusters. There is an instance of cluster
control plane in each managed cluster. The cluster control plane is responsible
for the traffic management, span calculation and it can work on its own.
NSX-T central control plane distributes high-level network configurations
like security policies and groups to cluster control planes, and each
cluster control plane computes and realizes the configurations on the managed
cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| certificate | certificate for this cluster control plane This property should be afford in create process. |
string | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildAntreaClusterInfo ChildAntreaHeartbeatConfig |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| node_id | Unique Id of the cluster control plane This property is used to identify the cluster control plane in NSX-T. This id should assigned by NSX-T in create process. |
string | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ClusterControlPlane | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| vhc_path | vhc path for this cluster control plane This property should be afford in create process for VHC module requirement. |
string |
ClusterControlPlaneDeleteRequestParameters (schema)
Cluster Control Plane Delete Request Parameters
Cluster Control Plane delete request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cascade | Flag to indicate if force delete cluster references from the firewall security policies. | boolean | Default: "False" |
ClusterControlPlaneListRequestParameters (schema)
Cluster Control Plane List Request Parameters
Cluster Control Plane list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ClusterControlPlaneListResult (schema)
Cluster Control Plane queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Cluster Control Plane Results This property include all cluster control Plane in NSX-T. |
array of ClusterControlPlane | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterGroupMemberStatus (schema)
Status of a group member
This type contains the attributes and status of a group member.
| Name | Description | Type | Notes |
|---|---|---|---|
| member_fqdn | FQDN of the group member | string | Readonly Format: hostname |
| member_ip | IP of the group member | string | Readonly Format: ip |
| member_status | Status of the group member | string | Readonly Enum: UP, DOWN, UNKNOWN |
| member_uuid | UUID of the group member | string | Readonly |
ClusterGroupServiceLeader (schema)
Leader for a service of the group
Each cluster node entity provides multiple services. When working in a group, each service can elect a cluster node entity to be the leader of the service. Leader election helps in coordination of the service. The leader holds a renewable lease on the leadership for a fixed period of time. The lease version is incremented every time the leadership lease is renewed. This type contains the attributes of a leader.
| Name | Description | Type | Notes |
|---|---|---|---|
| leader_uuid | Member UUID of the leader | string | Readonly |
| lease_version | Number of times the lease has been renewed | integer | Readonly |
| service_name | Name of the service | string | Readonly |
ClusterGroupStatus (schema)
Status of a group
This type contains the attributes and status of a group.
| Name | Description | Type | Notes |
|---|---|---|---|
| group_id | UUID of the group | string | Readonly |
| group_status | Group status | string | Readonly Enum: STABLE, DEGRADED, UNSTABLE, UNAVAILABLE |
| group_type | Type of the group | string | Readonly Enum: MANAGER, CONTROLLER, POLICY, HTTPS, DATASTORE, CLUSTER_BOOT_MANAGER, GLOBAL_MANAGER, ASYNC_REPLICATOR, MONITORING, IDPS_REPORTING, CORFU_NONCONFIG, CM-INVENTORY, MESSAGING-MANAGER |
| leaders | Array of group leaders and their attributes | array of ClusterGroupServiceLeader | Readonly |
| members | Array of group members and their statuses | array of ClusterGroupMemberStatus | Readonly |
ClusterInitializationNodeInfo (schema)
The type provides the information of a non-running cluster node required for the initialization of a management cluster. The administrator needs to start this node for management cluster to initialize properly (or decommission it explicitly).
| Name | Description | Type | Notes |
|---|---|---|---|
| disk_store_id | The (internal) disk-store ID of the member | string | Readonly |
| host_address | The IP address (or domain name) of the cluster node | string | Readonly |
ClusterMemberDetails (schema)
Group member details
Details of the member belonging to a Group
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | The Antrea cluster id of the pod | string | Required Readonly |
| cluster_name | The Antrea cluster name of the pod | string | Required Readonly |
| namespaces | array of NamespaceMemberDetails | Required |
ClusterNode (schema)
Cluster Node Properties
This type contains attributes of a cluster node that are relevant to the Cluster Boot Manager.
| Name | Description | Type | Notes |
|---|---|---|---|
| entities | Entities on the node | array of ClusterNodeEntity | Required |
| node_uuid | UUID of the node | string | Required |
| status | Current clustering status of the node | string | Enum: JOINING, JOINED, REMOVING, REMOVED Default: "REMOVED" |
ClusterNodeConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| appliance_mgmt_listen_addr | The IP and port for the appliance management API service on this node | string | Readonly |
| controller_role | ControllerClusterRoleConfig | ||
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | Internal identifier provided by the node | string | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| manager_role | ManagementClusterRoleConfig | ||
| resource_type | Must be set to the value ClusterNodeConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ClusterNodeConfigListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Cluster node configuration results | array of ClusterNodeConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterNodeEntity (schema)
Cluster Node Entity Properties
NSX Cluster is made up of multiple cluster nodes. Each node can perform multiple functions, commonly referred to as roles. Cluster node entities are processes running in a cluster node that assist in the performance of a role. Cluster Boot Manager is a daemon that securely bootstraps and configures the entities. This type contains attributes of a cluster node entity that are relevant to the Cluster Boot Manager.
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate | Public certificate of the entity in PEM format | string | Required |
| entity_type | Type of the entity | string | Required Enum: MANAGER, CONTROLLER, POLICY, HTTPS, CLUSTER_BOOT_MANAGER, DATASTORE, GLOBAL_MANAGER, ASYNC_REPLICATOR, MONITORING, IDPS_REPORTING, CORFU_NONCONFIG, UPGRADE_COORDINATOR, CM-INVENTORY, MESSAGING-MANAGER |
| entity_uuid | UUID of the entity | string | Required |
| fqdn | Domain name the entity binds to | string | Format: hostname |
| ip_address | IP address the entity binds to | string | |
| port | Port the entity binds to | integer | Minimum: 0 Maximum: 65535 |
| subnet_prefix_length | Subnet mask prefix length of the entity binds to | integer | Minimum: 0 Maximum: 32 |
ClusterNodeInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| api_listen_addr | The IP and port for the public API service on this node | ServiceEndpoint | Readonly |
| appliance_connection_info | The IP, port and certificate for connecting to appliance. | ServiceEndpoint | Readonly |
| certificates | Certificate and thumbprint of all entities | array of NodeCertificateInfo | |
| control_plane_listen_addr | The IP and port for the control plane service on this node | ServiceEndpoint | Readonly |
| display_name | The display name of this node | string | |
| entities | Service endpoint of all entities | array of NodeEntityInfo | |
| fqdn | The fqdn of this node | string | |
| msg_clients | Messaging client of all entities | array of NodeMessagingClientInfo | |
| node_uuid | Unique identifier of this node | string | Required Readonly |
| status | Node clustering status | string | Required Readonly Enum: JOINING, JOINED, REMOVING, REMOVED |
ClusterNodeRole (schema)
Cluster node role
Enumerates the roles that can be specified in VM auto-deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| ClusterNodeRole | Cluster node role Enumerates the roles that can be specified in VM auto-deployment. |
string | Enum: CONTROLLER, MANAGER |
ClusterNodeStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| control_cluster_status | Clustering status for control plane functions on this node | ControlClusterNodeStatus | Readonly |
| mgmt_cluster_status | Clustering status for management plane functions on this node | ManagementClusterNodeStatus | Readonly |
| system_status | Node status properties | NodeStatusProperties | Readonly |
| version | Software version running on node | string | Readonly |
ClusterNodeVMDeletionParameters (schema)
Parameters for DeleteAutoDeployedClusterNodeVM
Parameters for deletion of a cluster node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| force_delete | Delete by force If true, the VM will be undeployed even if it cannot be removed from its cluster. |
boolean |
ClusterNodeVMDeploymentConfig (schema)
Configuration for deploying cluster node VM
Contains info used to configure the VM on deployment
| Name | Description | Type | Notes |
|---|---|---|---|
| placement_type | Type of deployment Specifies the config for the platform through which to deploy the VM |
string | Required Enum: VsphereClusterNodeVMDeploymentConfig |
ClusterNodeVMDeploymentProgressState (schema)
Deployment progress of node VM
Deployment progress state of node VM. This Object contains name of current deployment step and overall progress percentage.
| Name | Description | Type | Notes |
|---|---|---|---|
| current_step_title | Name of the current step Name of the current running step of deployment |
string | Readonly |
| progress | Progress percentage Overall progress percentage of deployment completed |
integer | Readonly |
ClusterNodeVMDeploymentRequest (schema)
Info for an auto-deployment request
Contains the deployment information for a cluster node VM soon to be
deployed or already deployed by the Manager
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_config | Deployment config for cluster node VM Info needed to configure a cluster node VM at deployment for a specific platform. May require different parameters depending on the method used to deploy the VM. |
ClusterNodeVMDeploymentConfig (Abstract type: pass one of the following concrete types) ClusterNodeVMDeploymentConfig VsphereClusterNodeVMDeploymentConfig |
Required |
| form_factor | Form factor for cluster node VMs Specifies the desired "size" of the VM |
ClusterNodeVMFormFactor | Default: "MEDIUM" |
| roles | Cluster node roles of the VM List of cluster node role (or roles) which the VM should take on. They specify what type (or types) of cluster node which the new VM should act as. Currently both CONTROLLER and MANAGER must be provided, since this permutation is the only one supported now. |
array of ClusterNodeRole | Required |
| user_settings | User settings for the VM Username and password settings for the cluster node VM. Passwords must be at least 12 characters in length and contain at least one lowercase, one uppercase, one numerical, and one special character. Note: These settings will be honored only during VM deployment. Post-deployment, CLI must be used for changing the user settings and changes to these parameters will not have any effect. |
NodeUserSettings | Required |
| vm_id | ID of VM used to recognize it ID of the VM maintained internally and used to recognize it. Note: This is automatically generated and cannot be modified. |
string | Readonly |
ClusterNodeVMDeploymentRequestList (schema)
ClusterNodeVMDeploymentRequest list
List of ClusterNodeVMDeploymentRequests
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of existing ClusterNodeVMDeploymentRequests |
array of ClusterNodeVMDeploymentRequest | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterNodeVMDeploymentStatusReport (schema)
Report of a VM's deployment status
Contains up-to-date information relating to an auto-deployed VM, including
its status and (potentially) an error message.
