NSX-T Data Center REST API

Deprecated Types

The following API types are deprecated in this version. Deprecated types continue to function, but may be removed in a future NSX version.

# *************************************************************************** # Copyright 2020-2024 VMware, Inc. All rights reserved. VMware Confidential. # ***************************************************************************

AddressBindingEntry (schema) (Deprecated)

Combination of IP-MAC-VLAN binding

An address binding entry is a combination of the IP-MAC-VLAN binding for
a logical port. The address bindings can be obtained via various methods
like ARP snooping, DHCP snooping etc. or by user configuration.

Name	Description	Type	Notes
binding	Combination of IP-MAC-VLAN binding	PacketAddressClassifier
binding_timestamp	Timestamp of binding Timestamp at which the binding was discovered via snooping or manually specified by the user	EpochMsTimestamp
source	Address binding source Source from which the address binding entry was obtained	AddressBindingSource	Default: "UNKNOWN"

AddressBindingSource (schema) (Deprecated)

Source from which the address binding is obtained

Name	Description	Type	Notes
AddressBindingSource	Source from which the address binding is obtained	string	Deprecated Enum: INVALID, UNKNOWN, USER_DEFINED, ARP_SNOOPING, DHCP_SNOOPING, VM_TOOLS, ND_SNOOPING, DHCPV6_SNOOPING, VM_TOOLS_V6

AssignedByDhcp (schema) (Deprecated)

DHCP based IP assignment.

This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.

Name	Description	Type	Notes
resource_type	Must be set to the value AssignedByDhcp	string	Required Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec, NoIpv4, FromEsxiVmknic

AttachedInterface (schema) (Deprecated)

Attached interface specification for Bare metal server

The Attached interface is only effective for the port on Bare metal server.

Name	Description	Type	Notes
app_intf_name	The name of application interface	string	Required
default_gateway	Gateway IP	IPAddress
migrate_intf	Interface name to migrate IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP.	string
routing_table	Routing rules	array of string

AttachmentContext (schema) (Deprecated)

This is an abstract type. Concrete child types:
L2VpnAttachmentContext
VifAttachmentContext

Name	Description	Type	Notes
allocate_addresses	A flag to indicate whether to allocate addresses from allocation pools bound to the parent logical switch.	string	Enum: IpPool, MacPool, Both, None, Dhcp, DhcpV6, SLAAC
resource_type	Used to identify which concrete class it is	string	Required

AttachmentType (schema) (Deprecated)

Type of attachment for logical port.

Name	Description	Type	Notes
AttachmentType	Type of attachment for logical port.	string	Deprecated Enum: VIF, LOGICALROUTER, BRIDGEENDPOINT, DHCP_SERVICE, METADATA_PROXY, L2VPN_SESSION, L2FORWARDER

AttachmentTypeQueryString (schema) (Deprecated)

Type of attachment for logical port; for query only.

Name	Description	Type	Notes
AttachmentTypeQueryString	Type of attachment for logical port; for query only.	string	Deprecated Enum: VIF, LOGICALROUTER, BRIDGEENDPOINT, DHCP_SERVICE, METADATA_PROXY, L2VPN_SESSION, NONE

BMSGroupAssociationRequestParams (schema) (Removed in 9.0)

List request parameters containing Physical server external ID and enforcement point path

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
enforcement_point_path	String Path of the enforcement point The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.	string
include_mark_for_delete_objects	Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
physical_server_external_id	Physical external ID	string	Required
sort_ascending		boolean
sort_by	Field by which records are sorted	string

BaseHostSwitchProfile (schema) (Deprecated)

This is an abstract type. Concrete child types:
ExtraConfigHostSwitchProfile
LldpHostSwitchProfile
NiocProfile
UplinkHostSwitchProfile

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
required_capabilities		array of string	Readonly
resource_type	Must be set to the value BaseHostSwitchProfile	HostSwitchProfileType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

BaseSwitchingProfile (schema) (Deprecated)

This is an abstract type. Concrete child types:
IpDiscoverySwitchingProfile
MacManagementSwitchingProfile
QosSwitchingProfile
SpoofGuardSwitchingProfile
SwitchSecuritySwitchingProfile

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
required_capabilities		array of string	Readonly
resource_type	Must be set to the value BaseSwitchingProfile	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

BfdHealthMonitoringProfile (schema) (Deprecated)

Profile for BFD health monitoring

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Whether the heartbeat is enabled. A POST or PUT request with "enabled" false (with no probe intervals) will set (POST) or reset (PUT) the probe_interval to their default value.	boolean	Required
id	Unique identifier of this resource	string	Sortable
latency_enabled	Whether the latency is enabled. The flag is to turn on/off latency. A POST or PUT request with "latency_enabled" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI.	boolean
probe_interval	The time interval (in millisec) between probe packets for tunnels between transport nodes.	integer	Minimum: 300 Default: "1000"
resource_type	Must be set to the value BfdHealthMonitoringProfile	string	Required Enum: BfdHealthMonitoringProfile
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

BpduFilter (schema) (Deprecated)

BPDU filter configuration

Name	Description	Type	Notes
enabled	Indicates whether BPDU filter is enabled	boolean	Required
white_list	Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering	array of string	Minimum items: 0 Maximum items: 32

BridgeHighAvailabilityClusterProfile (schema) (Deprecated)

Profile for BFD HA cluster setting

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
bfd_probe_interval	the time interval (in millisec) between probe packets for heartbeat purpose	integer	Minimum: 300 Maximum: 60000 Default: "1000"
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enable	whether the heartbeat is enabled	boolean	Default: "True"
id	Unique identifier of this resource	string	Sortable
resource_type	Must be set to the value BridgeHighAvailabilityClusterProfile	ClusterProfileType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

CdpStatusType (schema) (Deprecated)

Status types supported of the CrlDistributionPoint

Name	Description	Type	Notes
CdpStatusType	Status types supported of the CrlDistributionPoint	string	Deprecated Enum: NOT_READY, FETCHING, READY, ERROR

ChildCommunicationEntry (schema) (Deprecated)

Wrapper object for CommunicationEntry

Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead.

Name	Description	Type	Notes
CommunicationEntry	CommunicationEntry Contains the actual CommunicationEntry object.	CommunicationEntry	Required
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
mark_for_override	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.	boolean	Default: "False"
request_parameter	Generic type for passing the API request parameters.	PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter
resource_type	Must be set to the value ChildCommunicationEntry	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

ChildCommunicationMap (schema) (Deprecated)

Wrapper object for CommunicationMap

Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead.

Name	Description	Type	Notes
CommunicationMap	CommunicationMap Contains the actual CommunicationMap object.	CommunicationMap	Required
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
mark_for_override	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.	boolean	Default: "False"
request_parameter	Generic type for passing the API request parameters.	PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter
resource_type	Must be set to the value ChildCommunicationMap	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

ChildDeploymentZone (schema) (Deprecated)

Wrapper object for DeploymentZone

Child wrapper object for DeploymentZone, used in hierarchical API

Name	Description	Type	Notes
DeploymentZone	DeploymentZone Contains the actual DeploymentZone object	DeploymentZone	Required
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
mark_for_override	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.	boolean	Default: "False"
request_parameter	Generic type for passing the API request parameters.	PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter
resource_type	Must be set to the value ChildDeploymentZone	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

ChildL2Vpn (schema) (Deprecated)

Wrapper object for L2Vpn

Child wrapper object for L2Vpn, used in hierarchical API.

Name	Description	Type	Notes
L2Vpn	L2Vpn Contains the actual L2Vpn object.	L2Vpn	Required
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
mark_for_override	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.	boolean	Default: "False"
request_parameter	Generic type for passing the API request parameters.	PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter
resource_type	Must be set to the value ChildL2Vpn	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

ChildL2VpnContext (schema) (Deprecated)

Wrapper object for L2VpnContext

Child wrapper object for L2VpnContext, used in hierarchical API.

Name	Description	Type	Notes
L2VpnContext	L2VpnContext Contains the actual L2VpnContext object.	L2VpnContext	Required
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
mark_for_override	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.	boolean	Default: "False"
request_parameter	Generic type for passing the API request parameters.	PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter
resource_type	Must be set to the value ChildL2VpnContext	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

ChildL3Vpn (schema) (Deprecated)

Wrapper object for L3Vpn

Child wrapper object for L3Vpn, used in hierarchical API.

Name	Description	Type	Notes
L3Vpn	L3Vpn Contains the actual L3Vpn object.	L3Vpn	Required
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
mark_for_override	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.	boolean	Default: "False"
request_parameter	Generic type for passing the API request parameters.	PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter
resource_type	Must be set to the value ChildL3Vpn	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

ChildL3VpnContext (schema) (Deprecated)

Wrapper object for L3VpnContext

Child wrapper object for L3VpnContext, used in hierarchical API.

Name	Description	Type	Notes
L3VpnContext	L3VpnContext Contains the actual L3VpnContext object.	L3VpnContext	Required
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
mark_for_override	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.	boolean	Default: "False"
request_parameter	Generic type for passing the API request parameters.	PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter
resource_type	Must be set to the value ChildL3VpnContext	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

ClasslessStaticRoute (schema) (Deprecated)

DHCP classless static route option

DHCP classless static route option.

Name	Description	Type	Notes
network	Destination in CIDR Destination network in CIDR format.	IPElement	Required
next_hop	Router IP address of next hop of the route.	IPAddress	Required

ClientSslProfileBinding (schema) (Deprecated)

Name	Description	Type	Notes
certificate_chain_depth	the maximum traversal depth of client certificate chain authentication depth is used to set the verification depth in the client certificates chain.	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
client_auth	client authentication mode	ClientAuthType	Default: "IGNORE"
client_auth_ca_ids	CA identifier list to verify client certificate If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.	array of string
client_auth_crl_ids	CRL identifier list to verify client certificate A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates.	array of string
default_certificate_id	default service certificate identifier A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.	string	Required
sni_certificate_ids	SNI certificate identifier list Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server.	array of string
ssl_profile_id	client SSL profile identifier Client SSL profile defines reusable, application-independent client side SSL properties.	string

ClusterProfileTypeIdEntry (schema) (Deprecated)

Name	Description	Type	Notes
profile_id	key value	string	Required
resource_type		ClusterProfileType

CommunicationEntry (schema) (Deprecated)

A communication entry specifies the security policy between the workload groups

A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
action	Action The action to be applied to all the services.	string	Enum: ALLOW, DROP, REJECT
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource Children are not allowed for this type
description	Description of this resource	string	Maximum length: 1024 Sortable
destination_groups	Destination group paths We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.	array of string	Maximum items: 128
direction	Direction Define direction of traffic.	string	Enum: IN, OUT, IN_OUT Default: "IN_OUT"
disabled	Flag to deactivate the rule Flag to deactivate the rule. Default is activated.	boolean	Default: "False"
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
logged	Enable logging flag Flag to enable packet logging. Default is deactivated.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
notes	Text for additional notes on changes Text for additional notes on changes.	string
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
resource_type	Must be set to the value CommunicationEntry	string
scope	The list of policy paths where the communication entry is applied Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied on multiple LRs/LRPs.	array of string	Maximum items: 128
sequence_number	Sequence number of the this CommunicationEntry This field is used to resolve conflicts between multiple CommunicationEntries under CommunicationMap for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple communication entries with the same sequence number then their order is not deterministic. If a specific order of communication entry is desired, then one has to specify unique sequence numbers or use the POST request on the communication entry entity with a query parameter action=revise to let the framework assign a sequence number	int
services	Names of services In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.	array of string	Maximum items: 128
source_groups	Source group paths We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.	array of string	Maximum items: 128
tag	Tag applied on the communication entry User level field which will be printed in CLI and packet logs.	string	Maximum length: 32
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

CommunicationEntryInsertParameters (schema) (Deprecated)

Parameters to tell where communication entry needs to be placed

Parameters to let the admin specify a relative position of a communication
entry w.r.t to another one in the same communication map. If the
communication entry specified in the anchor_path belongs to another
communication map an error will be thrown
This type is deprecated. Use the type RuleInsertParameters instead.

Name	Description	Type	Notes
anchor_path	The communication map/communication entry path if operation is 'insert_after' or 'insert_before'	string
operation	Operation	string	Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top"

CommunicationEntryListRequestParameters (schema) (Deprecated)

CommunicationEntry list request parameters

This type is deprecated. Use the type RuleListRequestParameters instead.

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
include_mark_for_delete_objects	Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string

CommunicationEntryListResult (schema) (Deprecated)

Paged Collection of CommunicationEntries

This type is deprecated. Use the type RuleListResult instead.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	CommunicationEntry list results	array of CommunicationEntry	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

CommunicationInsertParameters (schema) (Deprecated)

Parameters to tell where communication map/communication entry
needs to be placed

Parameters to let the admin specify a relative position of a communication
map or communication entry w.r.t to another one.
This type is deprecated. Use the type RuleInsertParameters instead.