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_progress_state | Deployment progress state of node VM Detailed progress state of node VM deployment realization |
VMDeploymentProgressState | Readonly |
| failure_code | Error code for failure In case of auto-deployment-related failure, the code for the error will be stored here. |
integer | |
| failure_message | Error message for failure In case of auto-deployment-related failure, an error message will be stored here. |
string | |
| status | Auto-deployed VM's deployment status Status of the addition or deletion of an auto-deployed cluster node VM. |
string | Required Enum: UNKNOWN_STATE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, WAITING_TO_REGISTER_VM, VM_REGISTRATION_FAILED, VM_WAITING_TO_CLUSTER, VM_WAITING_TO_COME_ONLINE, VM_ONLINE_FAILED, VM_CLUSTERING_IN_PROGRESS, VM_CLUSTERING_FAILED, VM_CLUSTERING_SUCCESSFUL, WAITING_TO_UNDEPLOY_VM, VM_DECLUSTER_IN_PROGRESS, VM_DECLUSTER_FAILED, VM_DECLUSTER_SUCCESSFUL, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL |
ClusterNodeVMFormFactor (schema)
Supported VM form factor for cluster nodes
Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| ClusterNodeVMFormFactor | Supported VM form factor for cluster nodes Specifies the desired "size" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM. |
string | Enum: SMALL, MEDIUM, LARGE |
ClusterProfile (schema)
This is an abstract type. Concrete child types:
BridgeHighAvailabilityClusterProfile
EdgeHighAvailabilityProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ClusterProfile | ClusterProfileType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ClusterProfileListParameters (schema)
ClusterProfile List Parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_system_owned | Whether the list result contains system resources | boolean | Default: "True" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| resource_type | Type of cluster profile | ClusterProfileType | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ClusterProfileListResult (schema)
Cluster Profile queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Cluster Profile Results | array of ClusterProfile (Abstract type: pass one of the following concrete types) BridgeHighAvailabilityClusterProfile EdgeHighAvailabilityProfile |
Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterProfileType (schema)
Supported cluster profiles.
| Name | Description | Type | Notes |
|---|---|---|---|
| ClusterProfileType | Supported cluster profiles. | string | Enum: EdgeHighAvailabilityProfile, BridgeHighAvailabilityClusterProfile |
ClusterProfileTypeIdEntry (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| profile_id | key value | string | Required |
| resource_type | ClusterProfileType |
ClusterRestoreStatus (schema)
Cluster restore status
| Name | Description | Type | Notes |
|---|---|---|---|
| backup_timestamp | Timestamp when backup was initiated in epoch millisecond | EpochMsTimestamp | Readonly |
| endpoints | The list of allowed endpoints, based on the current state of the restore process | array of ResourceLink | Required Readonly |
| id | Unique id for backup request | string | Readonly |
| instructions | Instructions for users to reconcile Restore operations | array of InstructionInfo | Readonly |
| not_allowed_actions | List of actions that are not allowed | array of string | Readonly Enum: VC_UPDATES Default: "[]" |
| restore_end_time | Timestamp when restore was completed in epoch millisecond | EpochMsTimestamp | Readonly |
| restore_start_time | Timestamp when restore was started in epoch millisecond | EpochMsTimestamp | Readonly |
| status | GlobalRestoreStatus | ||
| step | RestoreStep | ||
| total_steps | Total number of steps in the entire restore process | integer | Readonly |
ClusterRestoreStatusRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| restore_component | string | Readonly Enum: LOCAL_MANAGER, GLOBAL_MANAGER Default: "LOCAL_MANAGER" |
ClusterRoleConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| type | Type of this role configuration | string | Required Readonly Enum: ManagementClusterRoleConfig, ControllerClusterRoleConfig |
ClusterStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | Unique identifier of this cluster | string | Readonly |
| control_cluster_status | The current status of the control cluster | ControllerClusterStatus | Deprecated Readonly |
| detailed_cluster_status | Status of all the cluster groups | AllClusterGroupStatus | Readonly |
| mgmt_cluster_status | The current status of the management cluster | ManagementClusterStatus | Deprecated Readonly |
ClusterVirtualIpProperties (schema)
Cluster virtual IP properties
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_address | Virtual IP address, 0.0.0.0 if not configured | string | Required |
ClusteringConfig (schema)
Configuration for VM's clustering
Configuration for automatically joining a cluster node to the
cluster after it is deployed. ClusteringConfig is required
if any of the deployment nodes has CONTROLLER role.
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_type | Type for the clustering config Specifies the type of clustering config to be used. |
string | Required Enum: ControlClusteringConfig |
ClusteringInfo (schema)
Clustering parameters for the controller cluster
| Name | Description | Type | Notes |
|---|---|---|---|
| join_to_existing_cluster | True If the controller node should join an existing cluster Property to indicate if the node must join an existing cluster. |
boolean | Required |
| shared_secret | Shared Secret of the cluster Shared secret of the cluster. |
string | Required |
ClusteringStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| ClusteringStatus | string | Enum: CONNECTED, DISCONNECTED, UNKNOWN |
ClustersAggregateInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_status | Status of all the cluster groups | AllClusterGroupStatus | |
| controller_cluster | Array of Controller Nodes | array of ControllerNodeAggregateInfo | Required |
| management_cluster | Array of Management Nodes | array of ManagementNodeAggregateInfo | Required |
ColumnItem (schema)
Grid Column
Represents a column of the Grid
| Name | Description | Type | Notes |
|---|---|---|---|
| column_identifier | Identifier for this column Identifies the column and used for fetching content upon an user click or drilldown. If column identifier is not provided, the column's data will not participate in searches and drilldowns. |
string | |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. |
string | Maximum length: 255 |
| field | Column Field Field from which values of the column will be derived. |
string | Required Maximum length: 1024 |
| hidden | Hide the column If set to true, hides the column |
boolean | Default: "False" |
| label | Column Label Label of the column. |
Label | Required |
| navigation | Navigation to a specified UI page Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used. |
string | Maximum length: 1024 |
| render_configuration | Render Configuration Render configuration to be applied, if any. |
array of RenderConfiguration | |
| sort_ascending | Represents order of sorting the values If true, the value of the column are sorted in ascending order. Otherwise, in descending order. |
boolean | Default: "True" |
| sort_key | Key for sorting on this column Sorting on column is based on the sort_key. sort_key represents the field in the output data on which sort is requested. |
string | Maximum length: 255 |
| tooltip | Multi-line tooltip Multi-line text to be shown on tooltip while hovering over a cell in the grid. |
array of Tooltip | |
| type | Field data type Data type of the field. |
string | Required Enum: String, Number, Date Maximum length: 255 Default: "String" |
CommonAgentEndpointInfo (schema)
NSX Application Platform Kafka/ingress endpoints
An endpoint to connect to Kafka/ingress of the NSX Application Platform.
Either FQDN or IP address can be used in the endpoint info.
| Name | Description | Type | Notes |
|---|---|---|---|
| address | address The IP address or the full qualified domain name of Kafka broker/ingress. |
string | Required Format: hostname-or-ip |
| port | port number The port number where the broker is listening to. |
integer | Minimum: 1 Maximum: 65535 |
CommonAgentHostConfigurationInfo (schema)
NSX Application Platform Common Agent host configuration
NSX Application Platform Common Agent configuration that can be applied to host nodes.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ingress_certificate | Broker certificate A ingress certificate to verify the identity of brokers. |
string | |
| ingress_endpoint | List of NSX Application Platform ingress endpoints List of NSX Application Platform ingress endpoints that host nodes contact initially. |
array of CommonAgentEndpointInfo | |
| kafka_certificate | Broker certificate A Kafka broker certificate to verify the identity of brokers. |
string | |
| kafka_endpoint | List of NSX Application Platform Kafka broker endpoints List of NSX Application Platform broker endpoints that host nodes contact initially. |
array of CommonAgentEndpointInfo | |
| nsx_cluster_id | Cluster id of the NSX Manager cluster Cluster id of the NSX Manager cluster. |
string | |
| private_ip_range | List of private IP prefix List of private IP prefix that NSX Application Platform Common Agent network flow is collected from. |
array of CommonAgentPrivateIpRangeInfo | |
| resource_type | Must be set to the value CommonAgentHostConfigurationInfo | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| truststore | truststore A truststore to establish the trust between NSX and NSX Application Platform. |
string |
CommonAgentPrivateIpRangeInfo (schema)
NSX Application Platform Common Agent private IP prefix
An IP prefix to mark the private network that NSX Application Platform Common Agent
network flow is collected from.
| Name | Description | Type | Notes |
|---|---|---|---|
| address | IP address The prefix of IP address that marks the range of private network. |
IPAddress | Required |
| address_type | IP address type The type of IP address. |
string | Required Enum: IPV4, IPV6 |
| prefix_length | IP prefix length The length of IP address prefix that marks the range of private network. |
integer | Required Minimum: 1 Maximum: 128 |
CommonUploadFile (schema)
To upload kubeconfig or Kubernetes tools
To upload file content example kubeconfig or Kubernetes tools.
| Name | Description | Type | Notes |
|---|---|---|---|
| file | File to upload Kubeconfig or Kubernetes tools file to be imported. |
multipart_file | Required |
CommunicationEntry (schema) (Deprecated)
A communication entry specifies the security policy between the workload groups
A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| action | Action The action to be applied to all the services. |
string | Enum: ALLOW, DROP, REJECT |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_groups | Destination group paths We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| direction | Direction Define direction of traffic. |
string | Enum: IN, OUT, IN_OUT Default: "IN_OUT" |
| disabled | Flag to disable the rule Flag to disable the rule. Default is enabled. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| logged | Enable logging flag Flag to enable packet logging. Default is disabled. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| notes | Text for additional notes on changes Text for additional notes on changes. |
string | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value CommunicationEntry | string | |
| scope | The list of policy paths where the communication entry is applied
Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied on multiple LRs/LRPs. |
array of string | Maximum items: 128 |
| sequence_number | Sequence number of the this CommunicationEntry This field is used to resolve conflicts between multiple CommunicationEntries under CommunicationMap for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple communication entries with the same sequence number then their order is not deterministic. If a specific order of communication entry is desired, then one has to specify unique sequence numbers or use the POST request on the communication entry entity with a query parameter action=revise to let the framework assign a sequence number |
int | |
| services | Names of services In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| source_groups | Source group paths We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| tag | Tag applied on the communication entry User level field which will be printed in CLI and packet logs. |
string | Maximum length: 32 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CommunicationEntryInsertParameters (schema) (Deprecated)
Parameters to tell where communication entry needs to be placed
Parameters to let the admin specify a relative position of a communication
entry w.r.t to another one in the same communication map. If the
communication entry specified in the anchor_path belongs to another
communication map an error will be thrown
This type is deprecated. Use the type RuleInsertParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| anchor_path | The communication map/communication entry path if operation is 'insert_after' or 'insert_before' | string | |
| operation | Operation | string | Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top" |
CommunicationEntryListRequestParameters (schema) (Deprecated)
CommunicationEntry list request parameters
This type is deprecated. Use the type RuleListRequestParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
CommunicationEntryListResult (schema) (Deprecated)
Paged Collection of CommunicationEntries
This type is deprecated. Use the type RuleListResult instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CommunicationEntry list results | array of CommunicationEntry | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CommunicationInsertParameters (schema) (Deprecated)
Parameters to tell where communication map/communication entry
needs to be placed
Parameters to let the admin specify a relative position of a communication
map or communication entry w.r.t to another one.
This type is deprecated. Use the type RuleInsertParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| anchor_path | The communication map/communication entry path if operation is 'insert_after' or 'insert_before' | string | |
| operation | Operation | string | Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top" |
CommunicationMap (schema) (Deprecated)
Contains ordered list of CommunicationEntries
Ordered list of CommunicationEntries. This object is created by default
along with the Domain.
This type is deprecated. Use the type SecurityPolicy instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| category | A way to classify a communication map, if needed. - Distributed Firewall - Policy framework for Distributed Firewall provides four pre-defined categories for classifying a communication map. They are "Emergency", "Infrastructure", "Environment" and "Application". Amongst the layer 3 communication maps,there is a pre-determined order in which the policy framework manages the priority of these communication maps. Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a communication map into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four layer 3 categories. |
string | |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildCommunicationEntry |
|
| communication_entries | CommunicationEntries that are a part of this CommunicationMap | array of CommunicationEntry | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| precedence | Precedence to resolve conflicts across Domains This field is used to resolve conflicts between communication maps across domains. In order to change the precedence of a communication map one can fire a POST request on the communication map entity with a query parameter action=revise The precedence field will reflect the value of the computed precedence upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several communication maps, the only way to set the precedence is to explicitly specify the precedence number for each communication map. If no precedence is specified in the payload, a value of 0 is assigned by default. If there are multiple communication maps with the same precedence then their order is not deterministic. If a specific order of communication map is desired, then one has to specify a unique precedence or use the POST request on the communication map entity with a query parameter action=revise to let the framework assign a precedence |
int | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value CommunicationMap | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CommunicationMapInsertParameters (schema) (Deprecated)
Parameters to tell where communication map needs to be placed
Parameters to let the admin specify a relative position of a communication
map w.r.t to another one.
This type is deprecated. Use the type SecurityPolicyInsertParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| anchor_path | The communication map/communication entry path if operation is 'insert_after' or 'insert_before' | string | |
| operation | Operation | string | Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top" |
CommunicationMapListRequestParameters (schema) (Deprecated)
CommunicationMap list request parameters
This type is deprecated. Use the type SecurityPolicyListRequestParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
CommunicationMapListResult (schema) (Deprecated)
Paged Collection of Communication map
This type is deprecated. Use the type SecurityPolicyListResult instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CommunicationMap list results | array of CommunicationMap | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CommunityList (schema)
Community list for BGP routing configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| communities | List of BGP community entries List of BGP community entries. Both standard and large communities are supported. Standard community format: aa:nn where aa and nn must be within the range [1 - 65536]. Large BGP Community format: aa:bb:nn where aa (Global Administrator), bb (Local Data Part 1) and nn (Local Data Part 2) must be within the range [1 - 4294967295]. In additon to numbered communites (e.g. 3356:2040), predefined communities (NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED) are supported. |
array of string | Required Minimum items: 1 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value CommunityList | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CommunityListListResult (schema)
Paged collection of CommunityLists
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CommunityList results | array of CommunityList | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CommunityMatchCriteria (schema)
Match criteria based on a community list
| Name | Description | Type | Notes |
|---|---|---|---|
| criteria | Match criteria based on community list path or a regular expression Match criteria specified as a community list path or a regular expression. |
string | Required |
| match_operator | Match operator for community list entries Match operator for community list entries. Not valid when a regular expression is specified for criteria. |
string | Enum: MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_COMMUNITY_REGEX, MATCH_LARGE_COMMUNITY_REGEX |
CommunityMatchExpression (schema)
Community match expression
| Name | Description | Type | Notes |
|---|---|---|---|
| expression | Array of community match operations | array of CommunityMatchOperation | Required |
| operator | Operator Operator for evaluating community match expressions. AND logical AND operator |
string | Readonly Enum: AND |
CommunityMatchOperation (schema)
Community match operation
| Name | Description | Type | Notes |
|---|---|---|---|
| community_list_id | Community list id ID of BGP community list. This value is not required when match_operator is MATCH_REGEX otherwise required. |
string | |
| match_operator | Match operator Match operator for communities from provided community list id. MATCH_ANY will match any community MATCH_ALL will match all communities MATCH_EXACT will do exact match on community MATCH_NONE [operator not supported] will not match any community MATCH_REGEX will match normal communities by evaluating regular expression MATCH_LARGE_COMMUNITY_REGEX will match large communities by evaluating regular expression |
string | Enum: MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_NONE, MATCH_REGEX, MATCH_LARGE_COMMUNITY_REGEX Default: "MATCH_ANY" |
| regular_expression | Regular expression Regular expression to match BGP communities. If match_operator is MATCH_REGEX then this value must be specified. |
string |
ComponentConditionItem (schema)
Antrea Component condition
This indicate component health condition and the reason why not healthy.
| Name | Description | Type | Notes |
|---|---|---|---|
| condition_type | Antrea Component condition type Indicate which component condition it is. |
ComponentConditionType | Readonly |
| last_heartbeat_time | Last heartbeat time Time unit is millisecond. |
EpochMsTimestamp | |
| message | Antrea Component condition message Additional condition information. |
string | |
| reason | Reason of unhealthy status Indicate why not healthy. |
string | |
| status | Component condition status Indicate healthy or unhealthy. |
ConditionStatus |
ComponentConditionType (schema)
Antrea Component condition
Antrea Component condition names collection.