Name	Description	Type	Notes
anchor_path	The communication map/communication entry path if operation is 'insert_after' or 'insert_before'	string
operation	Operation	string	Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top"

CommunicationMap (schema) (Deprecated)

Contains ordered list of CommunicationEntries

Ordered list of CommunicationEntries. This object is created by default
along with the Domain.
This type is deprecated. Use the type SecurityPolicy instead.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
category	A way to classify a communication map, if needed. - Distributed Firewall - Policy framework for Distributed Firewall provides four pre-defined categories for classifying a communication map. They are "Emergency", "Infrastructure", "Environment" and "Application". Amongst the layer 3 communication maps,there is a pre-determined order in which the policy framework manages the priority of these communication maps. Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a communication map into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four layer 3 categories.	string
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildCommunicationEntry
communication_entries	CommunicationEntries that are a part of this CommunicationMap	array of CommunicationEntry
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
precedence	Precedence to resolve conflicts across Domains This field is used to resolve conflicts between communication maps across domains. In order to change the precedence of a communication map one can fire a POST request on the communication map entity with a query parameter action=revise The precedence field will reflect the value of the computed precedence upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several communication maps, the only way to set the precedence is to explicitly specify the precedence number for each communication map. If no precedence is specified in the payload, a value of 0 is assigned by default. If there are multiple communication maps with the same precedence then their order is not deterministic. If a specific order of communication map is desired, then one has to specify a unique precedence or use the POST request on the communication map entity with a query parameter action=revise to let the framework assign a precedence	int
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
resource_type	Must be set to the value CommunicationMap	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

CommunicationMapInsertParameters (schema) (Deprecated)

Parameters to tell where communication map needs to be placed

Parameters to let the admin specify a relative position of a communication
map w.r.t to another one.
This type is deprecated. Use the type SecurityPolicyInsertParameters instead.

Name	Description	Type	Notes
anchor_path	The communication map/communication entry path if operation is 'insert_after' or 'insert_before'	string
operation	Operation	string	Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top"

CommunicationMapListRequestParameters (schema) (Deprecated)

CommunicationMap list request parameters

This type is deprecated. Use the type SecurityPolicyListRequestParameters instead.

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
include_mark_for_delete_objects	Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string

CommunicationMapListResult (schema) (Deprecated)

Paged Collection of Communication map

This type is deprecated. Use the type SecurityPolicyListResult instead.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	CommunicationMap list results	array of CommunicationMap	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

ConditionalForwarderZone (schema) (Deprecated)

Name	Description	Type	Notes
domain_names	Domain names of a forwarder zone A forwarder domain name should be a valid FQDN. If reverse lookup is needed for this zone, reverse lookup domain name like X.in-addr.arpa can be defined. Here the X represents a subnet.	array of string	Required Minimum items: 1 Maximum items: 100
source_ip	Source ip of the forwarder The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used.	IPv4Address
upstream_servers	Ips of upsteam DNS servers Ip address of the upstream DNS servers the DNS forwarder accesses.	array of IPv4Address	Required Minimum items: 1 Maximum items: 3

CookieTimeType (schema) (Deprecated)

Snat translation type

Both session cookie and persistence cookie are supported,
Use LbSessionCookieTime for session cookie time setting,
Use LbPersistenceCookieTime for persistence cookie time setting

Name	Description	Type	Notes
CookieTimeType	Snat translation type Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting	string	Deprecated Enum: LbSessionCookieTime, LbPersistenceCookieTime

CpuCoreConfigForEnhancedNetworkingStackSwitch (schema) (Deprecated)

Enhanced Networking Stack CPU configuration

Non Uniform Memory Access (NUMA) nodes and Logical cpu cores (Lcores) per NUMA node configuration for Enhanced Networking Stack enabled HostSwitch.

Name	Description	Type	Notes
num_lcores	Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node	int	Required Minimum: 1
numa_node_index	Unique index of the Non Uniform Memory Access (NUMA) node	int	Required Minimum: 0

CrlDistributionPoint (schema) (Deprecated)

Reference to a CRL Distribution Point where to fetch a CRL

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
cdp_uri	CDP URI CRL Distribution Point URI where to fetch the CRL.	string	Required Readonly Maximum length: 255
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
issuer	Issuer Issuer of the CRL, referring to the CA.	string	Required Readonly Maximum length: 255
resource_type	Must be set to the value CrlDistributionPoint	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

CrlDistributionPointList (schema) (Deprecated)

CrlDistributionPoint query result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	CrlDistributionPoint list.	array of CrlDistributionPoint	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

CrlDistributionPointStatus (schema) (Deprecated)

Reference to a CRL Distribution Point where to fetch a CRL

Name	Description	Type	Notes
error_message	Error Message Error message when fetching the CRL failed.	string	Readonly
status	Status Status of the fetched CRL for this CrlDistributionPoint	CdpStatusType	Required Readonly

CrlPemRequestType (schema) (Deprecated)

Request Type to get a CRL's PEM file.

Name	Description	Type	Notes
cdp_uri	CDP URI CRL Distribution Point URI where to fetch the CRL.	string	Required Readonly Maximum length: 255

DeploymentZone (schema) (Deprecated)

Deployment zone

Logical grouping of enforcement points.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use Site.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildEnforcementPoint
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enforcement_points	Logical grouping of enforcement points	array of EnforcementPoint
id	Unique identifier of this resource	string	Sortable
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
resource_type	Must be set to the value DeploymentZone	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

DeploymentZoneListRequestParameters (schema) (Deprecated)

DeploymentZone list request parameters

DeploymentZone list request parameters.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use SiteListRequestParameters.

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
include_mark_for_delete_objects	Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string

DeploymentZoneListResult (schema) (Deprecated)

Paged Collection of Deployment Zones

Paged Collection of Deployment Zones.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use SiteListResult.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Deployment Zones	array of DeploymentZone	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DhcpDeleteLeaseRequestParameters (schema) (Deprecated)

Name	Description	Type	Notes
ip		IPAddress	Required
mac		MACAddress	Required

DhcpFilter (schema) (Deprecated)

DHCP filtering configuration

Name	Description	Type	Notes
client_block_enabled	Indicates whether DHCP client blocking is enabled	boolean	Required
server_block_enabled	Indicates whether DHCP server blocking is enabled	boolean	Required
v6_client_block_enabled	Indiactes whether DHCP v6 client blocking is enabled	boolean	Default: "False"
v6_server_block_enabled	Indiactes whether DHCP V6 server blocking is enabled	boolean	Default: "False"

DhcpIpPool (schema) (Deprecated)

DHCP ip-pool

DHCP ip-pool to define dynamic ip allocation ranges.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
allocation_ranges	Ip-ranges Ip-ranges to define dynamic ip allocation ranges.	array of IpPoolRange	Required
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
error_threshold	Error threshold, valid [80-100], default 100 Error threshold. Alert will be raised if the pool usage reaches the given threshold.	integer	Minimum: 80 Maximum: 100 Default: "100"
gateway_ip	Gateway ip Gateway ip address of the allocation.	IPAddress
id	Unique identifier of this resource	string	Sortable
lease_time	Lease time Lease time, in seconds, [60-(2^32-1)]. Default is 86400.	integer	Minimum: 60 Maximum: 4294967295 Default: "86400"
options	DHCP options If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.	DhcpOptions
resource_type	Must be set to the value DhcpIpPool	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
warning_threshold	Warning threshold, valid [50-80], default 80 Warning threshold. Alert will be raised if the pool usage reaches the given threshold.	integer	Minimum: 50 Maximum: 80 Default: "80"

DhcpIpPoolListResult (schema) (Deprecated)

A list of DHCP ip pools

A paginated list of DHCP ip pools.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Paginated list of DHCP ip pools A paginated list of DHCP ip pools.	array of DhcpIpPool	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DhcpIpPoolUsage (schema) (Deprecated)

Name	Description	Type
allocated_number	allocated number. COULD BE INACCURATE, REFERENCE ONLY.	integer
allocated_percentage	allocated percentage. COULD BE INACCURATE, REFERENCE ONLY.	integer
consumed_number	Consumed Number The consumed number is intended to display the total number of IP addresses consumed by DHCP clients. However, it may not always reflect an accurate count due to the asynchronous running DHCP data path.	integer
dhcp_ip_pool_id	uuid of dhcp ip pool	string
pool_size	pool size	integer

DhcpLeaseRequestParameters (schema) (Deprecated)

Name	Description	Type
address	can be an ip address, or an ip range, or a mac address	string
pool_id	The uuid of dhcp ip pool	string
source	The data source, either realtime or cached. If not provided, cached data is returned.	DataSourceType

DhcpOption121 (schema) (Deprecated)

DHCP option 121

DHCP option 121 to define classless static route.

Name	Description	Type	Notes
static_routes	DHCP classless static routes Classless static route of DHCP option 121.	array of ClasslessStaticRoute	Required Minimum items: 1 Maximum items: 27

DhcpOptions (schema) (Deprecated)

DHCP options

Define DHCP options of the DHCP service.

Name	Description	Type	Notes
option121	Option 121 DHCP option 121 to define classless static routes. Once Option 121 was defined, Option 249 will be auto-generated because they are equivalent.	DhcpOption121
others	Generic DHCP options other than option 121 To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. Option code 3, 6, 12, 51 should be configured as properties. -------------------------- Code Name -------------------------- 2 Time Offset 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time	array of GenericDhcpOption	Minimum items: 0 Maximum items: 255

DhcpProfile (schema) (Deprecated)

DHCP profile to specify edge cluster and members

DHCP profile to specify edge cluster and members on which the dhcp server
will run. A DhcpProfile can be referenced by different logical DHCP servers.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
edge_cluster_id	Edge cluster uuid Edge cluster uuid on which the referencing logical DHCP server runs.	string	Required
edge_cluster_member_indexes	Edge node indexes The Edge nodes on which the DHCP servers run. If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster. If only one edge node is provided, the DHCP servers will run without HA support.	array of integer	Minimum items: 0 Maximum items: 2
enable_standby_relocation	Flag to enable standby DHCP server relocation Flag to enable the auto-relocation of standby DHCP Service in case of edge node failure. Only tier 1 and auto placed DHCP servers are considered for the relocation.	boolean	Default: "False"
id	Unique identifier of this resource	string	Sortable
resource_type	Must be set to the value DhcpProfile	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DhcpProfileListResult (schema) (Deprecated)

A list of DHCP profiles

A paginated list of DHCP profiles.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Paginated list of DHCP profiles A paginated list of logical DHCP profiles.	array of DhcpProfile	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DhcpRelayProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
resource_type	Must be set to the value DhcpRelayProfile	string
server_addresses		array of IPAddress	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DhcpRelayProfileListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Dhcp relay profile list results	array of DhcpRelayProfile	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DhcpRelayService (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
dhcp_relay_profile_id	dhcp relay profile referenced by the dhcp relay service	string	Required
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
resource_type	Must be set to the value DhcpRelayService	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DhcpRelayServiceListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Dhcp relay service list results	array of DhcpRelayService	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DhcpServerStatus (schema) (Deprecated)

Name	Description	Type	Notes
active_node	uuid of active transport node	string
error_message	Error message, if available	string
service_status	UP means the dhcp service is working fine on both active transport-node and stand-by transport-node (if have), hence fail-over can work at this time if there is failure happens on one of the transport-node; DOWN means the dhcp service is down on both active transport-node and stand-by node (if have), hence the dhcp-service will not repsonse any dhcp request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The dhcp service may be working (or not working); NO_STANDBY means dhcp service is working in one of the transport node while not in the other transport-node (if have). Hence if the dhcp service in the working transport-node is down, fail-over will not happen and the dhcp service will go down.	string	Enum: UP, DOWN, ERROR, NO_STANDBY
stand_by_node	uuid of stand_by transport node. null if non-HA mode	string

DhcpStaticBinding (schema) (Deprecated)

DHCP static binding

DHCP static binding to define a static ip allocation.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
gateway_ip	Gateway ip Gateway ip address of the allocation.	IPAddress
host_name	Host name The host name to be assigned to the host.	string	Format: hostname
id	Unique identifier of this resource	string	Sortable
ip_address	Ip address The ip address to be assigned to the host.	IPAddress	Required
lease_time	Lease time Lease time, in seconds, [60-(2^32-1)]. Default is 86400.	integer	Minimum: 60 Maximum: 4294967295 Default: "86400"
mac_address	MAC address The MAC address of the host.	MACAddress	Required
options	DHCP options If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.	DhcpOptions
resource_type	Must be set to the value DhcpStaticBinding	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DhcpStaticBindingListResult (schema) (Deprecated)

A list of DHCP static bindings

A paginated list of DHCP static bindings.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Paginated list of DHCP static bindings A paginated list of DHCP static bindings.	array of DhcpStaticBinding	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DhcpStatistics (schema) (Deprecated)

Name	Description	Type
acks	The total number of DHCP ACK packets	integer
declines	The total number of DHCP DECLINE packets	integer
dhcp_server_id	dhcp server uuid	string
discovers	The total number of DHCP DISCOVER packets	integer
errors	The total number of DHCP errors	integer
informs	The total number of DHCP INFORM packets	integer
ip_pool_stats	The DHCP ip pool usage statistics	array of DhcpIpPoolUsage
nacks	The total number of DHCP NACK packets	integer
offers	The total number of DHCP OFFER packets	integer
releases	The total number of DHCP RELEASE packets	integer
requests	The total number of DHCP REQUEST packets	integer
timestamp	timestamp of the statistics	EpochMsTimestamp

DhcpV6InfoBase (schema) (Deprecated)