| Name | Description | Type | Notes |
|---|---|---|---|
| ComponentConditionType | Antrea Component condition Antrea Component condition names collection. |
string | Enum: CONTROLLER_HEALTHY, MP_ADAPTER_HEALTHY, MP_CONNECTED, CCP_ADAPTER_HEALTHY, CCP_SESSION_STATE_UP |
ComponentMigrationStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| can_skip | Can the migration of the remaining units in this component be skipped | boolean | Readonly |
| component_type | Component type for the migration status | string | Readonly |
| details | Details about the migration status | string | Readonly |
| percent_complete | Indicator of migration progress in percentage | number | Required Readonly |
| status | Migration status of component | string | Required Readonly Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED |
ComponentStatus (schema)
Antrea Component status
Antrea Component status enum. If lose connection, status will be UNKNOWN
| Name | Description | Type | Notes |
|---|---|---|---|
| ComponentStatus | Antrea Component status Antrea Component status enum. If lose connection, status will be UNKNOWN |
string | Enum: HEALTHY, DEGRADED, FAILED, UNKNOWN |
ComponentTargetVersion (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | string | Required Readonly |
|
| target_version | string | Required Readonly |
ComponentTypeListRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | Component type on which the action is performed or on which the results are filtered | string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ComponentUpgradeChecksInfo (schema)
Meta-data of pre/post-upgrade checks for a component
Meta-data of pre/post-upgrade checks for a component
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | Component type Component type of the pre/post-upgrade checks |
string | Required |
| post_upgrade_checks_info | Collection of post-upgrade checks | array of UpgradeCheckInfo | |
| pre_upgrade_checks_info | Collection of pre-upgrade checks | array of UpgradeCheckInfo |
ComponentUpgradeChecksInfoListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Collection of info of pre/post-upgrade checks for components | array of ComponentUpgradeChecksInfo | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComponentUpgradeStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| can_rollback | Can perform rollback This field indicates whether we can perform upgrade rollback. |
boolean | Readonly |
| can_skip | Can the upgrade of the remaining units in this component be skipped | boolean | Readonly |
| component_type | Component type for the upgrade status | string | Readonly |
| current_version_node_summary | Mapping of current versions of nodes and counts of nodes at the respective versions. | NodeSummaryList | Readonly |
| details | Details about the upgrade status | string | Readonly |
| node_count_at_target_version | Count of nodes at target component version Number of nodes of the type and at the component version |
int | Readonly |
| percent_complete | Indicator of upgrade progress in percentage | number | Required Readonly |
| pre_upgrade_status | Pre-upgrade status of the component-type | UpgradeChecksExecutionStatus | Readonly |
| status | Upgrade status of component | string | Required Readonly Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED |
| target_component_version | Target component version | string | Readonly |
ComputeClusterIdfwConfiguration (schema)
Compute cluster idfw configuration
Idfw configuration for enable/disable idfw on cluster level.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cluster_idfw_enabled | Idfw enabled flag If set to true, idfw is enabled for this cluster |
boolean | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| member | PolicyResourceReference Contains actual policy resource reference object |
PolicyResourceReference | Required |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ComputeClusterIdfwConfiguration | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ComputeClusterIdfwConfigurationListRequestParameters (schema)
Compute cluster idfw configuration request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ComputeClusterIdfwConfigurationListResult (schema)
Paged collection of compute cluster idfw configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Compute cluster wise identity firewall configuration list results | array of ComputeClusterIdfwConfiguration | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComputeCollection (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cm_local_id | Local Id of the compute collection in the Compute Manager | string | Required Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External ID of the ComputeCollection in the source Compute manager, e.g. mo-ref in VC | string | Required Readonly |
| origin_id | Id of the compute manager from where this Compute Collection was discovered | string | Required Readonly |
| origin_properties | Key-Value map of additional specific properties of compute collection in the Compute Manager | array of KeyValuePair | Readonly |
| origin_type | ComputeCollection type like VC_Cluster. Here the Compute Manager type prefix would help in differentiating similar named Compute Collection types from different Compute Managers | string | Required Readonly |
| owner_id | Id of the owner of compute collection in the Compute Manager | string | Readonly |
| resource_type | Must be set to the value ComputeCollection | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ComputeCollectionAction (schema)
Compute collection action parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Supported actions on compute-collection For Compute collection, the supported actions are: - remove_nsx: removes NSX from the cluster |
string | Enum: remove_nsx |
ComputeCollectionListRequestParameters (schema)
Compute Collection list parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cm_local_id | Local Id of the compute collection in the Compute Manager | string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| discovered_node_id | Id of the discovered node which belongs to this Compute Collection | string | |
| display_name | Name of the ComputeCollection in source compute manager | string | |
| external_id | External ID of the ComputeCollection in the source Compute manager, e.g. mo-ref in VC | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| node_id | Id of the fabric node created from a discovered node belonging to this Compute Collection | string | |
| origin_id | Id of the compute manager from where this Compute Collection was discovered | string | |
| origin_type | ComputeCollection type like VC_Cluster. Here the Compute Manager type prefix would help in differentiating similar named Compute Collection types from different Compute Managers | string | |
| owner_id | Id of the owner of compute collection in the Compute Manager | string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ComputeCollectionListResult (schema)
Compute Collection list result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Compute Collection list results | array of ComputeCollection | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComputeCollectionNetworkInterfacesListResult (schema)
ComputeCollection Interfaces List Result
List of network interfaces for all discovered nodes in compute collection
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Discovered node network interfaces List of discovered node with network interfaces |
array of DiscoveredNodeNetworkInterfaces | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComputeInstanceErrorMessage (schema)
Compute Instance Error Message
Stores an error ID and error message
| Name | Description | Type | Notes |
|---|---|---|---|
| detailed_message | Error details Error message string to indicate, if it is NSX or cloud operation generated error. |
string | Required Readonly |
| error_id | An error ID contract obtained from PCM | integer | Required Readonly |
ComputeManager (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| access_level_for_oidc | Specifies access level to NSX from the compute manager Specifies the maximum access level allowed for calls from compute manager to NSX using the OIDC provider. |
string | Enum: FULL, LIMITED Default: "FULL" |
| create_service_account | Specifies whether service account is created or not on compute manager Enable this flag to create service account user on compute manager. This is required by features such as vSphere Lifecycle Manager for authentication with vAPIs from nsx. |
boolean | Default: "False" |
| credential | Login credentials for the compute manager | LoginCredential (Abstract type: pass one of the following concrete types) LoginCredential SamlTokenLoginCredential SessionLoginCredential UsernamePasswordLoginCredential VerifiableAsymmetricLoginCredential |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| origin_properties | Key-Value map of additional specific properties of compute manager | array of KeyValuePair | Readonly |
| origin_type | Compute manager type like vCenter | string | Required |
| resource_type | Must be set to the value ComputeManager | string | |
| reverse_proxy_https_port | Proxy https port of compute manager Specifies https port of the reverse proxy to connect to compute manager. For e.g. In case of VC, this port can be retrieved from this config file /etc/vmware-rhttpproxy/config.xml. |
integer | Minimum: 1 Maximum: 65535 Default: "443" |
| server | IP address or hostname of compute manager | string | Required Format: hostname-or-ip |
| set_as_oidc_provider | Specifies whether compute manager has been set as OIDC provider If the compute manager is VC and need to set set as OIDC provider for NSX then this flag should be set as true. This is specific to wcp feature, should be enabled when this feature is being used. |
boolean | Default: "False" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ComputeManagerListRequestParameters (schema)
Compute manager list parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| origin_type | Compute manager type like vCenter | string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| server | IP address or hostname of compute manager | string | Format: hostname-or-ip |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ComputeManagerListResult (schema)
List of compute managers
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of compute managers | array of ComputeManager | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComputeManagerStatus (schema)
Runtime status information of the compute manager
| Name | Description | Type | Notes |
|---|---|---|---|
| connection_errors | Errors when connecting with compute manager | array of ErrorInfo | Readonly |
| connection_status | Status of connection with the compute manager | string | Readonly Enum: UP, DOWN, CONNECTING |
| connection_status_details | Details about connection status | string | Readonly |
| last_sync_time | Timestamp of the last successful update of Inventory, in epoch milliseconds. | EpochMsTimestamp | Readonly |
| oidc_end_point_id | Specifies Id of corresponding OidcEndPoint If Compute manager is trusted as authorization server, then this Id will be Id of corresponding oidc end point. |
string | Readonly |
| registration_errors | Errors when registering with compute manager | array of ErrorInfo | Readonly |
| registration_status | Registration status of compute manager | string | Readonly Enum: REGISTERED, UNREGISTERED, REGISTERING, REGISTERED_WITH_ERRORS |
| version | Version of the compute manager | string | Readonly |
ComputeManagerTopology (schema)
Details where NVDS will be migrated to
| Name | Description | Type | Notes |
|---|---|---|---|
| compute_manager_id | Identifier of vcenter where VDS will be created | string | Required |
| dvswitch | Datacenter, VDS mapping | array of VdsTopology | Required |
Condition (schema)
Represents the leaf level condition
Represents the leaf level condition. Evaluation of the condition expression
will be case insensitive.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| key | Key | string | Required Enum: Tag, Name, OSName, ComputerName, NodeType, GroupType |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| member_type | Group member type | string | Required Enum: IPSet, VirtualMachine, LogicalPort, LogicalSwitch, Segment, SegmentPort, Pod, Service, Namespace, TransportNode, Group, DVPG, DVPort |
| operator | operator Operator is made non-mandatory to support Segment and SegmentPort tag based expression. To evaluate expression for other types, operator value should be provided. |
string | Enum: EQUALS, CONTAINS, STARTSWITH, ENDSWITH, NOTEQUALS, NOTIN |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value Condition | string | Required Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression |
| scope_operator | operator Default operator when not specified explicitly would be considered as EQUALS. If value for Condition is empty, then condition will not be evaluated. For example, Condition with key as Tag and value as "|tag" would be evaluated for tag value not for empty scope value. |
string | Enum: EQUALS, NOTEQUALS |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| value | Value | string | Required Minimum length: 1 |
ConditionStatus (schema)
Antrea Component condition status
Antrea Component condition status shared by all component condition.
| Name | Description | Type | Notes |
|---|---|---|---|
| ConditionStatus | Antrea Component condition status Antrea Component condition status shared by all component condition. |
string | Enum: HEALTHY, UNHEALTHY |
ConditionalForwarderZone (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| domain_names | Domain names of a forwarder zone A forwarder domain name should be a valid FQDN. If reverse lookup is needed for this zone, reverse lookup domain name like X.in-addr.arpa can be defined. Here the X represents a subnet. |
array of string | Required Minimum items: 1 Maximum items: 100 |
| source_ip | Source ip of the forwarder The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used. |
IPv4Address | |
| upstream_servers | Ips of upsteam DNS servers Ip address of the upstream DNS servers the DNS forwarder accesses. |
array of IPv4Address | Required Minimum items: 1 Maximum items: 3 |
ConditionalValueConstraintExpression (schema)
Represents the leaf level conditional value constraint.
Represents the leaf level expression to restrict the target attribute value
based on the set of existing values. Generally, used in combination with
RelatedAttributeConditionalExpression to constraint the values related to
another attribute on the same resource. This object is always used in
conjunction with some exression.
Example -
{
"condition" : {
"operator":"INCLUDES",
"rhs_value": ["/infra/domains/mgw/groups/VCENTER", "/infra/domains/mgw/groups/SRM", "/infra/domains/mgw/groups/NSX"],
"value_constraint": {
"resource_type": "ValueConstraintExpression",
"operator":"EXCLUDES",
"values":["/infra/domains/mgw/groups/VCENTER", "/infra/domains/mgw/groups/SRM", "/infra/domains/mgw/groups/NSX"]
}
}
| Name | Description | Type | Notes |
|---|---|---|---|
| operator | Set operation to constraint values. | string | Required Enum: INCLUDES, EXCLUDES, EQUALS |
| rhs_value | Array of values to perform operation. List of values. |
array of string | |
| rhs_value_with_type | Array of values to perform operation. List of values. |
ConstraintValue (Abstract type: pass one of the following concrete types) CidrArrayConstraintValue IntegerArrayConstraintValue StringArrayConstraintValue |
|
| value_constraint | Value Constraint Values to apply the conditional constraint on target. |
ValueConstraintExpression | Required |
ConfigState (schema)
Config State
Configuration State.
| Name | Description | Type | Notes |
|---|---|---|---|
| ConfigState | Config State Configuration State. |
string | Enum: SUCCESS, IN_PROGRESS, ERROR, UNKNOWN, UNINITIALIZED |
ConfigType (schema)
Config Type
| Name | Description | Type | Notes |
|---|---|---|---|
| ConfigType | Config Type | string | Enum: nsxa-state, nsxa-edge-cluster, nsxa-lrouter, nsxa-service-router, nestdb, edge-agent, dataplane, nsd, manager, controller, core |
ConfigurationState (schema)
Describes status of configuration of an entity
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS |
ConfigurationStateElement (schema)
Describes status of configuration of an entity
| Name | Description | Type | Notes |
|---|---|---|---|
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| state | State of configuration on this sub system | string | Required Readonly Enum: in_progress, success, failed, partial_success, in_sync, VM_DEPLOYMENT_FAILED, VM_POWER_ON_FAILED, VM_POWER_OFF_FAILED, VM_UNDEPLOY_FAILED, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, EDGE_CONFIG_ERROR, REGISTRATION_FAILED, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_NETWORK_EDIT_PENDING, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, NOT_AVAILABLE, REGISTRATION_TIMEDOUT, pending, orphaned, unknown, error |
| sub_system_address | URI of backing resource on sub system | string | Readonly |
| sub_system_id | Identifier of backing resource on sub system | string | Readonly |
| sub_system_name | Name of backing resource on sub system | string | Readonly |
| sub_system_type | Type of backing resource on sub system | string | Readonly |
ConjunctionOperator (schema)
Represents the operators AND or OR
Represents the operators AND or OR.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| conjunction_operator | Conjunction Operator Node | string | Required Enum: OR, AND |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value ConjunctionOperator | string | Required Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ConnectivityAdvancedConfig (schema)
Advanced configuration for Policy connectivity
| Name | Description | Type | Notes |
|---|---|---|---|
| connectivity | Connectivity configuration Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity. |
string | Enum: ON, OFF Default: "ON" |
ConsolidatedAPIListRequestParameters (schema)
Consolidated effective IP addresses API list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| ip_filter | An IPAddress or subnet for filtering the results. This filter can be used to verify an ip membership in the effective results |
IPElement | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| site_id | UUID of the site from which the effective IP addresses are to be fetched | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ConsolidatedEffectiveIPAddressMemberListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of site wise consolidated effective ip addresses for the given NSGroup | array of EffectiveIPInfo | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ConsolidatedEffectiveIPListRequestParameters (schema)
Consolidated API Realization list request params
List request params for the pass through type api that get data from the
Enforcement point. Enforcement point is mandatory for this request.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point The path of the enforcement point on which the API needs to be executed. Forward slashes must be escaped using %2F. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| ip_filter | An IPAddress or subnet for filtering the results. This filter can be used to verify an ip membership in the effective results |
IPElement | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| site_id | UUID of the site from which the effective IP addresses are to be fetched | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ConsolidatedRealizedStatus (schema)
Consolidated Realized Status for an Intent Object
Consolidated Realized Status of an intent object across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| consolidated_status | Consolidated Realized Status Consolidated Realized Status across enforcement points. |
ConsolidatedStatus | Readonly |
| consolidated_status_per_enforcement_point | List of Consolidated Realized Status per Enforcement Point List of Consolidated Realized Status per enforcement point. |
array of ConsolidatedStatusPerEnforcementPoint | Readonly |
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| intent_version | Intent version for the status Represent highest intent version across all realized objects |
string | Readonly |
| publish_status | Aggregated Realization state of this object | string | Required Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR |
ConsolidatedStatus (schema)
Consolidated Status
Consolidated Status of an intent object. Status Consolidation of an intent happens at
multiple levels:
- Per Enforcement Point: calculation of the consolidated status is performed using all
realized entities that the intent objet maps to on a specific enforcement point.
- Across Enforcement Points: calculation of the consolidated status is performend
aggregating the consolidated status from each enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| consolidated_status | Consolidated Realized Status Consolidated Realized Status of an intent object. |
ConfigState | Readonly |
ConsolidatedStatusNsxT (schema)
NSX-T Consolidated Status
Detailed Realized Status of an intent object on an NSX-T type of enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| alarm | Alarm Information Details Alarm information details. |
PolicyRuntimeAlarm | Readonly |
| consolidated_status | Consolidated Realized Status Consolidated Realized Status of an Intent object per enforcement point. |
ConsolidatedStatus | Readonly |
| enforced_status | Enforced Realized Status Detailed Realized Status inherent to an NSX-T Enforcement Point. |
EnforcedStatusDetailsNsxT | Readonly |
| enforcement_point_id | Enforcement Point Id Enforcement Point Id. |
string | Readonly |
| enforcement_point_path | Enforcement point Path Policy Path referencing the enforcement point where the info is fetched. |
string | Readonly |
| resource_type | Must be set to the value ConsolidatedStatusNsxT | string | Required |
| site_path | Site Path The site where this enforcement point resides. |
string | Readonly |
ConsolidatedStatusPerEnforcementPoint (schema)
Consolidated Realized Status Per Enforcement Point
Consolidated Realized Status Per Enforcement Point.
| Name | Description | Type | Notes |
|---|---|---|---|
| alarm | Alarm Information Details Alarm information details. |
PolicyRuntimeAlarm | Readonly |
| consolidated_status | Consolidated Realized Status Consolidated Realized Status of an Intent object per enforcement point. |
ConsolidatedStatus | Readonly |
| enforcement_point_id | Enforcement Point Id Enforcement Point Id. |
string | Readonly |
| enforcement_point_path | Enforcement point Path Policy Path referencing the enforcement point where the info is fetched. |
string | Readonly |
| resource_type | Must be set to the value ConsolidatedStatusPerEnforcementPoint | string | Required |
| site_path | Site Path The site where this enforcement point resides. |
string | Readonly |
ConstantFieldValue (schema)
Constant Field Value
Constant Field Value.
| Name | Description | Type | Notes |
|---|---|---|---|
| constant | Constant Value Constant Value that the field must be set to. |
object | |
| resource_type | Must be set to the value ConstantFieldValue | string | Required Enum: ConstantFieldValue |
Constraint (schema)
Constraint definition.
Constraint object to constraint any attribute on a resource based on
specified expression.
Example- Restrict the allowed services in Edge Communication Entry to list of
services, if the destinationGroups contain vCenter.
{
"target":{
"target_resource_type":"CommunicationEntry",
"attribute":"services",
"path_prefix":"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries"
}
"constraint_expression":{
"related_attribute":{
"attribute":"destinationGroups"
}
"condition":{
"operator":"INCLUDES",
"rhs_value":{"vCenter"}
"value_constraint":{
"operator":"ALLOW",
"values":{"/ref/services/HTTPS", "/ref/services/HTTOP", ...}
}
}
}
}
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | subtree for this type within policy tree subtree for this type within policy tree containing nested elements. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| constraint_expression | Expression to constrain the target attribute value. | ConstraintExpression (Abstract type: pass one of the following concrete types) EntityInstanceCountConstraintExpression FieldSanityConstraintExpression RelatedAttributeConditionalExpression ValueConstraintExpression |
Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| message | User friendly message to be shown to users upon violation. | string | |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| resource_type | Must be set to the value Constraint | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target | Target resource attribute details. | ConstraintTarget | Required |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ConstraintExpression (schema)
Base class for constraint expression
All the types of the expression extend from this abstract class.
This is present for extensibility.
This is an abstract type. Concrete child types:
EntityInstanceCountConstraintExpression
FieldSanityConstraintExpression
RelatedAttributeConditionalExpression
ValueConstraintExpression
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ConstraintExpression | string | Required Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ConstraintListResult (schema)
Paged Collection of Constraints
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Constraint list results | array of Constraint | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ConstraintTarget (schema)
Resource attribute on which constraint should be applied.
Resource attribute on which constraint should be applied.
Example - sourceGroups attribute of Edge CommunicationEntry to be
restricted, is given as:
{
"target_resource_type":"CommunicationEntry",
"attribute":"sourceGroups",
"path_prefix":"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries"
}
| Name | Description | Type | Notes |
|---|---|---|---|
| attribute | Attribute name of the target entity. | string | |
| path_prefix | Path prefix of the entity to apply constraint. This is required to further disambiguiate if multiple policy entities share the same resource type. Example - Edge FW and DFW use the same resource type CommunicationMap, CommunicationEntry, Group, etc. | string | |
| target_resource_type | Resource type of the target entity. | string | Required |
ConstraintValue (schema)
Base class for each value configuration
All the types of value extend from this abstract class. This
is present for extensibility.