Base type of IPv6 ip-allocation

Base type of IPv6 ip-allocation extended by ip-pool and static-binding.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dns_nameservers	DNS ips Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.	array of IPv6Address	Minimum items: 0 Maximum items: 2
domain_names	Domain name Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.	array of string
id	Unique identifier of this resource	string	Sortable
lease_time	Lease time Lease time, in seconds.	integer	Minimum: 60 Maximum: 4294967295 Default: "86400"
preferred_time	Preferred time Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.	integer	Minimum: 48 Maximum: 4294967295
resource_type	Must be set to the value DhcpV6InfoBase	string
sntp_servers	SNTP server ips SNTP server ips.	array of IPv6Address	Minimum items: 0 Maximum items: 2
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DhcpV6IpPool (schema) (Deprecated)

DHCP IPv6 ip pool

DHCP IPv6 ip pool to define dynamic ip allocation ranges.
The DhcpV6IpPool would only provide stateless DHCP (domain search list,
DNS servers, SNTP servers) to client if both the ranges and excluded_ranges
are not specified.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dns_nameservers	DNS ips Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.	array of IPv6Address	Minimum items: 0 Maximum items: 2
domain_names	Domain name Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.	array of string
excluded_ranges	Excluded range of IPv6 addresses Excluded addresses to define dynamic ip allocation ranges.	array of IpPoolRange	Minimum items: 0 Maximum items: 128
id	Unique identifier of this resource	string	Sortable
lease_time	Lease time Lease time, in seconds.	integer	Minimum: 60 Maximum: 4294967295 Default: "86400"
preferred_time	Preferred time Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.	integer	Minimum: 48 Maximum: 4294967295
ranges	Ip address ranges Ip address ranges to define dynamic ip allocation ranges.	array of IpPoolRange	Minimum items: 0 Maximum items: 128
resource_type	Must be set to the value DhcpV6IpPool	string
sntp_servers	SNTP server ips SNTP server ips.	array of IPv6Address	Minimum items: 0 Maximum items: 2
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DhcpV6IpPoolListResult (schema) (Deprecated)

A list of DHCP IPv6 ip pools

A paginated list of DHCP IPv6 ip pools.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Paginated list of DHCP IPv6 ip pools A paginated list of DHCP IPv6 ip pools.	array of DhcpV6IpPool
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DhcpV6StaticBinding (schema) (Deprecated)

DHCP IPv6 static binding

DHCP IPv6 static binding to define a static ip allocation.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dns_nameservers	DNS ips Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.	array of IPv6Address	Minimum items: 0 Maximum items: 2
domain_names	Domain name Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.	array of string
id	Unique identifier of this resource	string	Sortable
ip_addresses	Ip address list When not specified, no ip address will be assigned to client host.	array of IPv6Address	Minimum items: 0 Maximum items: 1
lease_time	Lease time Lease time, in seconds.	integer	Minimum: 60 Maximum: 4294967295 Default: "86400"
mac_address	MAC address The MAC address of the host. Either client-duid or mac-address, but not both.	MACAddress
preferred_time	Preferred time Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.	integer	Minimum: 48 Maximum: 4294967295
resource_type	Must be set to the value DhcpV6StaticBinding	string
sntp_servers	SNTP server ips SNTP server ips.	array of IPv6Address	Minimum items: 0 Maximum items: 2
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DhcpV6StaticBindingListResult (schema) (Deprecated)

A list of DHCP IPv6 static bindings

A paginated list of DHCP IPv6 static bindings.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Paginated list of DHCP IPv6 static bindings A paginated list of DHCP IPv6 static bindings.	array of DhcpV6StaticBinding
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DirectionType (schema) (Deprecated)

port mirroring direction

Name	Description	Type	Notes
DirectionType	port mirroring direction	string	Deprecated Enum: INGRESS, EGRESS, BIDIRECTIONAL Default: "BIDIRECTIONAL"

DnsAnswer (schema) (Deprecated)

Answer of dns nslookup

The response for DNS nslookup.

Name	Description	Type	Notes
answers	The answers of the query. The answers of the query.	array of DnsQueryAnswer	Minimum items: 1 Maximum items: 256
dns_server	DNS server information Dns server ip address and port, format is "ip address#port".	string	Required
edge_node_id	Edge node id ID of the edge node that performed the query.	string	Required
raw_answer	Raw message returned from the DNS forwarder It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer.	string
source_ip	The source ip used in this lookup The source ip used in this lookup.	IPv4Address	Required
authoritative_answers	Authoritative answers Authotitative answers of the query. This is a deprecated property, please use 'answers' instead.	array of DnsQueryAnswer	Deprecated Minimum items: 1 Maximum items: 256
non_authoritative_answers	Non authoritative answers Non-authotitative answers of the query. This is a deprecated property, please use 'answers' instead.	array of DnsQueryAnswer	Deprecated Minimum items: 1 Maximum items: 256

DnsFailedQueryRequestParameters (schema) (Deprecated)

The request parameters to get failed DNS queries

To specify how many failed DNS queries will be returned.

Name	Description	Type	Notes
count	The count of the failed DNS queries How many failed DNS queries should be returned.	integer	Minimum: 1 Maximum: 1000 Default: "100"

DnsForwarder (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
cache_size	Cache size in KB One DNS answer cache entry will consume ~120 bytes. Hence 1 KB cache size can cache ~8 DNS answer entries, and the default 1024 KB cache size can hold ~8k DNS answer entries.	int	Minimum: 1 Maximum: 16777216 Default: "1024"
conditional_forwarders	Conditional zone forwarders The conditional zone forwarders. During matching a zone forwarder, the DNS forwarder will use the conditional fowarder with the longest domain name that matches the query.	array of ConditionalForwarderZone	Maximum items: 5
default_forwarder	Default zone forwarder The default zone forwarder that catches all other domain names except those matched by conditional forwarder zone.	ForwarderZone	Required
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Flag to enable/disable the forwarder	boolean	Default: "True"
id	Unique identifier of this resource	string	Sortable
listener_ip	Listener ip address The ip address the DNS forwarder listens on. It can be an ip address already owned by the logical-router uplink port or router-link, or a loopback port ip address. But it can not be a downlink port address. User needs to ensure the address is reachable via router or NAT from both client VMs and upstream servers. User will need to create Firewall rules if needed to allow such traffic on a Tier-1 or Tier-0.	IPv4Address	Required
log_level	Log level of the DNS forwarder	string	Enum: DEBUG, INFO, WARNING, ERROR, FATAL Default: "INFO"
logical_router_id	Logical router id Specify the LogicalRouter where the DnsForwarder runs. The HA mode of the hosting LogicalRouter must be Active/Standby.	string	Required
resource_type	Must be set to the value DnsForwarder	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DnsForwarderListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Paginated list of DNS forwarders	array of DnsForwarder	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

DnsForwarderStatistics (schema) (Deprecated)

Statistics counters of the DNS forwarder

The current statistics counters of the DNS forwarder including cache usages
and query numbers per forwarders.

Name	Description	Type	Notes
conditional_forwarder_statistics	The statistics of conditional forwarders	array of PerForwarderStatistics	Readonly Minimum items: 0 Maximum items: 5
configured_cache_size	The configured cache size, in kb	integer	Readonly
default_forwarder_statistics	The statistics of default forwarder	PerForwarderStatistics	Readonly
error_message	Error message, if available	string	Readonly
queries_answered_locally	The totocal number of queries answered from local cache	integer	Readonly
queries_forwarded	The total number of forwarded dns queries	integer	Readonly
timestamp	Time stamp of the current statistics, in ms	EpochMsTimestamp	Readonly
total_queries	The total number of received dns queries	integer	Readonly
used_cache_statistics	The statistics of used cache	array of PerNodeUsedCacheStatistics	Readonly Minimum items: 0 Maximum items: 2

DnsForwarderStatus (schema) (Deprecated)

The current runtime status of DNS forwarder

The current runtime status of the DNS forwarder including the hosting
transport nodes and forwarder service status.

Name	Description	Type	Notes
active_node	Uuid of active transport node	string	Readonly
extra_message	Extra message, if available	string	Readonly
standby_node	Uuid of stand_by transport node. null if non-HA mode	string	Readonly
status	UP means the DNS forwarder is working correctly on the active transport node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The dns forwarder may be working (or not working). NO_BACKUP means dns forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down.	string	Readonly Enum: UP, DOWN, ERROR, NO_BACKUP
timestamp	Time stamp of the current status, in ms	EpochMsTimestamp	Readonly

DnsQueryAnswer (schema) (Deprecated)

Answer of nslookup

Name	Description	Type
address	Matched ip address Can be resolved ip address.	string
name	Matched name Matched name of the given address.	string
raw_string	Unparsed answer string Unparsed answer string from raw_answer.	string

Dscp (schema) (Deprecated)

One of Quality-of-Service or Encapsulated-Remote-Switched-Port-Analyzer

Dscp value is ignored in case of 'TRUSTED' DscpMode.

Name	Description	Type	Notes
mode		DscpMode
priority	Internal Forwarding Priority	int	Minimum: 0 Maximum: 63 Default: "0"

DscpMode (schema) (Deprecated)

Trust settings

Name	Description	Type	Notes
DscpMode	Trust settings	string	Deprecated Enum: TRUSTED, UNTRUSTED Default: "TRUSTED"

DuplicateAddressBindingEntry (schema) (Deprecated)

Duplicate address binding information

Name	Description	Type	Notes
binding	Combination of IP-MAC-VLAN binding	PacketAddressClassifier
binding_timestamp	Timestamp of binding Timestamp at which the binding was discovered via snooping or manually specified by the user	EpochMsTimestamp
conflicting_port	ID of logical port with the same address binding Provides the ID of the port on which the same address bidning exists	string
source	Address binding source Source from which the address binding entry was obtained	AddressBindingSource	Default: "UNKNOWN"

DuplicateIPDetection (schema) (Deprecated)

Duplicate IP detection and control

Name	Description	Type	Notes
duplicate_ip_detection_enabled	Indicates whether duplicate IP detection should be enabled	boolean	Default: "False"

EdgeHighAvailabilityProfile (schema) (Deprecated)

Profile for BFD HA cluster setting

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
bfd_allowed_hops	BFD allowed hops	integer	Minimum: 1 Maximum: 255 Default: "255"
bfd_declare_dead_multiple	Number of times a packet is missed before BFD declares the neighbor down.	integer	Minimum: 2 Maximum: 16 Default: "3"
bfd_probe_interval	the time interval (in millisec) between probe packets for heartbeat purpose	integer	Minimum: 50 Maximum: 60000 Default: "500"
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
resource_type	Must be set to the value EdgeHighAvailabilityProfile	ClusterProfileType	Required
standby_relocation_config	Standby service contexts relocation setting	StandbyRelocationConfig
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

EgressRateShaper (schema) (Deprecated)

A shaper that specifies egress rate properties in Mb/s

Name	Description	Type	Notes
average_bandwidth_mbps	Average bandwidth in Mb/s	int	Minimum: 0 Default: "0"
burst_size_bytes	Burst size in bytes	int	Minimum: 0 Default: "0"
enabled		boolean	Required
peak_bandwidth_mbps	Peak bandwidth in Mb/s	int	Minimum: 0 Default: "0"
resource_type	Must be set to the value EgressRateShaper	string	Required Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper Default: "IngressRateShaper"

ExtraConfig (schema) (Deprecated)

Vendor specific configuration on logical switch or logical port

Extra config is intended for supporting vendor specific configuration on the
data path, it can be set as key value string pairs on either logical switch
or logical port.
If it was set on logical switch, it will be inherited automatically by logical
ports in it. Also logical port setting will override logical switch setting
if specific key was dual set on both logical switch and logical port.

Name	Description	Type	Notes
config_pair	Key value pair in string for the configuration	UnboundedKeyValuePair	Required

ExtraConfigHostSwitchProfile (schema) (Deprecated)

Profile for extra configs in host switch

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
extra_configs	list of extra configs	array of ExtraConfig
id	Unique identifier of this resource	string	Sortable
required_capabilities		array of string	Readonly
resource_type	Must be set to the value ExtraConfigHostSwitchProfile	HostSwitchProfileType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

ForwarderZone (schema) (Deprecated)

Name	Description	Type	Notes
source_ip	Source ip of the forwarder The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used.	IPv4Address
upstream_servers	Ips of upsteam DNS servers Ip address of the upstream DNS servers the DNS forwarder accesses.	array of IPv4Address	Required Minimum items: 1 Maximum items: 3

GenericDhcpOption (schema) (Deprecated)

Generic DHCP option

Define DHCP options other than option 121.

Name	Description	Type	Notes
code	DHCP option code, [0-255] Code of the dhcp option.	integer	Required Minimum: 0 Maximum: 255
values	DHCP option value Value of the option.	array of string	Required Minimum items: 1 Maximum items: 10

GroupDeleteRequestParameters (schema) (Deprecated)

Group delete request parameters

Name	Description	Type	Notes
fail_if_subtree_exists	Do not delete if the group subtree has any entities Check if the group sub-tree has any entities. These primarily include the binding maps that point to various profiles. If this flag is passed as true, the group delete fails if any binding maps exist in the group sub-tree. By default, this flag is false, which means that the group is deleted along with the group sub-tree.	boolean	Default: "False"
force	Force delete the resource even if it is being used somewhere If true, deleting the resource succeeds even if it is being referred as a resource reference.	boolean	Default: "False"

HostInfraTrafficType (schema) (Deprecated)

Enumerate all types of traffic

The traffic_name specifies the infrastructure traffic type and it
must be one of the following system-defined types:
FAULT_TOLERANCE is traffic for failover and recovery.
HBR is traffic for Host based replication.
ISCSI is traffic for Internet Small Computer System Interface.
MANAGEMENT is traffic for host management.
NFS is traffic related to file transfer in network file system.
VDP is traffic for vSphere data protection.
VIRTUAL_MACHINE is traffic generated by virtual machines.
VMOTION is traffic for computing resource migration.
VSAN is traffic generated by virtual storage area network.
The dynamic_res_pool_name provides a name for the resource pool.
It can be any arbitrary string.
Either traffic_name or dynamic_res_pool_name must be set.
If both are specified or omitted, an error will be returned.