This is an abstract type. Concrete child types:
CidrArrayConstraintValue
IntegerArrayConstraintValue
StringArrayConstraintValue
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | string | Required Enum: StringArrayConstraintValue, CidrArrayConstraintValue, IntegerArrayConstraintValue |
ContainerApplication (schema)
Container application within a project
Container application within a project.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this container application belongs to. |
string | Readonly |
| container_project_id | Identifier of the project Identifier of the project which this container application belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container application Identifier of the container application on container cluster e.g. PCF app id, k8s service id. |
string | Required |
| network_errors | Network errors List of network errors related to container application. |
array of NetworkError | |
| network_status | Network status of container application Network status of container application. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container application in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerApplication | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| status | Status of the container application Status of the container application. |
string | Enum: UNKNOWN, HEALTHY, UP, DOWN, DEGRADED |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerApplicationInstance (schema)
Container Application Instance
Container application instance within a project.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cluster_node_id | Cluster node id Cluster node id where application instance is running. |
string | |
| container_application_ids | Identifiers of the container application List of identifiers of the container application. |
array of string | |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this application instance belongs to. |
string | Readonly |
| container_project_id | Identifier of the project Identifier of the container project which this container application instance belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container application instance Identifier of the container application instance on container cluster. |
string | Required |
| network_errors | Network errors List of network errors related to container application instance. |
array of NetworkError | |
| network_status | Network status of container application instance Network status of container application instance. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container application instance in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerApplicationInstance | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| status | Status of the container application instance Status of the container application instance. |
string | Enum: UNKNOWN, HEALTHY, UP, DOWN, DEGRADED |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerApplicationInstanceGroupAssociationRequestParams (schema)
List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path
List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered |
string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| pod_id | ContainerApplicationInstance | string | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerApplicationInstanceListRequestParameters (schema)
Container application instance list parameters
Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.
| Name | Description | Type | Notes |
|---|---|---|---|
| container_application_id | Identifier of the container application Identifier of the container application. |
string | |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | |
| container_project_id | Identifier of the container project Identifier of the container project. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| scope_id | Scope id for container cluster Specifies scope id for container cluster. Default value is same as identifier of the cluster. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerApplicationInstanceListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Applications | array of ContainerApplicationInstance | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerApplicationListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Applications | array of ContainerApplication | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerCluster (schema)
Container cluster
Details of container cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cluster_type | Type of the container cluster Type of the container cluster. In case of creating container cluster first time, it is expected to pass the valid cluster-type. In case of update, if there is no change in cluster-type, then this field can be omitted in the request. |
string | Enum: PAS, PKS, Kubernetes, Openshift, WCP, WCP_Guest, AKS, EKS, TKGm, TKGi, GKE, Gardener, Rancher, TAS, Other |
| cni_type | CNI type for container cluster Specifies Container Network Interface type for container cluster. |
string | Enum: NCP, Antrea, Other Default: "Other" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container cluster External identifier of the container cluster. |
string | |
| infrastructure | Details of infrastructure for the container cluster Details of underlying infrastructure that hosts the container cluster. In case of creating container cluster first time, it is expected to pass the valid infrastructure. In case of update, if there is no change in cluster-type, then this field can be omitted in the request. |
ContainerInfrastructureInfo | |
| network_errors | Network errors List of network errors related to container cluster. |
array of NetworkError | |
| network_status | Network status of container cluster Network status of container cluster. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container cluster in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerCluster | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| supervisor_project_id | Supervisor ContainerProject identifier for cluster Specifies supervisor container project identifier for cluster. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerClusterFilterParameters (schema)
Container cluster filter parameter
Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.
| Name | Description | Type | Notes |
|---|---|---|---|
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| scope_id | Scope id for container cluster Specifies scope id for container cluster. Default value is same as identifier of the cluster. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerClusterListRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| status | Container cluster status | TnContainerStatusType |
ContainerClusterListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Clusters | array of ContainerCluster | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerClusterNode (schema)
Container cluster node
Details of container cluster node i.e. container host.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cni_agent_status | CNI agent status of container cluster node Specifies Container Network Interface agent status of container cluster node. |
string | Enum: HEALTHY, UNHEALTHY |
| container_cluster_id | External identifier of the container cluster External identifier of the container cluster. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container cluster node External identifier of the container cluster node in K8S/PAS. |
string | Required |
| ip_addresses | IP Addresses of Node List of IP addresses of container cluster node. |
array of IPAddress | |
| network_errors | Network errors List of network errors related to container cluster node. |
array of NetworkError | |
| network_status | Network status of container cluster node Network status of container cluster node. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container cluster node in key-value format. |
array of KeyValuePair | |
| provider_id | Provider id of container node Specifies identifier of container cluster node given by infrastructure provider of container cluster. e.g. in case of vSpehere, it will be instance uuid of worker node virtual machine. |
string | |
| resource_type | Must be set to the value ContainerClusterNode | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerClusterNodeListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of container cluster nodes | array of ContainerClusterNode | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerClusterPropertiesFilterParameters (schema)
Container cluster filter parameter by cluster properties
Request object, containing multiple cluster properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_type | Type of container cluster This is the type of container cluster. |
string | Enum: PAS, PKS, Kubernetes, Openshift, WCP, WCP_Guest, AKS, EKS, TKGm, TKGi, GKE, Gardener, Rancher, TAS, Other |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| infra_type | Type of infrastructure This is the type of container's infrastructure. |
string | Enum: vSphere, AWS, Azure, Google, VMC, KVM, Baremetal |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| scope_id | Scope id for container cluster Specifies scope id for container cluster. Default value is same as identifier of the cluster. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerClusterStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | |
| detail | Detail information on status Detail information on status. |
string | |
| interval | Container cluster status check interval Display the cluster check interval in seconds. |
int | Readonly Minimum: 60 Maximum: 600 |
| status | Container cluster status Display the container cluster status. |
TnContainerStatusType |
ContainerClusterStatusList (schema)
List of the Container cluster
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Container cluster list Container cluster list. |
array of ContainerClusterSummary | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerClusterSummary (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | Required Readonly |
| cluster_name | Container cluster name Display the container cluster name |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| detail | Detail information on status Detail information on status. |
string | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ContainerClusterSummary | string | |
| status | Container cluster status Display the container cluster status. |
TnContainerStatusType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Container cluster type Container cluster type. |
ContainerClusterType |
ContainerClusterType (schema)
Container cluster type
| Name | Description | Type | Notes |
|---|---|---|---|
| ContainerClusterType | Container cluster type | string | Enum: PAS, PKS, Kubernetes, Openshift, WCP, Other |
ContainerConfiguration (schema)
Container that holds widgets
Represents a container to group widgets that belong to a common category or have a common purpose.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| condition | Expression for evaluating condition If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally. |
string | Maximum length: 1024 |
| datasources | Array of Datasource Instances with their relative urls The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API. |
array of Datasource | Minimum items: 0 |
| default_filter_value | Default filter value to be passed to datasources Default filter values to be passed to datasources. This will be used when the report is requested without filter values. |
array of DefaultFilterValue | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Widget Title Title of the widget. If display_name is omitted, the widget will be shown without a title. |
string | Maximum length: 255 |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. |
string | Maximum length: 255 |
| feature_set | Features required to view the widget Features required to view the widget. |
FeatureSet | |
| filter | Id of filter widget for subscription Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property. |
string | Deprecated |
| filter_value_required | Flag to indicate if filter value is necessary Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory. |
boolean | Default: "True" |
| filters | A List of filter ids applied to this widget configuration A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget. |
array of string | |
| footer | Footer | ||
| header | Header | ||
| icons | Icons Icons to be applied at dashboard for widgets and UI elements. |
array of Icon | |
| id | Unique identifier of this resource | string | Sortable |
| is_drilldown | Set as a drilldown widget Set to true if this widget should be used as a drilldown. |
boolean | Default: "False" |
| labels | Labels Labels for the container. |
array of Label | Minimum items: 0 |
| layout | Layout of widgets inside container Layout of widgets can be either vertical or horizontal. If layout is not specified a default horizontal layout is applied. This property is deprecated. Now the layout inside the container can be taken care with the help of 'rowspan' and 'colspan' property. |
Layout | Deprecated |
| legend | Legend for the widget Legend to be displayed. If legend is not needed, do not include it. |
Legend | |
| navigation | Navigation to a specified UI page Hyperlink of the specified UI page that provides details. |
string | Maximum length: 1024 |
| plot_configs | List of plotting configuration for a given widget. List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here. |
array of WidgetPlotConfiguration | |
| resource_type | Must be set to the value ContainerConfiguration | string | Required Readonly Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, DropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration Maximum length: 255 |
| rowspan | Vertical span Represents the vertical span of the widget / container. 1 Row span is equal to 20px. |
int | Minimum: 1 |
| shared | Visiblity of widgets to other users Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users. |
boolean | Deprecated |
| show_header | This decides to show the container header or not. If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header. |
boolean | |
| span | Horizontal span Represents the horizontal span of the widget / container. |
int | Minimum: 1 Maximum: 12 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| weight | Weightage or placement of the widget or container Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details. |
int | Deprecated |
| widgets | Widgets held by the container If not specified, creates an empty container. |
array of WidgetItem | Minimum items: 0 |
ContainerInfrastructureInfo (schema)
Details of container infrastructure
Details of infrastructure hosting the container cluster
e.g. vSphere, AWS, VMC etc..
| Name | Description | Type | Notes |
|---|---|---|---|
| infra_type | Type of the infrastructure Type of the infrastructure. |
string | Required Enum: vSphere, AWS, Azure, Google, VMC, KVM, Baremetal |
ContainerIngressPolicy (schema)
Container Ingress Policy
Details of Container Ingress Policy.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_application_ids | Identifiers of the container application List of identifiers of the container application , on which ingress policy is applied. e.g. IDs of all services on which the ingress is applied in kubernetes. |
array of string | |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this ingress policy belongs to. |
string | |
| container_project_id | Identifier of the project Identifier of the project which this container ingress belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container ingress policy Identifier of the container ingress policy. |
string | Required |
| network_errors | Network errors List of network errors related to container ingress. |
array of NetworkError | |
| network_status | Network status of container ingress Network status of container ingress. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container ingress in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerIngressPolicy | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| spec | Container ingress policy specification Container ingress policy specification. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerIngressPolicyListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Ingress Policy specs | array of ContainerIngressPolicy | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerListRequestParameters (schema)
Realization list request params
List request params for the pass through type api that get data from the Antrea Cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | Cluster ID ID of the cluster to query |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F. |
string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerNetworkPolicy (schema)
Container Network Policy
Network policy applied to container.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this network policy belongs to. |
string | |
| container_project_id | Identifier of the project Identifier of the project which this network policy belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container network policy Identifier of the container network policy. |
string | Required |
| network_errors | Network errors List of network errors related to container network policy. |
array of NetworkError | |
| network_status | Network status of container network policy Network status of container network policy. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container network policy in key-value format. |
array of KeyValuePair | |
| policy_type | Type Type e.g. Network Policy, ASG. |
string | Enum: NETWORK_POLICY, ASG, ACNP, ANP |
| resource_type | Must be set to the value ContainerNetworkPolicy | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| spec | Container network policy specification Container network policy specification. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerNetworkPolicyListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Network Policy specs | array of ContainerNetworkPolicy | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerObjectsListRequestParameters (schema)
Container objects list parameters
Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.
| Name | Description | Type | Notes |
|---|---|---|---|
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | |
| container_project_id | Identifier of the container project Identifier of the container project. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| scope_id | Scope id for container cluster Specifies scope id for container cluster. Default value is same as identifier of the cluster. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerProject (schema)
Container project within a container cluster
Details of org/namespace within a container cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster to which this project/namespace belongs. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container project External identifier of the container project. |
string | Required |
| network_errors | Network errors List of network errors related to container project. |
array of NetworkError | |
| network_status | Network status of container project Network status of container project. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container project in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerProject | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerProjectListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of projects | array of ContainerProject | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContentFilterValue (schema)
Support bundle content filter allowed values
| Name | Description | Type | Notes |
|---|---|---|---|
| ContentFilterValue | Support bundle content filter allowed values | string | Enum: ALL, DEFAULT |
ContextProfileAttributesMetadata (schema)
Key value structure for holding metadata of context profile attributes
| Name | Description | Type | Notes |
|---|---|---|---|
| key | Key for metadata | string | Required |
| value | Value for metadata key | string | Required |
ContinueMigrationRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| skip | Skip to migration of next component. | boolean | Default: "False" |
ContinueRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | Component to upgrade. Hints NSX to upgrade a specific component. |
string | |
| skip | Skip to upgrade of next component. | boolean | Default: "False" |
ControlClusterNodeStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| control_cluster_status | Status of this node's connection to the control cluster | ClusteringStatus | Readonly |
| mgmt_connection_status | Status of this node's management plane connection | MgmtConnStatus | Readonly |
ControlClusteringConfig (schema)
Clustering config for joining control cluster
Config for joining cluster nodes VMs to a control cluster
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_type | Must be set to the value ControlClusteringConfig | string | Required Enum: ControlClusteringConfig |
| join_to_existing_cluster | Flag to identify the type of clustering Specifies whether or not the cluster node VM should try to join to the existing control cluster or initialize a new one. Only required in uncertainty case, i.e. when there are manually- deployed controllers that are registered but not connected to the cluster and no auto-deployed controllers are part of the cluster. |
boolean | |
| shared_secret | Cluster's shared secret Shared secret to be used when joining the cluster node VM to a control cluster or for initializing a new cluster with the VM. Must contain at least 4 unique characters and be at least 6 characters long. |
string | Required |
ControlConnStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| control_node_ip | IP address of the control Node. | string | Required Readonly |
| failure_status | Failure status of the control Node for e.g CONNECTION_REFUSED,INCOMPLETE_HOST_CERT. | string | Readonly Enum: CONNECTION_REFUSED, INCOMPLETE_HOST_CERT, INCOMPLETE_CONTROLLER_CERT, CONTROLLER_REJECTED_HOST_CERT, HOST_REJECTED_CONTROLLER_CERT, KEEP_ALIVE_TIMEOUT, OTHER_SSL_ERROR, OTHER_ERROR |
| status | Status of the control Node for e.g UP, DOWN. | string | Required Readonly Enum: UP, DOWN |
ControllerClusterRoleConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| control_cluster_listen_addr | The IP and port for the control cluster service on this node | ServiceEndpoint | Readonly |
| control_plane_listen_addr | The IP and port for the control plane service on this node | ServiceEndpoint | Readonly |
| host_msg_client_info | MsgClientInfo | ||
| mpa_msg_client_info | MsgClientInfo | ||
| type | Type of this role configuration | string | Required Readonly Enum: ManagementClusterRoleConfig, ControllerClusterRoleConfig |
ControllerClusterStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| status | The current status of the controller cluster | string | Readonly Enum: NO_CONTROLLERS, UNSTABLE, DEGRADED, STABLE, UNKNOWN |
ControllerNodeAggregateInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 |
| id | Unique identifier of this resource | string | Readonly |
| node_interface_properties | Array of Node interface statistic properties | array of NodeInterfaceProperties | Readonly |
| node_interface_statistics | Array of Node network interface statistic properties | array of NodeInterfaceStatisticsProperties | Readonly |
| node_status | ClusterNodeStatus | Readonly | |
| node_status_properties | Time series of the node's system properties | array of NodeStatusProperties | |
| role_config | ControllerClusterRoleConfig | Readonly |
ControllerProfilerProperties (schema)
Controller profiler properties
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| enabled | True for enabling controller profiler,
False for disabling controller profiler. |
boolean |
CookiePersistenceModeType (schema) (Deprecated)
cookie persistence mode
If the persistence cookie is found in the incoming request, value of the
cookie is used to identify the server that this request should be sent to.
If the cookie is not found, then the server selection algorithm is used to
select a new server to handle that request.
Three different modes of cookie persistence are supported: insert, prefix
and rewrite.
In cookie insert mode, a cookie is inserted by load balancer in the HTTP
response going from server to client.
In cookie prefix and rewrite modes, server controls the cookie and load
balancer only manipulates the value of the cookie. In prefix mode, server's
cookie value is prepended with the server IP and port and then sent to the
client. In rewrite mode, entire server's cookie value is replaced with the
server IP and port in the response before sending it to the client.
| Name | Description | Type | Notes |
|---|---|---|---|
| CookiePersistenceModeType | cookie persistence mode If the persistence cookie is found in the incoming request, value of the cookie is used to identify the server that this request should be sent to. If the cookie is not found, then the server selection algorithm is used to select a new server to handle that request. Three different modes of cookie persistence are supported: insert, prefix and rewrite. In cookie insert mode, a cookie is inserted by load balancer in the HTTP response going from server to client. In cookie prefix and rewrite modes, server controls the cookie and load balancer only manipulates the value of the cookie. In prefix mode, server's cookie value is prepended with the server IP and port and then sent to the client. In rewrite mode, entire server's cookie value is replaced with the server IP and port in the response before sending it to the client. |
string | Deprecated Enum: INSERT, PREFIX, REWRITE |
CookieTimeType (schema) (Deprecated)
Snat translation type
Both session cookie and persistence cookie are supported,
Use LbSessionCookieTime for session cookie time setting,
Use LbPersistenceCookieTime for persistence cookie time setting
| Name | Description | Type | Notes |
|---|---|---|---|
| CookieTimeType | Snat translation type Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting |
string | Deprecated Enum: LbSessionCookieTime, LbPersistenceCookieTime |
CopyFromRemoteFileProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| protocol | Protocol to use to copy file | Protocol (Abstract type: pass one of the following concrete types) HttpProtocol HttpsProtocol ScpProtocol SftpProtocol |
Required |
| server | Remote server hostname or IP address | string | Required Pattern: "^[^/:]+$" |
| uri | URI of file to copy | string | Required |
CopyRemoteFileProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| server | Remote server hostname or IP address | string | Required Pattern: "^[^/:]+$" |
| uri | URI of file to copy | string | Required |
CopyToRemoteFileProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| protocol | Protocol to use to copy file Only scp and sftp may be used. |
Protocol (Abstract type: pass one of the following concrete types) HttpProtocol HttpsProtocol ScpProtocol SftpProtocol |
Required |
| server | Remote server hostname or IP address | string | Required Pattern: "^[^/:]+$" |
| uri | URI of file to copy | string | Required |
CpuCoreConfigForEnhancedNetworkingStackSwitch (schema) (Deprecated)
Enhanced Networking Stack CPU configuration
Non Uniform Memory Access (NUMA) nodes and Logical cpu cores (Lcores) per NUMA node configuration for Enhanced Networking Stack enabled HostSwitch.
| Name | Description | Type | Notes |
|---|---|---|---|
| num_lcores | Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node | int | Required Minimum: 1 |
| numa_node_index | Unique index of the Non Uniform Memory Access (NUMA) node | int | Required Minimum: 0 |
CpuStats (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| core | core id CPU id |
string | Readonly |
| cpu_type | cpu type cpu type, one of datapath_core, controlpath_core and service_core |
string | Readonly Enum: datapath_core, controlpath_core, service_core Default: "controlpath_core" |
| crypto | CPU crypto usage CPU crypto usage(pps) |
string | Readonly |
| intercore | CPU intercore usage CPU intercore usage(pps) |
string | Readonly |
| kni | CPU kni usage CPU kni usage(pps) |
string | Readonly |
| packet_processing_usage | Datapath CPU packet processing usage Datapath CPU packet processing usage(%) |
string | Readonly |
| rx | CPU rx usage CPU rx usage(pps) |
string | Readonly |
| slowpath | CPU slowpath usage CPU slowpath usage(pps) |
string | Readonly |
| tx | CPU tx usage CPU tx usage(pps) |
string | Readonly |
| usage | CPU usage CPU usage(%) |
string | Readonly |
CpuUsage (schema)
CPU usage of DPDK and non-DPDK cores
| Name | Description | Type | Notes |
|---|---|---|---|
| avg_cpu_core_usage_dpdk | Average utilization of all DPDK cores Indicates the average usage of all DPDK cores in percentage. |
number | Readonly |
| avg_cpu_core_usage_non_dpdk | Average usage of all non-DPDK cores Indicates the average usage of all non-DPDK cores in percentage. |
number | Readonly |
| highest_cpu_core_usage_dpdk | Highest CPU utilization value among DPDK cores Indicates the highest CPU utilization value among DPDK cores in percentage. |
number | Readonly |
| highest_cpu_core_usage_non_dpdk | Highest CPU utilization value among non-DPDK cores Indicates the highest cpu utilization value among non_dpdk cores in percentage. |
number | Readonly |
CreateRemoteDirectoryProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| protocol | Protocol to use to copy file | SftpProtocol | Required |
| server | Remote server hostname or IP address | string | Required Pattern: "^[^/:]+$" |
| uri | URI of file to copy | string | Required |
Criterion (schema)
Event Criterion
Event Criterion is the logical evaluations by which the event may
be deemed fulfilled. All the evaluations must be met in order for
the criterion to be met (implicit AND).