Name	Description	Type	Notes
dynamic_res_pool_name	Dynamic resource pool traffic name	string
traffic_name	Traffic types	string	Enum: FAULT_TOLERANCE, HBR, ISCSI, MANAGEMENT, NFS, VDP, VIRTUAL_MACHINE, VMOTION, VSAN

HostSwitchInfo (schema) (Deprecated)

Information of host switch participating in transport zone

Name	Description	Type	Notes
host_switch_id	Unique ID of a host switch	string	Required Readonly
host_switch_mode	Mode of host switch	string	Required Readonly Enum: STANDARD, ENS, ENS_INTERRUPT, LEGACY
host_switch_name	Name of a host switch	string	Required Readonly
host_switch_type	Type of a host switch	string	Required Readonly Enum: NVDS, VDS

HostSwitchProfileListParameters (schema) (Deprecated)

HostSwitchProfile List Parameters

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
deployment_type	Deployment type of EdgeNode or PublicCloudGatewayNode If the node_type is specified, then deployment_type may be specified to filter uplink profiles applicable to only PHYSICAL_MACHINE or VIRTUAL_MACHINE deployments of these nodes.	EdgeDeploymentType
hostswitch_profile_type	Type of host switch profile	HostSwitchProfileType
include_system_owned	Whether the list result contains system resources	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
node_type	Fabric node type for which uplink profiles are to be listed The fabric node type is the resource_type of the Node such as EdgeNode and PublicCloudGatewayNode. If a fabric node type is given, uplink profiles that apply for nodes of the given type will be returned.	string	Enum: EdgeNode, PublicCloudGatewayNode
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string
uplink_teaming_policy_name	The host switch profile's uplink teaming policy name If populated, only UplinkHostSwitchProfiles with the specified uplink teaming policy name are returned. Otherwise, any HostSwitchProfile can be returned.	string

HostSwitchProfileType (schema) (Deprecated)

Supported HostSwitch profiles.

Name	Description	Type	Notes
HostSwitchProfileType	Supported HostSwitch profiles.	string	Deprecated Enum: UplinkHostSwitchProfile, LldpHostSwitchProfile, NiocProfile, ExtraConfigHostSwitchProfile, VtepHAHostSwitchProfile, HighPerformanceHostSwitchProfile

HostSwitchProfileTypeIdEntry (schema) (Deprecated)

Name	Description	Type	Notes
key		HostSwitchProfileType
value	key value	string	Required

HostSwitchProfilesListResult (schema) (Deprecated)

HostSwitch Profile queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	HostSwitch Profile Results	array of BaseHostSwitchProfile (Abstract type: pass one of the following concrete types) ExtraConfigHostSwitchProfile LldpHostSwitchProfile NiocProfile UplinkHostSwitchProfile	Readonly
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

HostSwitchState (schema) (Deprecated)

Host Switch State

Name	Description	Type	Notes
endpoints	List of virtual tunnel endpoints which are configured on this switch	array of Endpoint	Readonly
host_switch_id	External ID of the HostSwitch	string	Readonly
host_switch_name	HostSwitch name. This name will be used to reference this HostSwitch. The name must be unique among all host switches specified in a given Transport Node.	string	Readonly
host_switch_type	Type of HostSwitch VDS represents VMware vSphere Distributed Switch from vSphere that is used as HostSwitch through TransportNode or TransportNodeProfile configuration. When VDS is used as a HostSwitch, Hosts have to be added to VDS from vSphere and VDS instance is created on Hosts. To configure NSX on such hosts, you can use this VDS as a HostSwitch from NSX manager. vCenter has the ownership of MTU, LAG, NIOC and LLDP configuration of such VDS backed HostSwitch. Remaining configuration (e.g. UplinkHostswitchProfile) will be managed by NSX. NVDS represents NSX Virtual Switch which is NSX native HostSwitch. All configurations of NVDS will be managed by NSX.	string	Enum: NVDS, VDS Default: "NVDS"
transport_zone_ids	List of Ids of TransportZones this HostSwitch belongs to	array of string	Readonly

IPSecVPNTrafficCounters (schema) (Deprecated)

IPSec VPN traffic counters

Provides the following traffic statistics for IPSec VPN tunnels since the time the tunnels are UP:

- Incoming packet count.
- Outgoing packet count.
- Dropped packet count.

Name	Description	Type	Notes
bytes_in	Bytes in Total number of traffic bytes received on inbound security association.	integer	Readonly
bytes_out	Bytes out Total number of traffic bytes sent on outbound security association.	integer	Readonly
dropped_packets_in	Dropped incoming packets Total number of incoming packets dropped on inbound security association.	integer	Readonly
dropped_packets_out	Dropped outgoing packets Total number of outgoing packets dropped on outbound security association.	integer	Readonly
packets_in	Packets in Total number of packets received on inbound security association.	integer	Readonly
packets_out	Packets out Total number of packets sent on outbound security association.	integer	Readonly

IPv4DhcpServer (schema) (Deprecated)

DHCP server to support IPv4 DHCP service

DHCP server to support IPv4 DHCP service. Properties defined at DHCP server
level can be overridden by ip-pool or static-binding level properties.

Name	Description	Type	Notes
dhcp_server_ip	DHCP server ip in CIDR format DHCP server ip in CIDR format.	IPv4CIDRBlock	Required
dns_nameservers	DNS ips Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.	array of IPv4Address	Minimum items: 0 Maximum items: 2
domain_name	Domain name Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.	string	Format: hostname
gateway_ip	Gateway ip Gateway ip to be assigned to host. It can be overridden by ip-pool or static-binding level property.	IPv4Address
monitor_ippool_usage	Enable/disable monitoring DHCP ip-pool usage Enable or disable monitoring of DHCP ip-pools usage. When enabled, system events are generated when pool usage exceeds the configured thresholds. System events can be viewed in REST API /api/v2/hpm/alarms	boolean	Default: "False"
options	DHCP options Defines the default options for all ip-pools and static-bindings of this server. These options will be ignored if options are defined for ip-pools or static-bindings.	DhcpOptions

IPv6DhcpServer (schema) (Deprecated)

DHCP server to support IPv6 DHCP service

DHCP server to support IPv6 DHCP service. Properties defined at DHCP server
level can be overridden by ip-pool or static-binding level properties.

Name	Description	Type	Notes
dhcp_server_ip	DHCP server ip in CIDR format DHCP server ip in CIDR format.	IPv6CIDRBlock
dns_nameservers	DNS ips Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.	array of IPv6Address	Minimum items: 0 Maximum items: 2
domain_names	Domain name Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.	array of string
server_id	DHCP server id DHCP server id.	string	Readonly
sntp_servers	SNTP server ips SNTP server ips.	array of IPv6Address	Minimum items: 0 Maximum items: 2

IngressBroadcastRateShaper (schema) (Deprecated)

A shaper that specifies ingress rate properties in kb/s

Name	Description	Type	Notes
average_bandwidth_kbps	Average bandwidth in kb/s	int	Minimum: 0 Default: "0"
burst_size_bytes	Burst size in bytes	int	Minimum: 0 Default: "0"
enabled		boolean	Required
peak_bandwidth_kbps	Peak bandwidth in kb/s	int	Minimum: 0 Default: "0"
resource_type	Must be set to the value IngressBroadcastRateShaper	string	Required Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper Default: "IngressRateShaper"

IngressRateShaper (schema) (Deprecated)

A shaper that specifies ingress rate properties in Mb/s

Name	Description	Type	Notes
average_bandwidth_mbps	Average bandwidth in Mb/s	int	Minimum: 0 Default: "0"
burst_size_bytes	Burst size in bytes	int	Minimum: 0 Default: "0"
enabled		boolean	Required
peak_bandwidth_mbps	Peak bandwidth in Mb/s	int	Minimum: 0 Default: "0"
resource_type	Must be set to the value IngressRateShaper	string	Required Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper Default: "IngressRateShaper"

IntelligenceClusterNodeVMFormFactor (schema) (Deprecated)

Supported VM form factor for NSX-Intelligence cluster nodes

Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM. Enum value SMALL, LARGE and
EXTRA_LARGE will be deprecated.

Name	Description	Type	Notes
IntelligenceClusterNodeVMFormFactor	Supported VM form factor for NSX-Intelligence cluster nodes Specifies the desired "size" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM. Enum value SMALL, LARGE and EXTRA_LARGE will be deprecated.	string	Deprecated Enum: EVALUATION, STANDARD, ADVANCED, SMALL, LARGE, EXTRA_LARGE

IpAllocationBase (schema) (Deprecated)

Base type of ip-allocation

Base type of ip-allocation extended by ip pool and static binding.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
gateway_ip	Gateway ip Gateway ip address of the allocation.	IPAddress
id	Unique identifier of this resource	string	Sortable
lease_time	Lease time Lease time, in seconds, [60-(2^32-1)]. Default is 86400.	integer	Minimum: 60 Maximum: 4294967295 Default: "86400"
options	DHCP options If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.	DhcpOptions
resource_type	Must be set to the value IpAllocationBase	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

IpAssignmentSpec (schema) (Deprecated)

Abstract base type for specification of IPs to be used with host switch virtual tunnel endpoints

This is an abstract type. Concrete child types:
AssignedByDhcp
FromEsxiVmknic
NoIpv4
StaticIpListSpec
StaticIpMacListSpec
StaticIpPoolSpec

Name	Description	Type	Notes
resource_type		string	Required Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec, NoIpv4, FromEsxiVmknic

IpDiscoverySwitchingProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
arp_bindings_limit	Number of IP addresses to be snooped via ARP snooping Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. This limit only applies to IPv4 addresses and is independent of the nd_bindings_limit used for IPv6 snooping.	int	Minimum: 1 Maximum: 256 Default: "1"
arp_nd_binding_timeout	ARP and ND cache timeout (in minutes) This property controls the ARP and ND cache timeout period.It is recommended that this property be greater than the ARP/ND cache timeout on the VM.	int	Minimum: 5 Maximum: 120 Default: "10"
arp_snooping_enabled	Indicates whether ARP snooping is enabled	boolean	Default: "True"
description	Description of this resource	string	Maximum length: 1024 Sortable
dhcp_snooping_enabled	Indicates whether DHCP snooping is enabled	boolean	Default: "True"
dhcpv6_snooping_enabled	Indicates if stateful DHCPv6 snooping is enabled This option is the IPv6 equivalent of DHCP snooping.	boolean	Default: "False"
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
duplicate_ip_detection	Controls whether duplicate IP detection should be enabled Duplicate IP detection is used to determine if there is any IP conflict with any other port on the same logical switch. If a conflict is detected, then the IP is marked as a duplicate on the port where the IP was discovered last. The duplicate IP will not be added to the realized address binings for the port and hence will not be used in DFW rules or other security configurations for the port.	DuplicateIPDetection
id	Unique identifier of this resource	string	Sortable
nd_bindings_limit	Number of IP addresses to be snooped via neighbor-discovery(ND) snooping Indicates the number of neighbor-discovery snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. This limit only applies to IPv6 addresses and is independent of the arp_bindings_limit used for IPv4 snooping.	int	Minimum: 2 Maximum: 15 Default: "3"
nd_snooping_enabled	Indicates if neighbor discovery snooping is enabled This option is the IPv6 equivalent of ARP snooping.	boolean	Default: "False"
required_capabilities		array of string	Readonly
resource_type	Must be set to the value IpDiscoverySwitchingProfile	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
trust_on_first_use_enabled	Controls whether trust-on-first-use should be enabled ARP snooping being inherently susceptible to ARP spoofing, uses a turst-on-fisrt-use (TOFU) paradigm where only the first IP address discovered via ARP snooping is trusted. The remaining are ignored. In order to allow for more flexibility, we allow the user to configure how many ARP snooped address bindings should be trusted for the lifetime of the logical port. This is controlled by the arp_bindings_limit property in the IP Discovery profile. We refer to this extension of TOFU as N-TOFU. However, if TOFU is disabled, then N ARP snooped IP addresses will be trusted until they are timed out, where N is configured by arp_bindings_limit.	boolean	Default: "True"
vm_tools_enabled	Indicates whether fetching IP using vm-tools is enabled This option is only supported on ESX where vm-tools is installed.	boolean	Default: "True"
vm_tools_v6_enabled	Indicates whether fetching IPv6 addresses using vm-tools is enabled This option is only supported on ESX where vm-tools is installed.	boolean	Default: "False"

IpInfo (schema) (Deprecated)

Only support IP address or subnet. Its type can be of
IPv4 or IPv6. It will be converted to subnet when netmask
is specified(e.g., 192.168.1.3/24 => 192.168.1.0/24,
2008:12:12:12::2/64 => 2008:12:12:12::/64).
This type is deprecated. Please use the type NetworkInfo instead.

Name	Description	Type	Notes
dst_ip	The destination IP address or subnet The destination IP can be an IP address or a subnet.	IPElement
src_ip	The source IP address or subnet The source IP can be an IP address or a subnet.	IPElement

IpMacPair (schema) (Deprecated)

IP and MAC pair.

Name	Description	Type	Notes
ip	IP address	IPAddress	Required
mac	MAC address	MACAddress

L2Vpn (schema) (Deprecated)

L2 Virtual Private Network Configuration

Contains information necessary to configure L2Vpn.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource Children are not allowed for this type
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enable L2Vpn Enable to extend all the associated segments.	boolean	Default: "True"
id	Unique identifier of this resource	string	Sortable
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
resource_type	Must be set to the value L2Vpn	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
transport_tunnels	List of paths referencing transport tunnels List of paths referencing transport tunnels.	array of string	Required Minimum items: 1 Maximum items: 1
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

L2VpnAttachmentContext (schema) (Deprecated)

Name	Description	Type	Notes
allocate_addresses	A flag to indicate whether to allocate addresses from allocation pools bound to the parent logical switch.	string	Enum: IpPool, MacPool, Both, None, Dhcp, DhcpV6, SLAAC
local_egress_ip	Array of local egress IPs List of local egress IP addresses, used for local egress optimization.	array of IPElement
resource_type	Must be set to the value L2VpnAttachmentContext	string	Required
tunnel_id	Tunnel Id to uniquely identify the extension.	int	Required Minimum: 1 Maximum: 4093

L2VpnContext (schema) (Deprecated)

L2Vpn Context

L2Vpn Context provides meta-data information about the parent Tier-0.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource Children are not allowed for this type
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enable_hub	Enable to act as hub If enabled, the tier-0 acts as a Hub and replicates traffic received from peer to all other peers. If disabled, the tier-0 acts as a Spoke and replicates only the local.	boolean	Default: "False"
id	Unique identifier of this resource	string	Sortable
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
resource_type	Must be set to the value L2VpnContext	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

L3Vpn (schema) (Deprecated)

L3 Virtual Private Network Configuration

Contains information necessary to configure IPSec VPN.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource Children are not allowed for this type
description	Description of this resource	string	Maximum length: 1024 Sortable
dh_groups	DH group Diffie-Hellman group to be used if PFS is enabled. Default group is GROUP14.	array of PolicyDHGroup	Maximum items: 1
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enable_perfect_forward_secrecy	Enable perfect forward secrecy If true, perfect forward secrecy (PFS) is enabled.	boolean	Default: "True"
enabled	Enable L3Vpn Flag to enable L3Vpn. Default is enabled.	boolean	Default: "True"
id	Unique identifier of this resource	string	Sortable
ike_digest_algorithms	Digest Algorithm for IKE Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.	array of PolicyIKEDigestAlgorithm	Maximum items: 1
ike_encryption_algorithms	Encryption algorithm for IKE Algorithm to be used during Internet Key Exchange(IKE) negotiation. Default is AES_128.	array of PolicyIKEEncryptionAlgorithm	Maximum items: 1
ike_version	IKE version IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.	PolicyIKEVersion	Default: "IKE_V2"
l3vpn_session	L3Vpn Session	L3VpnSession (Abstract type: pass one of the following concrete types) PolicyBasedL3VpnSession RouteBasedL3VpnSession	Required
local_address	IPv4 address of local gateway	IPv4Address	Required
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
passphrases	List of IPSec pre-shared keys List of IPSec pre-shared keys used for IPSec authentication. If not specified, the older passphrase values are retained if there are any.	array of secure_string	Maximum items: 1
path	Absolute path of this object Absolute path of this object	string	Readonly
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
remote_private_address	Identifier of the remote site This field is used to resolve conflicts in case of a remote site being behind NAT as remote public ip address is not enough. If it is not the case the remote public address should be provided here. If not provided, the value of this field is set to remote_public_address.	string
remote_public_address	Public IPv4 address of remote gateway	IPv4Address	Required
resource_type	Must be set to the value L3Vpn	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
tunnel_digest_algorithms	Digest Algorithm for Tunnel Establishment Algorithm to be used for message digest during tunnel establishment. Default algorithm is empty.	array of PolicyTunnelDigestAlgorithm	Maximum items: 1
tunnel_encryption_algorithms	Encryption algorithm for Tunnel Establishement Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.	array of PolicyTunnelEncryptionAlgorithm	Maximum items: 1
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

L3VpnContext (schema) (Deprecated)

L3Vpn Context

L3Vpn Context provides the configuration context that different L3Vpns can consume.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
available_local_addresses	IPv4 addresses of the local gateway Local gateway IPv4 addresses available for configuration of each L3Vpn.	array of PolicyIPAddressInfo
bypass_rules	List of Bypass L3VpnRules Bypass L3Vpn rules that will be shared across L3Vpns. Only Bypass action is supported on these L3Vpn rules.	array of L3VpnRule
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource Children are not allowed for this type
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enable L3 Virtual Private Network (VPN) service If true, enable L3Vpn Service for given tier-0. Enabling/disabling this service affects all L3Vpns under the given tier-0.	boolean	Default: "True"
id	Unique identifier of this resource	string	Sortable
ike_log_level	Internet key exchange (IKE) log level Log level for internet key exchange (IKE).	string	Enum: DEBUG, INFO, WARN, ERROR, EMERGENCY Default: "INFO"
label	Policy path referencing Label Policy path referencing Label. A label is used as a mechanism to group route-based L3Vpns in order to apply edge firewall rules on members' VTIs.	string
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
resource_type	Must be set to the value L3VpnContext	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

L3VpnRule (schema) (Deprecated)

L3Vpn Rule

For policy-based L3Vpn sessions, a rule specifies as its action the vpn tunnel to be used
for transit traffic that meets the rule's match criteria.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
action	Action to apply to the traffic transiting through the L3Vpn Action to exchange data with or without protection. PROTECT - Allows to exchange data with ipsec protection. Protect rules are defined per L3Vpn. BYPASS - Allows to exchange data without ipsec protection. Bypass rules are defined per L3VpnContext and affects all policy based L3Vpns. Bypass rules are prioritized over protect rules.	string	Enum: PROTECT, BYPASS Default: "PROTECT"
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource Children are not allowed for this type
description	Description of this resource	string	Maximum length: 1024 Sortable
destinations	List of remote subnets List of remote subnets used in policy-based L3Vpn.	array of L3VpnSubnet	Required Minimum items: 1 Maximum items: 128
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
resource_type	Must be set to the value L3VpnRule	string
sequence_number	Sequence number of the L3VpnRule This field is used to resolve conflicts between multiple L3VpnRules associated with a single L3Vpn or L3VpnContext.	int
sources	List of local subnets List of local subnets used in policy-based L3Vpn.	array of L3VpnSubnet	Required Minimum items: 1 Maximum items: 128
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

L3VpnSession (schema) (Deprecated)

L3Vpn Session

Contains information about L3Vpn session.
This is an abstract type. Concrete child types:
PolicyBasedL3VpnSession
RouteBasedL3VpnSession

Name	Description	Type	Notes
resource_type		L3VpnSessionResourceType	Required

L3VpnSessionResourceType (schema) (Deprecated)

Resource type of L3Vpn Session

- A Policy Based L3Vpn is a configuration in which protect rules to match local
and remote subnet needs to be defined. Tunnel is established for each pair of
local and remote subnet defined in protect rules.
- A Route Based L3Vpn is more flexible, more powerful and recommended over policy
based. IP Tunnel subnet is created and all traffic routed through tunnel subnet
(commonly known as VTI) is sent over tunnel. Routes can be learned through BGP.
A route based L3Vpn is required when using redundant L3Vpn.

Name	Description	Type	Notes
L3VpnSessionResourceType	Resource type of L3Vpn Session - A Policy Based L3Vpn is a configuration in which protect rules to match local and remote subnet needs to be defined. Tunnel is established for each pair of local and remote subnet defined in protect rules. - A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet (commonly known as VTI) is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn.	string	Deprecated Enum: PolicyBasedL3VpnSession, RouteBasedL3VpnSession

L3VpnSubnet (schema) (Deprecated)

Subnet used in L3Vpn Rule

Used to specify subnets in L3Vpn rule.

Name	Description	Type	Notes
subnet	Subnet Subnet used in L3Vpn Rule.	IPv4CIDRBlock	Required

Lag (schema) (Deprecated)

LACP group

Name	Description	Type	Notes
id	unique id	string	Readonly
load_balance_algorithm	LACP load balance Algorithm	string	Required Enum: SRCMAC, DESTMAC, SRCDESTMAC, SRCDESTIPVLAN, SRCDESTMACIPPORT
mode	LACP group mode	string	Required Enum: ACTIVE, PASSIVE
name	Lag name	string	Required
number_of_uplinks	number of uplinks	int	Required Minimum: 2 Maximum: 32
timeout_type	LACP timeout type	string	Enum: SLOW, FAST Default: "SLOW"
uplinks	uplink names	array of Uplink	Readonly Maximum items: 32

LbActiveMonitor (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
fall_count	num of consecutive checks must fail before marking it down	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
id	Unique identifier of this resource	string	Sortable
interval	the frequency at which the system issues the monitor check (in second)	integer	Minimum: 1 Maximum: 2147483647 Default: "5"
monitor_port	port which is used for healthcheck If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.	PortElement
resource_type	Must be set to the value LbActiveMonitor	MonitorType	Required
rise_count	num of consecutive checks must pass before marking it up	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
timeout	the number of seconds the target has in which to respond to the monitor request	integer	Minimum: 1 Maximum: 2147483647 Default: "15"

LbClientCertificateIssuerDnCondition (schema) (Deprecated)

Match condition for client certificate issuer DN

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for issuer DN comparing If true, case is significant when comparing issuer DN value.	boolean	Default: "True"
issuer_dn	Value of issuer DN Value of issuer DN. The format should follow RFC 2253.	string	Required
match_type	Match type of issuer DN	LbRuleMatchType	Default: "REGEX"

LbClientCertificateSubjectDnCondition (schema) (Deprecated)

Match condition for client certificate subject DN

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for subject DN comparing If true, case is significant when comparing subject DN value.	boolean	Default: "True"
match_type	Match type of subject DN	LbRuleMatchType	Default: "REGEX"
subject_dn	Value of subject DN Value of subject DN. The format should follow RFC 2253.	string	Required

LbClientSslProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
cipher_group_label	Label of cipher group It is a label of cipher group which is mostly consumed by GUI.	SslCipherGroup
ciphers	supported SSL cipher list to client side	array of SslCipher
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
is_fips	FIPS compliance of ciphers and protocols This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.	boolean	Readonly
is_secure	Secure/Insecure SSL profile flag This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.	boolean	Readonly
prefer_server_ciphers	prefer server ciphers flag During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference.	boolean	Default: "True"
protocols	supported SSL protocol list to client side Only TLS 1.2 is supported and enabled.	array of SslProtocol
resource_type	Must be set to the value LbClientSslProfile	string
session_cache_enabled	session cache enable/disable flag SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.	boolean	Default: "True"
session_cache_timeout	SSL session cache timeout value Session cache timeout specifies how long the SSL session parameters are held on to and can be reused.	integer	Minimum: 1 Maximum: 86400 Default: "300"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LbClientSslProfileListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	paginated list of load balancer client SSL profiles	array of LbClientSslProfile	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

LbConnectionDropAction (schema) (Deprecated)

Action to drop connections

This action is used to drop the connections. There is no extra property in
this action. If there is no match condition specified, the connection will
be always dropped. This action can be specified at HTTP_ACCESS or
HTTP_FORWARDING phase.

Name	Description	Type	Notes
type	Must be set to the value LbConnectionDropAction	LbRuleActionType	Required

LbCookiePersistenceProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
cookie_domain	cookie domain HTTP cookie domain could be configured, only available for insert mode.	string
cookie_fallback	cookie persistence fallback If fallback is true, once the cookie points to a server that is down (i.e. admin state DISABLED or healthcheck state is DOWN), then a new server is selected by default to handle that request. If fallback is false, it will cause the request to be rejected if cookie points to a server	boolean	Default: "True"
cookie_garble	cookie persistence garble If garble is set to true, cookie value (server IP and port) would be encrypted. If garble is set to false, cookie value would be plain text.	boolean	Default: "True"
cookie_httponly	Cookie httponly flag If cookie httponly flag is true, it prevents a script running in the browser from accessing the cookie. Only available for insert mode.	boolean	Default: "False"
cookie_mode	cookie persistence mode	CookiePersistenceModeType	Default: "INSERT"
cookie_name	cookie name	string	Required
cookie_path	cookie path HTTP cookie path could be set, only available for insert mode.	string
cookie_secure	Cookie secure flag If cookie secure flag is true, it prevents the browser from sending a cookie over http. The cookie is sent only over https. Only available for insert mode.	boolean	Default: "False"
cookie_time	cookie time setting Both session cookie and persistence cookie are supported, if not specified, it's a session cookie. It expires when the browser is closed.	LbCookieTime (Abstract type: pass one of the following concrete types) LbPersistenceCookieTime LbSessionCookieTime
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
persistence_shared	Persistence shared flag The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format <name>.<virtual_server_id>.<pool_id>. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to <name>.<profile-id>.<pool-id>. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.	boolean	Default: "False"
resource_type	Must be set to the value LbCookiePersistenceProfile	PersistenceProfileType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LbCookieTime (schema) (Deprecated)

This is an abstract type. Concrete child types:
LbPersistenceCookieTime
LbSessionCookieTime

Name	Description	Type	Notes
type		CookieTimeType	Required

LbEdgeNodeUsage (schema) (Deprecated)

The load balancer usage for an edge node

The capacity contains basic information and load balancer entity usages
and capacity for the given edge node.

Name	Description	Type	Notes
current_credit_number	Current credit number The current credit number reflects the current usage on the node. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured on a node, the current credit number is 2 * 10 = 20.	integer	Readonly
current_large_load_balancer_services	The current number of large load balancer services The number of large load balancer services configured on the node.	integer	Readonly
current_medium_load_balancer_services	The current number of medium load balancer services The number of medium load balancer services configured on the node.	integer	Readonly
current_pool_members	The current number of pool members The number of pool members configured on the node.	integer	Readonly
current_pools	The current number of pools The number of pools configured on the node.	integer	Readonly
current_small_load_balancer_services	The current number of small load balancer services The number of small load balancer services configured on the node.	integer	Readonly
current_virtual_servers	The current number of virtual servers The number of virtual servers configured on the node.	integer	Readonly
current_xlarge_load_balancer_services	The current number of xlarge load balancer services The number of xlarge load balancer services configured on the node.	integer	Readonly
edge_cluster_id	The ID of edge cluster The ID of edge cluster which contains the edge node.	string	Readonly
form_factor	The form factor of the given edge node The form factor of the given edge node.	string	Readonly Enum: SMALL_VIRTUAL_MACHINE, MEDIUM_VIRTUAL_MACHINE, LARGE_VIRTUAL_MACHINE, XLARGE_VIRTUAL_MACHINE, PHYSICAL_MACHINE
node_id	The UUID of the node for load balancer node usage The property identifies the node UUID for load balancer node usage.	string	Required
remaining_credit_number	Remaining credit number The remaining credit number is the remaining credits that can be used for load balancer service configuration. For example, an edge node with form factor LARGE_VIRTUAL_MACHINE has 40 credits, and a medium load balancer instance costs 10 credits. If there are currently 3 medium instances configured, the remaining credit number is 40 - (3 * 10) = 10.	integer	Readonly
remaining_large_load_balancer_services	The remaining number of large load balancer services The remaining number of large load balancer services which could be configured on the given edge node.	integer	Readonly
remaining_medium_load_balancer_services	The remaining number of medium load balancer services The remaining number of medium load balancer services which could be configured on the given edge node.	integer	Readonly
remaining_pool_members	The remaining number of pool members The remaining number of pool members which could be configured on the given edge node.	integer	Readonly
remaining_small_load_balancer_services	The remaining number of small load balancer services The remaining number of small load balancer services which could be configured on the given edge node.	integer	Readonly
remaining_xlarge_load_balancer_services	The remaining number of xlarge load balancer services The remaining number of xlarge load balancer services which could be configured on the given edge node.	integer	Readonly
severity	LB usage severity The severity calculation is based on current credit usage percentage of load balancer for one node.	LbUsageSeverity	Readonly
type	Must be set to the value LbEdgeNodeUsage	LbNodeUsageType	Required
usage_percentage	Usage percentage The usage percentage of the edge node for load balancer. The value is the larger value between load balancer credit usage percentage and pool member usage percentage for the edge node.	number	Readonly

LbGenericPersistenceProfile (schema) (Deprecated)

LB generic persistence profile

The profile is used to define the persistence entry expiration time,
mirroring enabled flag to synchronize persistence entries, persistence
shared flag for the associated virtual servers. The profile cannot be
attached to virtual server directly, it can be only consumed by LB rule
action. In HTTP forwarding phase, LBVariablePersistenceOnAction can be
used to consume LbGenericPersistenceProfile. In HTTP response rewriting
phase, LBVariablePersistenceLearnAction is used instead.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
ha_persistence_mirroring_enabled	Mirroring enabled flag The mirroring enabled flag is to synchronize persistence entries. Persistence entries are not synchronized to the HA peer by default.	boolean	Default: "False"
id	Unique identifier of this resource	string	Sortable
persistence_shared	Persistence shared flag The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format <name>.<virtual_server_id>.<pool_id>. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to <name>.<profile-id>.<pool-id>. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.	boolean	Default: "False"
resource_type	Must be set to the value LbGenericPersistenceProfile	PersistenceProfileType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
timeout	Persistence entry expiration time in seconds When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.	integer	Minimum: 1 Maximum: 2147483647 Default: "300"

LbHttpMonitor (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
fall_count	num of consecutive checks must fail before marking it down	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
id	Unique identifier of this resource	string	Sortable
interval	the frequency at which the system issues the monitor check (in second)	integer	Minimum: 1 Maximum: 2147483647 Default: "5"
monitor_port	port which is used for healthcheck If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.	PortElement
request_body	String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST.	string
request_headers	Array of HTTP request headers	array of LbHttpRequestHeader
request_method	the health check method for HTTP monitor type	HttpRequestMethodType	Default: "GET"
request_url	URL used for HTTP monitor	string
request_version	HTTP request version	HttpRequestVersionType	Default: "HTTP_VERSION_1_1"
resource_type	Must be set to the value LbHttpMonitor	MonitorType	Required
response_body	response body to match If HTTP response body match string (regular expressions not supported) is specified (using LbHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.	string
response_status_codes	Array of single HTTP response status codes The HTTP response status code should be a valid HTTP status code.	array of int	Maximum items: 64
rise_count	num of consecutive checks must pass before marking it up	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
timeout	the number of seconds the target has in which to respond to the monitor request	integer	Minimum: 1 Maximum: 2147483647 Default: "15"

LbHttpProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
http_redirect_to	http redirect static URL If a website is temporarily down or has moved, incoming requests for that virtual server can be temporarily redirected to a URL	string
http_redirect_to_https	flag to indicate whether enable HTTP-HTTPS redirect Certain secure applications may want to force communication over SSL, but instead of rejecting non-SSL connections, they may choose to redirect the client automatically to use SSL.	boolean	Default: "False"
id	Unique identifier of this resource	string	Sortable
idle_timeout	HTTP application idle timeout in seconds It is used to specify the HTTP application idle timeout, it means that how long the load balancer will keep the connection idle to wait for the client to send the next keep-alive request. It is not a TCP socket setting.	integer	Minimum: 1 Maximum: 5400 Default: "15"
request_body_size	Maximum size of the buffer used to store HTTP request body If it is not specified, it means that request body size is unlimited.	integer	Minimum: 1 Maximum: 2147483647
request_header_size	Maximum size of the buffer used to store HTTP request headers A request with header equal to or below this size is guaranteed to be processed. A request with header larger than request_header_size will be processed up to 32K bytes on best effort basis.	integer	Minimum: 1 Default: "1024"
resource_type	Must be set to the value LbHttpProfile	ApplicationProfileType	Required
response_buffering	Enable or disable buffering of responses When buffering is disabled, the response is passed to a client synchronously, immediately as it is received. When buffering is enabled, LB receives a response from the backend server as soon as possible, saving it into the buffers.	boolean	Default: "False"
response_header_size	Maximum size of the buffer used to store HTTP response headers A response with header larger than response_header_size will be dropped.	integer	Minimum: 1 Maximum: 65536 Default: "4096"
response_timeout	Maximum server idle time in seconds If server doesn't send any packet within this time, the connection is closed.	integer	Minimum: 1 Maximum: 2147483647 Default: "60"
server_keep_alive	Server keep-alive flag If server_keep_alive is true, it means the backend connection will keep alive for the client connection. Every client connection is tied 1:1 with the corresponding server-side connection. If server_keep_alive is false, it means the backend connection won't keep alive for the client connection. The default value is false. If server_keep_alive is not specified for API input, its value in API output will be the same with the property ntlm.	boolean
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
x_forwarded_for	insert or replace x_forwarded_for When X-Forwareded-For is configured, X-Forwarded-Proto and X-Forwarded-Port information is added automatically. The two additional header information can be also modified or deleted in load balancer rules.	XForwardedForType
ntlm	NTLM support flag NTLM is an authentication protocol that can be used over HTTP. If the flag is set to true, LB will use NTLM challenge/response methodology. This property is deprecated. Please use the property server_keep_alive in order to keep the backend server connection alive for the client connection. When create a new profile, if both ntlm and server_keep_alive are set as different values, ERROR will be reported. When update an existing profile, if either ntlm or server_keep_alive value is changed, both of them are updated with the changed value.	boolean	Deprecated

LbHttpRedirectAction (schema) (Deprecated)

Action to redirect HTTP request messages

This action is used to redirect HTTP request messages to a new URL. The
reply_status value specified in this action is used as the status code of
HTTP response message which is sent back to client (Normally a browser).
The HTTP status code for redirection is 3xx, for example, 301, 302, 303,
307, etc. The redirect_url is the new URL that the HTTP request message is
redirected to. Normally browser will send another HTTP request to the new
URL after receiving a redirection response message.
Captured variables and built-in variables can be used in redirect_url field.
For example, to redirect all HTTP requests to HTTPS requests for a virtual
server. We create an LbRule without any conditions, add an
LbHttpRedirectAction to the rule. Set the
redirect_url field of the LbHttpRedirectAction to:
https://$_host$_request_uri
And set redirect_status to "302", which means found. This rule will
redirect all HTTP requests to HTTPS server port on the same host.

Name	Description	Type	Notes
redirect_status	HTTP response status code	string	Required
redirect_url	The URL that the HTTP request is redirected to	string	Required
type	Must be set to the value LbHttpRedirectAction	LbRuleActionType	Required

LbHttpRejectAction (schema) (Deprecated)

Action to reject HTTP request messages

This action is used to reject HTTP request messages. The specified
reply_status value is used as the status code for the corresponding HTTP
response message which is sent back to client (Normally a browser)
indicating the reason it was rejected. Reference official HTTP status code
list for your specific HTTP version to set the reply_status properly.
LbHttpRejectAction does not support variables.

Name	Description	Type	Notes
reply_message	Response message	string
reply_status	HTTP response status code	string	Required
type	Must be set to the value LbHttpRejectAction	LbRuleActionType	Required

LbHttpRequestBodyCondition (schema) (Deprecated)

Condition to match content of HTTP request message body

This condition is used to match the message body of an HTTP request.
Typically, only HTTP POST, PATCH, or PUT requests have request body.
The match_type field defines how body_value field is used to match the body
of HTTP requests.

Name	Description	Type	Notes
body_value	HTTP request body	string	Required
case_sensitive	A case sensitive flag for HTTP body comparing If true, case is significant when comparing HTTP body value.	boolean	Default: "True"
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
match_type	Match type of HTTP body	LbRuleMatchType	Default: "REGEX"
type	Must be set to the value LbHttpRequestBodyCondition	LbRuleConditionType	Required

LbHttpRequestCookieCondition (schema) (Deprecated)

Condition to match HTTP request cookie

This condition is used to match HTTP request messages by cookie which is a
specific type of HTTP header. The match_type and case_sensitive define how
to compare cookie value.

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for cookie value comparing If true, case is significant when comparing cookie value.	boolean	Default: "True"
cookie_name	Name of cookie	string	Required
cookie_value	Value of cookie	string	Required
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
match_type	Match type of cookie value	LbRuleMatchType	Default: "REGEX"
type	Must be set to the value LbHttpRequestCookieCondition	LbRuleConditionType	Required

LbHttpRequestHeaderCondition (schema) (Deprecated)

Condition to match HTTP request header

This condition is used to match HTTP request messages by HTTP header
fields. HTTP header fields are components of the header section of HTTP
request and response messages. They define the operating parameters of an
HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One
condition can be used to match one header field, to match multiple header
fields, multiple conditions must be specified.
The match_type field defines how header_value field is used to match HTTP
requests. The header_name field does not support match types.

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for HTTP header value comparing If true, case is significant when comparing HTTP header value.	boolean	Default: "True"
header_name	Name of HTTP header	string	Required
header_value	Value of HTTP header	string	Required
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
match_type	Match type of HTTP header value	LbRuleMatchType	Default: "REGEX"
type	Must be set to the value LbHttpRequestHeaderCondition	LbRuleConditionType	Required

LbHttpRequestHeaderDeleteAction (schema) (Deprecated)

Action to delete HTTP request header fields

This action is used to delete header fields of HTTP request messages at
HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers
with same header name. To delete headers with different header names,
multiple actions must be defined.

Name	Description	Type	Notes
header_name	Name of a header field of HTTP request message	string	Required
type	Must be set to the value LbHttpRequestHeaderDeleteAction	LbRuleActionType	Required

LbHttpRequestHeaderRewriteAction (schema) (Deprecated)

Action to rewrite header fields of HTTP request messages.

This action is used to rewrite header fields of matched HTTP request
messages to specified new values. One action can be used to rewrite one
header field. To rewrite multiple header fields, multiple actions must be
defined.
Captured variables and built-in variables can be used in the header_value
field, header_name field does not support variables.

Name	Description	Type	Notes
header_name	Name of HTTP request header	string	Required
header_value	Value of HTTP request header	string	Required
type	Must be set to the value LbHttpRequestHeaderRewriteAction	LbRuleActionType	Required

LbHttpRequestMethodCondition (schema) (Deprecated)

Condition to match method of HTTP request messages

This condition is used to match method of HTTP requests. If the method of an
HTTP request is same as the method specified in this condition, the HTTP
request match this condition. For example, if the method field is set to
GET in this condition, any HTTP request with GET method matches the
condition.

Name	Description	Type	Notes
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
method	Type of HTTP request method	HttpRequestMethodType	Required
type	Must be set to the value LbHttpRequestMethodCondition	LbRuleConditionType	Required

LbHttpRequestUriArgumentsCondition (schema) (Deprecated)

Condition to match URI arguments of HTTP requests

This condition is used to match URI arguments aka query string of Http
request messages, for example, in URI http://exaple.com?foo=1&bar=2, the
"foo=1&bar=2" is the query string containing URI arguments. In an URI
scheme, query string is indicated by the first question mark ("?")
character and terminated by a number sign ("#") character or by the end of
the URI.
The uri_arguments field can be specified as a regular expression(Set
match_type to REGEX). For example, "foo=(?<x>\d+)". It matches HTTP
requests whose URI arguments containing "foo", the value of foo contains
only digits. And the value of foo is captured as $x which can be used in
LbRuleAction fields which support variables.

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for URI arguments comparing If true, case is significant when comparing URI arguments.	boolean	Default: "True"
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
match_type	Match type of URI arguments	LbRuleMatchType	Default: "REGEX"
type	Must be set to the value LbHttpRequestUriArgumentsCondition	LbRuleConditionType	Required
uri_arguments	URI arguments URI arguments, aka query string of URI.	string	Required

LbHttpRequestUriCondition (schema) (Deprecated)

Condition to match URIs of HTTP request messages

This condition is used to match URIs(Uniform Resource Identifier) of HTTP
request messages. The URI field can be specified as a regular expression.
If an HTTP request message is requesting an URI which matches specified
regular expression, it matches the condition.
The syntax of whole URI looks like this:
scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment]
This condition matches only the path part of entire URI.
When match_type field is specified as REGEX, the uri field is used as a
regular expression to match URI path of HTTP requests. For example, to
match any URI that has "/image/" or "/images/", uri field can be specified
as: "/image[s]?/".
Named capturing groups can be used in the uri field to capture substrings
of matched URIs and store them in variables for use in LbRuleAction. For
example, specify uri field as:
"/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)"
If the URI path is /articles/news/2017/06/xyz.html, then substring "2017"
is captured in variable year, "06" is captured in variable month, and
"xyz.html" is captured in variable article. These variables can then
be used in an LbRuleAction field which supports variables, such as uri
field of LbHttpRequestUriRewriteAction. For example, set the uri field
of LbHttpRequestUriRewriteAction as:
"/articles/news/$year-$month-$article"
Then the URI path /articles/news/2017/06/xyz.html is rewritten to:
"/articles/news/2017-06-xyz.html"

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for URI comparing If true, case is significant when comparing URI.	boolean	Default: "True"
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
match_type	Match type of URI	LbRuleMatchType	Default: "REGEX"
type	Must be set to the value LbHttpRequestUriCondition	LbRuleConditionType	Required
uri	A string used to identify resource	string	Required

LbHttpRequestUriRewriteAction (schema) (Deprecated)

Action to rewrite HTTP request URIs.

This action is used to rewrite URIs in matched HTTP request messages.
Specify the uri and uri_arguments fields in this condition to rewrite the
matched HTTP request message's URI and URI arguments to the new values.
Full URI scheme of HTTP messages have following syntax:
scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment]
The uri field of this action is used to rewrite the /path part in above
scheme. And the uri_arguments field is used to rewrite the query part.
Captured variables and built-in variables can be used in the uri and
uri_arguments fields.
Check the example in LbRuleAction to see how to use variables in this
action.

Name	Description	Type	Notes
type	Must be set to the value LbHttpRequestUriRewriteAction	LbRuleActionType	Required
uri	URI of HTTP request	string	Required
uri_arguments	URI arguments Query string of URI, typically contains key value pairs, for example: foo1=bar1&foo2=bar2	string

LbHttpRequestVersionCondition (schema) (Deprecated)

Condition to match HTTP protocol version of HTTP requests

This condition is used to match the HTTP protocol version of the HTTP
request messages.

Name	Description	Type	Notes
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
type	Must be set to the value LbHttpRequestVersionCondition	LbRuleConditionType	Required
version	HTTP version	HttpRequestVersionType	Required

LbHttpResponseHeaderCondition (schema) (Deprecated)

Condition to match a header field of HTTP response

This condition is used to match HTTP response messages from backend servers
by HTTP header fields. HTTP header fields are components of the header
section of HTTP request and response messages. They define the operating
parameters of an HTTP transaction. For example, Cookie, Authorization,
User-Agent, etc. One condition can be used to match one header field, to
match multiple header fields, multiple conditions must be specified.
The match_type field defines how header_value field is used to match HTTP
responses. The header_name field does not support match types.

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for HTTP header value comparing If true, case is significant when comparing HTTP header value.	boolean	Default: "True"
header_name	Name of HTTP header field	string	Required
header_value	Value of HTTP header field	string	Required
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
match_type	Match type of HTTP header value	LbRuleMatchType	Default: "REGEX"
type	Must be set to the value LbHttpResponseHeaderCondition	LbRuleConditionType	Required

LbHttpResponseHeaderDeleteAction (schema) (Deprecated)

Action to delete HTTP response header fields

This action is used to delete header fields of HTTP response messages at
HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers
with same header name. To delete headers with different header names,
multiple actions must be defined

Name	Description	Type	Notes
header_name	Name of a header field of HTTP response message	string	Required
type	Must be set to the value LbHttpResponseHeaderDeleteAction	LbRuleActionType	Required

LbHttpResponseHeaderRewriteAction (schema) (Deprecated)

Action to rewrite HTTP response header fields

This action is used to rewrite header fields of HTTP response messages to
specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used
to rewrite one header field. To rewrite multiple header fields, multiple
actions must be defined.
Captured variables and built-in variables can be used in the header_value
field, header_name field does not support variables.

Name	Description	Type	Notes
header_name	Name of a header field of HTTP request message	string	Required
header_value	Value of header field	string	Required
type	Must be set to the value LbHttpResponseHeaderRewriteAction	LbRuleActionType	Required

LbHttpSslCondition (schema) (Deprecated)

Condition to match SSL handshake and SSL connection

This condition is used to match SSL handshake and SSL connection at
all phases.If multiple properties are configured, the rule is considered
a match when all the configured properties are matched.

Name	Description	Type	Notes
client_certificate_issuer_dn	The issuer DN match condition of the client certificate The issuer DN match condition of the client certificate for an established SSL connection	LbClientCertificateIssuerDnCondition
client_certificate_subject_dn	The subject DN match condition of the client certificate The subject DN match condition of the client certificate for an established SSL connection	LbClientCertificateSubjectDnCondition
client_supported_ssl_ciphers	Cipher list which supported by client	array of SslCipher
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
session_reused	The type of SSL session reused	LbSslSessionReusedType	Default: "IGNORE"
type	Must be set to the value LbHttpSslCondition	LbRuleConditionType	Required
used_protocol	Protocol of an established SSL connection	SslProtocol
used_ssl_cipher	Cipher used for an established SSL connection	SslCipher

LbHttpsMonitor (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
certificate_chain_depth	the maximum traversal depth of server certificate chain authentication depth is used to set the verification depth in the server certificates chain.	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
cipher_group_label	Label of cipher group It is a label of cipher group which is mostly consumed by GUI.	SslCipherGroup
ciphers	supported SSL cipher list to servers	array of SslCipher
client_certificate_id	client certificate identifier client certificate can be specified to support client authentication.	string
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
fall_count	num of consecutive checks must fail before marking it down	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
id	Unique identifier of this resource	string	Sortable
interval	the frequency at which the system issues the monitor check (in second)	integer	Minimum: 1 Maximum: 2147483647 Default: "5"
is_fips	FIPS compliance of ciphers and protocols This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant..	boolean	Readonly
is_secure	Secure/Insecure monitor flag This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.	boolean	Readonly
monitor_port	port which is used for healthcheck If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.	PortElement
protocols	supported SSL protocol list to servers SSL version TLS1.2 is supported and enabled.	array of SslProtocol
request_body	String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST.	string
request_headers	Array of HTTP request headers	array of LbHttpRequestHeader
request_method	the health check method for HTTP monitor type	HttpRequestMethodType	Default: "GET"
request_url	URL used for HTTP monitor	string
request_version	HTTP request version	HttpRequestVersionType	Default: "HTTP_VERSION_1_1"
resource_type	Must be set to the value LbHttpsMonitor	MonitorType	Required
response_body	response body to match If HTTP response body match string (regular expressions not supported) is specified (using LbHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.	string
response_status_codes	Array of single HTTP response status codes The HTTP response status code should be a valid HTTP status code.	array of int	Maximum items: 64
rise_count	num of consecutive checks must pass before marking it up	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
server_auth	server authentication mode	ServerAuthType	Default: "IGNORE"
server_auth_ca_ids	CA identifier list to verify server certificate If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.	array of string
server_auth_crl_ids	CRL identifier list to verify server certificate A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.	array of string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
timeout	the number of seconds the target has in which to respond to the monitor request	integer	Minimum: 1 Maximum: 2147483647 Default: "15"

LbIcmpMonitor (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
data_length	The data size(in byte) of the ICMP healthcheck packet	integer	Minimum: 0 Maximum: 65507 Default: "56"
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
fall_count	num of consecutive checks must fail before marking it down	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
id	Unique identifier of this resource	string	Sortable
interval	the frequency at which the system issues the monitor check (in second)	integer	Minimum: 1 Maximum: 2147483647 Default: "5"
monitor_port	port which is used for healthcheck If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.	PortElement
resource_type	Must be set to the value LbIcmpMonitor	MonitorType	Required
rise_count	num of consecutive checks must pass before marking it up	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
timeout	the number of seconds the target has in which to respond to the monitor request	integer	Minimum: 1 Maximum: 2147483647 Default: "15"

LbIpHeaderCondition (schema) (Deprecated)

Condition to match IP header fields

This condition is used to match IP header fields of HTTP messages.
Either source_address or group_id should be specified.

Name	Description	Type	Notes
group_id	Grouping object identifier Source IP address of HTTP message should match IP addresses which are configured in Group in order to perform actions.	string
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
source_address	Source IP address of HTTP message Source IP address of HTTP message. IP Address can be expressed as a single IP address like 10.1.1.1, or a range of IP addresses like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported.	IPElement
type	Must be set to the value LbIpHeaderCondition	LbRuleConditionType	Required

LbJwtAuthAction (schema) (Deprecated)

Action to control access using JWT authentication

This action is used to control access to backend server resources using
JSON Web Token(JWT) authentication. The JWT authentication is done before
any HTTP manipulation if the HTTP request matches the given condition in
LbRule. Any verification failed, the HTTP process will be terminated, and
HTTP response with 401 status code and WWW-Authentication header will be
returned to client.

Name	Description	Type	Notes
key	LbJwtKey used for verifying the signature of JWT token Keys are used for verifying the signature of JWT token. In current version, only symmetric (HMAC SHA256) key and asymmetric (RS256) key are supported. It is optional, in case no key specified, the jwt signature won't be verified.	LbJwtKey (Abstract type: pass one of the following concrete types) LbJwtCertificateKey LbJwtPublicKey LbJwtSymmetricKey
pass_jwt_to_pool	Whether to pass the JWT to backend server or remove it Specify whether to pass the JWT to backend server or remove it. By default, it is false which means will not pass the JWT to backend servers.	boolean	Default: "False"
realm	JWT realm A description of the protected area. If no realm is specified, clients often display a formatted hostname instead. The configured realm is returned when client request is rejected with 401 http status. In the response, it will be "WWW-Authentication: Bearer realm=<realm>".	string
tokens	JWT tokens JWT is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Load balancer will search for every specified tokens one by one for the jwt message until found. This parameter is optional. In case not found or this field is not configured, load balancer searches the Bearer header by default in the http request "Authorization: Bearer <token>".	array of string
type	Must be set to the value LbJwtAuthAction	LbRuleActionType	Required

LbJwtCertificateKey (schema) (Deprecated)

Specifies certificate used to verify the signature of JWT tokens

The key is used to specify certificate which is used to verify the
signature of JWT tokens.

Name	Description	Type	Notes
certificate_id	Certificate identifier	string	Required
type	Must be set to the value LbJwtCertificateKey	LbJwtKeyType	Required

LbJwtKey (schema) (Deprecated)

Load balancer JWT key

LbJwtKey specifies the symmetric key or asymmetric public key used to
decrypt the data in JWT.
This is an abstract type. Concrete child types:
LbJwtCertificateKey
LbJwtPublicKey
LbJwtSymmetricKey

Name	Description	Type	Notes
type	Type of load balancer JWT key The property is used to identify JWT key type.	LbJwtKeyType	Required

LbJwtKeyType (schema) (Deprecated)

Type of load balancer JWT key

It is used to identify JWT key type.

Name	Description	Type	Notes
LbJwtKeyType	Type of load balancer JWT key It is used to identify JWT key type.	string	Deprecated Enum: LbJwtCertificateKey, LbJwtSymmetricKey, LbJwtPublicKey

LbJwtPublicKey (schema) (Deprecated)

Specifies public key content used to verify the signature of JWT tokens

The key is used to specify the public key content which is used to verify
the signature of JWT tokens.

Name	Description	Type	Notes
public_key_content	Content of public key	string	Required
type	Must be set to the value LbJwtPublicKey	LbJwtKeyType	Required

LbJwtSymmetricKey (schema) (Deprecated)

Specifies the symmetric key used to verify the signature of JWT tokens

The key is used to specify the symmetric key which is used to verify the
signature of JWT tokens.

Name	Description	Type	Notes
type	Must be set to the value LbJwtSymmetricKey	LbJwtKeyType	Required

LbMonitor (schema) (Deprecated)

This is an abstract type. Concrete child types:
LbHttpMonitor
LbHttpsMonitor
LbIcmpMonitor
LbPassiveMonitor
LbTcpMonitor
LbUdpMonitor

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
resource_type	Must be set to the value LbMonitor	MonitorType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LbMonitorListRequestParameters (schema) (Deprecated)

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string
type	Load balancer monitor type Specify this type parameter to retrieve a list of load balancer monitors of specified type.	MonitorQueryType

LbMonitorListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	paginated list of load balancer monitors	array of LbMonitor (Abstract type: pass one of the following concrete types) LbHttpMonitor LbHttpsMonitor LbIcmpMonitor LbPassiveMonitor LbTcpMonitor LbUdpMonitor	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

LbNodeCountPerSeverity (schema) (Deprecated)

The node count for specific severity

The node count for specific load balancer usage severity.

Name	Description	Type	Notes
node_count	Node count for specific severity Node count for specific severity.	integer	Readonly
severity	LB usage severity The severity calculation is based on credit usage percentage of load balancer for one node.	LbUsageSeverity	Readonly

LbNodeUsage (schema) (Deprecated)

Node usage for load balancer

Node usage for load balancer contains basic information and LB entity
usages and capacity for the given node.
This is an abstract type. Concrete child types:
LbEdgeNodeUsage

Name	Description	Type	Notes
node_id	The UUID of the node for load balancer node usage The property identifies the node UUID for load balancer node usage.	string	Required
type	Type of load balancer node usage The property identifies the load balancer node usage type.	LbNodeUsageType	Required

LbNodeUsageSummary (schema) (Deprecated)

Lb node usage summary for all nodes

The load balancer node usage summary for all nodes. Only EdgeNode is
supported. The summary calculation is based on all edge nodes
configured in edge clusters.

Name	Description	Type	Notes
current_credit_number	Current credit number The current credit number reflects the overall credit usage for all nodes.	integer	Readonly
current_pool_members	The current number of pool members The overall number of pool members configured on all nodes.	integer	Readonly
node_counts	Array of node count for each severity The property identifies array of node count for each severity (RED, ORANGE and GREEN).	array of LbNodeCountPerSeverity	Readonly
node_usages	Array of lb node usages The property contains lb node usages for each node.	array of LbNodeUsage (Abstract type: pass one of the following concrete types) LbEdgeNodeUsage	Readonly
remaining_credit_number	Remaining credit number The remaining credit number is the overall remaining credits that can be used for load balancer service configuration for all nodes.	integer	Readonly
remaining_pool_members	The remaining number of pool members The overall remaining number of pool members which could be configured on all nodes.	integer	Readonly
severity	LB usage severity The severity calculation is based on current credit usage percentage of load balancer for all nodes.	LbUsageSeverity	Readonly
usage_percentage	Usage percentage The overall usage percentage of all nodes for load balancer. The value is the larger value between overall pool member usage percentage and overall load balancer credit usage percentage.	number	Readonly

LbNodeUsageSummaryRequestParameters (schema) (Deprecated)

Load balancer node usage summary request parameters

Load balancer node usage summary request parameters.

Name	Description	Type	Notes
include_usages	Whether to include node usages Specify whether to include node usages in response. By default, it is false which means node usages are not included in LbNodeUsageSummary response.	boolean

LbNodeUsageType (schema) (Deprecated)

Node type for load balancer node usage

The node type for load balancer node usage.

Name	Description	Type	Notes
LbNodeUsageType	Node type for load balancer node usage The node type for load balancer node usage.	string	Deprecated Enum: LbEdgeNodeUsage

LbPassiveMonitor (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
max_fails	number of consecutive connection failures When the consecutive failures reach this value, then the member is considered temporarily unavailable for a configurable period	integer	Minimum: 1 Maximum: 2147483647 Default: "5"
resource_type	Must be set to the value LbPassiveMonitor	MonitorType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
timeout	timeout in seconds before it is selected again for a new connection After this timeout period, the member is tried again for a new connection to see if it is available.	integer	Minimum: 1 Maximum: 2147483647 Default: "5"

LbPersistenceCookieTime (schema) (Deprecated)

Name	Description	Type	Notes
cookie_max_idle	persistence cookie max idle time in seconds HTTP cookie max-age to expire cookie, only available for insert mode.	integer	Required Minimum: 1 Maximum: 2147483647
type	Must be set to the value LbPersistenceCookieTime	CookieTimeType	Required

LbRule (schema) (Deprecated)

Load balancer rules

Load balancer rules allow customization of load balancing behavior using
match/action rules. Currently, load balancer rules are supported for only
layer 7 virtual servers with application profile LbHttpProfile.
Each application rule consists of one or more match conditions and one or
more actions.
Load balancer rules could be used by different load balancer services.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions to be executed A list of actions to be executed at specified phase when load balancer rule matches. The actions are used to manipulate application traffic, such as rewrite URI of HTTP messages, redirect HTTP messages, etc.	array of LbRuleAction (Abstract type: pass one of the following concrete types) LbConnectionDropAction LbHttpRedirectAction LbHttpRejectAction LbHttpRequestHeaderDeleteAction LbHttpRequestHeaderRewriteAction LbHttpRequestUriRewriteAction LbHttpResponseHeaderDeleteAction LbHttpResponseHeaderRewriteAction LbJwtAuthAction LbSelectPoolAction LbSslModeSelectionAction LbVariableAssignmentAction LbVariablePersistenceLearnAction LbVariablePersistenceOnAction	Required Maximum items: 60
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
match_conditions	Conditions to match application traffic A list of match conditions used to match application traffic. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion to match application traffic. If no match conditions are specified, then the load balancer rule will always match and it is used typically to define default rules. If more than one match condition is specified, then match strategy determines if all conditions should match or any one condition should match for the load balancer rule to considered a match.	array of LbRuleCondition (Abstract type: pass one of the following concrete types) LbHttpRequestBodyCondition LbHttpRequestCookieCondition LbHttpRequestHeaderCondition LbHttpRequestMethodCondition LbHttpRequestUriArgumentsCondition LbHttpRequestUriCondition LbHttpRequestVersionCondition LbHttpResponseHeaderCondition LbHttpSslCondition LbIpHeaderCondition LbSslSniCondition LbTcpHeaderCondition LbVariableCondition	Maximum items: 60
match_strategy	Strategy to match multiple conditions Strategy to define how load balancer rule is considered a match when multiple match conditions are specified in one rule. If match_stragety is set to ALL, then load balancer rule is considered a match only if all the conditions match. If match_strategy is set to ANY, then load balancer rule is considered a match if any one of the conditions match.	string	Required Enum: ALL, ANY
phase	Load balancer processing phase Each load balancer rule is used at a specific phase of load balancer processing. Currently five phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE, HTTP_ACCESS and TRANSPORT. When an HTTP request message is received by load balancer, all HTTP_REQUEST_REWRITE rules, if present are executed in the order they are applied to virtual server. And then if HTTP_FORWARDING rules present, only first matching rule's action is executed, remaining rules are not checked. HTTP_FORWARDING rules can have only one action. If the request is forwarded to a backend server and the response goes back to load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed in the order they are applied to the virtual server. In HTTP_ACCESS phase, user can define action to control access using JWT authentication. In TRANSPORT phase, user can define the condition to match SNI in TLS client hello and define the action to do SSL end-to-end, SSL offloading or SSL passthrough using a specific load balancer server pool.	string	Required Enum: HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE, HTTP_ACCESS, TRANSPORT
resource_type	Must be set to the value LbRule	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LbRuleAction (schema) (Deprecated)

Load balancer rule action

Load balancer rule actions are used to manipulate application traffic.
Currently load balancer rules can be used at three load balancer processing
phases. Each phase has its own supported type of actions.
Supported actions in HTTP_REQUEST_REWRITE phase are:
LbHttpRequestUriRewriteAction
LbHttpRequestHeaderRewriteAction
LbHttpRequestHeaderDeleteAction
LbVariableAssignmentAction
Supported actions in HTTP_FORWARDING phase are:
LbHttpRejectAction
LbHttpRedirectAction
LbSelectPoolAction
LbVariablePersistenceOnAction
LbConnectionDropAction
Supported action in HTTP_RESPONSE_REWRITE phase is:
LbHttpResponseHeaderRewriteAction
LbHttpResponseHeaderDeleteAction
LbVariablePersistenceLearnAction
Supported action in HTTP_ACCESS phase is:
LbJwtAuthAction
LbConnectionDropAction
LbVariableAssignmentAction
Supported action in TRANSPORT phase is:
LbSslModeSelectionAction
LbSelectPoolAction

If the match type of an LbRuleCondition field is specified as REGEX and
named capturing groups are used in the specified regular expression. The
groups can be used as variables in LbRuleAction fields.
For example, define a rule with LbHttpRequestUriCondition as match
condition and LbHttpRequestUriRewriteAction as action. Set match_type field
of LbHttpRequestUriCondition to REGEX, and set uri field to
"/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)".
Set uri field of LbHttpRequestUriRewriteAction to:
"/news/$year-$month/$article"
In uri field of LbHttpRequestUriCondition, the (?<year>\d+),
(?<month>\d+) and (?<article>.*) are named capturing groups,
they define variables named $year, $month and $article respectively. The
defined variables are used in LbHttpRequestUriRewriteAction.
For a matched HTTP request with URI "/news/2017/06/xyz.html", the substring
"2017" is captured in variable $year, "06" is captured in variable $month,
and "xyz.html" is captured in variable $article. The
LbHttpRequestUriRewriteAction will rewrite the URI to:
"/news/2017-06/xyz.html"
A set of built-in variables can be used in LbRuleAction as well. The name
of built-in variables start with underscore, the name of user defined
variables is not allowed to start with underscore.
Following are some of the built-in variables:
$_scheme: Reference the scheme part of matched HTTP messages, could be
"http" or "https".
$_host: Host of matched HTTP messages, for example "www.example.com".
$_server_port: Port part of URI, it is also the port of the server which
accepted a request. Default port is 80 for http and 443 for https.
$_uri: The URI path, for example "/products/sample.html".
$_request_uri: Full original request URI with arguments, for example,
"/products/sample.html?a=b&c=d".
$_args: URI arguments, for instance "a=b&c=d"
$_is_args: "?" if a request has URI arguments, or an empty string
otherwise.
For the full list of built-in variables, please reference the NSX-T
Administrator's Guide.
This is an abstract type. Concrete child types:
LbConnectionDropAction
LbHttpRedirectAction
LbHttpRejectAction
LbHttpRequestHeaderDeleteAction
LbHttpRequestHeaderRewriteAction
LbHttpRequestUriRewriteAction
LbHttpResponseHeaderDeleteAction
LbHttpResponseHeaderRewriteAction
LbJwtAuthAction
LbSelectPoolAction
LbSslModeSelectionAction
LbVariableAssignmentAction
LbVariablePersistenceLearnAction
LbVariablePersistenceOnAction

Name	Description	Type	Notes
type	Type of load balancer rule action The property identifies the load balancer rule action type.	LbRuleActionType	Required

LbRuleActionType (schema) (Deprecated)

Types of load balancer rule actions

LbRuleActionType is used to identify the action types used in load
balancer rules.

Name	Description	Type	Notes
LbRuleActionType	Types of load balancer rule actions LbRuleActionType is used to identify the action types used in load balancer rules.	string	Deprecated Enum: LbHttpRequestUriRewriteAction, LbHttpRequestHeaderRewriteAction, LbHttpRejectAction, LbHttpRedirectAction, LbSelectPoolAction, LbSelectServerAction, LbHttpResponseHeaderRewriteAction, LbHttpRequestHeaderDeleteAction, LbHttpResponseHeaderDeleteAction, LbVariableAssignmentAction, LbVariablePersistenceOnAction, LbVariablePersistenceLearnAction, LbJwtAuthAction, LbSslModeSelectionAction, LbConnectionDropAction

LbRuleCondition (schema) (Deprecated)

Match condition of load balancer rule

Match conditions are used to match application traffic passing through
load balancers. Multiple match conditions can be specified in one load
balancer rule, each match condition defines a criterion for application
traffic.
If inverse field is set to true, the match result of the condition is
inverted.
If more than one match condition is specified, match strategy determines
if all conditions should match or any one condition should match for the
load balancer rule to be considered a match.
Currently only HTTP messages are supported by load balancer rules.
Each load balancer rule is used at a specific phase of load balancer
processing. Currently three phases are supported, HTTP_REQUEST_REWRITE,
HTTP_FORWARDING and HTTP_RESPONSE_REWRITE.