| Name | Description | Type | Notes |
|---|---|---|---|
| evaluations | Criterion Evaluations Criterion Evaluations. |
array of Evaluation (Abstract type: pass one of the following concrete types) SourceFieldEvaluation |
Required Minimum items: 1 |
Crl (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| crl_type | Type of CRL The type of the CRL. It can be "OneCRL" or "X509" (default). |
string | Enum: OneCRL, X509 Default: "X509" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| details | Details of the X509Crl object. | X509Crl | Readonly |
| details_revoked_by_issuer_and_serial_number | Certificates revoked by issuer and serial number | array of IssuerSerialNumber | Readonly |
| details_revoked_by_subject_and_public_key_hash | Certificates revoked by subject and public key hash | array of SubjectPublicKeyHash | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| one_crl | JSON-encoded OneCRL-like object | string | |
| pem_encoded | PEM encoded CRL data. | string | |
| resource_type | Must be set to the value Crl | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CrlDistributionPoint (schema)
Reference to a CRL Distribution Point where to fetch a CRL
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cdp_uri | CDP URI CRL Distribution Point URI where to fetch the CRL. |
string | Required Readonly Maximum length: 255 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| issuer | Issuer Issuer of the CRL, referring to the CA. |
string | Required Readonly Maximum length: 255 |
| resource_type | Must be set to the value CrlDistributionPoint | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CrlDistributionPointList (schema)
CrlDistributionPoint query result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CrlDistributionPoint list. | array of CrlDistributionPoint | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CrlDistributionPointStatus (schema)
Reference to a CRL Distribution Point where to fetch a CRL
| Name | Description | Type | Notes |
|---|---|---|---|
| error_message | Error Message Error message when fetching the CRL failed. |
string | Readonly |
| status | Status Status of the fetched CRL for this CrlDistributionPoint |
CdpStatusType | Required Readonly |
CrlList (schema)
Crl queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CRL list. | array of Crl | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CrlObjectData (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| crl_type | Type of CRL The type of the CRL. It can be "OneCRL" or "X509" (default). |
string | Enum: OneCRL, X509 Default: "X509" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| one_crl | JSON-encoded OneCRL-like object | string | |
| pem_encoded | PEM encoded CRL data. | string | |
| resource_type | Must be set to the value CrlObjectData | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CrlPemRequestType (schema)
Request Type to get a CRL's PEM file.
| Name | Description | Type | Notes |
|---|---|---|---|
| cdp_uri | CDP URI CRL Distribution Point URI where to fetch the CRL. |
string | Required Readonly Maximum length: 255 |
CrossSiteFlowInfo (schema)
Information about config flow in federation
Represents details of the config flow between sites.
Federation has the following flows
- Global Manager to Local Manager (GM -> LM)
- Local Manager to Glocal Manager (LM -> GM)
- Global Manager Active to Glocal Manager Standby (GM -> GM)
- Local Manager to Local Manager (LM -> LM)
| Name | Description | Type | Notes |
|---|---|---|---|
| from_site_id | Site id of the source | string | |
| from_site_path | Source site policy path | string | |
| full_sync_info | Full sync information for the flow | FullSyncInfo | |
| latency_measured_ts | Timestamp of latency measurement | integer | |
| latency_millis | Latency from source to destination site in milli seconds | integer | |
| status | Overall status of the flow | string | Enum: GOOD, DISCONNECTED, RECOVERY, ERROR, UNKNOWN, NOT_READY |
| to_site_id | Site id of the destination | string | |
| to_site_path | Destination site policy path | string |
CryptoAlgorithm (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| key_size | Supported key sizes for the algorithm. | array of KeySize | Required Readonly |
| name | Crypto algorithm name. | string | Required Readonly |
CryptoEnforcement (schema)
Action for crypto enforcement
If enforced and if TLS protocol Client/Server Hello has none of the
permitted TLS versions or ciphers then the connection is immediately terminated.
| Name | Description | Type | Notes |
|---|---|---|---|
| CryptoEnforcement | Action for crypto enforcement If enforced and if TLS protocol Client/Server Hello has none of the permitted TLS versions or ciphers then the connection is immediately terminated. |
string | Readonly Enum: ENFORCE, TRANSPARENT |
CsmStatus (schema)
Information about status of cloud service manager
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| display_name | Name of the Csm instance | string | Readonly |
| id | UUID of the Csm appliance Identifier of the Csm appliance |
string | Required Readonly |
| ip_address | IP address of Csm instance | string | Readonly |
| managed_by_vmware | Mode of running of Csm instance This property is used only if CSM is running in service mode |
boolean | Readonly |
| supported_clouds | Indication of clouds supported by CSM This property provides the list of names of supported clouds by CSM. |
array of CloudTypeInfo | Required Readonly |
| version | Version of Csm | string | Required Readonly |
CsmSupportedRegions (schema)
Csm supported regions for cloud type
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cloud_type | Type of cloud | string | Readonly Enum: AWS, AZURE, AWS_GOV_US_EAST, AWS_GOV_US_WEST, AZURE_GOV_US |
| supported_regions | Array of supported regions on the type of cloud | array of string | Readonly |
CsmSupportedRegionsListResult (schema)
List of all Csm supported regions per cloud type
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of supported regions per cloud type | array of CsmSupportedRegions | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CsmSystemConfig (schema)
CSM system management configuration information
CSM deploys Gateway (PCG) in the cloud, CSM mgmt IP may or may not be the
same as the IP exposed to PCG. Configuring the IP CIDRs that are exposed
to the PCG (after NAT) would allow CSM to configure cloud gateway security
group to be only accessed via appropriate IP CIDRs.
| Name | Description | Type | Notes |
|---|---|---|---|
| mgmt_ip_config | List of management IP CIDRs. | array of CidrBlock |
CsmVpnEndpoint (schema)
NSX managed CSM VPN endpoint
Details of a CSM VPN endpoint which can either be an AWS VPC or
an Azure VNET managed by NSX
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Display name for the CSM VPN endpoint | string | Required Readonly |
| endpoint_type | Type of endpoint like AWS, Azure or other supported clouds | string | Required Readonly Enum: AWS, AZURE, GOOGLE, AZURE_GOV_US, AWS_GOV_US_EAST, AWS_GOV_US_WEST |
| id | Unique identifier for the CSM VPN endpoint | string | Required Readonly |
CsmVpnEndpointsListRequestParameters (schema)
These parameters can be used to filter the list of CSM VPN endpoints.
Multiple parameters can be given as input. Different parameters are implicitly 'AND'ed.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| endpoint_type | Endpoint type based on which the CSM VPN endpoints list is to be filtered | string | Enum: AWS, AZURE, GOOGLE, AZURE_GOV_US, AWS_GOV_US_EAST, AWS_GOV_US_WEST |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
CsmVpnEndpointsListResult (schema)
List of NSX managed CSM VPN endpoints
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | NSX managed CSM VPN endpoints | array of CsmVpnEndpoint | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CsmVpnSession (schema)
CSM VPN session details
Details of a CSM VPN session like name, source and destination
endpoints
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_endpoint | Destination endpoint of the CSM VPN session Destination endpoint of the CSM VPN session can be a cloud endpoint like AWS VPC, Azure VNET managed by NSX. |
CsmVpnEndpoint | Required |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value CsmVpnSession | string | |
| source_endpoint | Source endpoint of the CSM VPN session Source endpoint of the CSM VPN session can be a cloud endpoint like AWS VPC, Azure VNET managed by NSX. |
CsmVpnEndpoint | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CsmVpnSessionStatus (schema)
CSM VPN session status and details
Status and details of a CSM VPN session
| Name | Description | Type | Notes |
|---|---|---|---|
| details | CSM VPN session details Details of the CSM VPN session with endpoints and the status of the session. |
CsmVpnSession | Required Readonly |
| state | Realized state of the CSM VPN session | string | Required Readonly Enum: DOWN, UP, IN_PROGRESS |
| status_message | Detailed status message of the CSM VPN session | string | Readonly |
CsmVpnSessionStatusListRequestParameters (schema)
These parameters can be used to filter the list of CSM VPN sessions statuses.
Multiple parameters can be given as input. Different parameters are implicitly 'AND'ed.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| refresh | Flag to fetch the updated list of CSM VPN sessions statuses | boolean | Default: "False" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| state | CSM VPN session realized state based on which the CSM VPN sessions list is to be filtered | string | Enum: DOWN, UP, IN_PROGRESS |
CsmVpnSessionStatusListResult (schema)
CSM VPN sessions status list
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of CSM VPN sessions statuses | array of CsmVpnSessionStatus | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
Csr (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| algorithm | Cryptographic algorithm (asymmetric) used by the public key for data encryption. | string | Enum: RSA Default: "RSA" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| is_ca | Whether the CSR is for a CA certificate. | boolean | Default: "False" |
| key_size | Size measured in bits of the public key used in a cryptographic algorithm. | integer | Default: "4096" |
| pem_encoded | PEM encoded certificate data. | string | Readonly |
| resource_type | Must be set to the value Csr | string | |
| subject | The certificate owner's information. (CN, O, OU, C, ST, L) | Principal | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CsrExt (schema)
Extended certificate signing request body
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp |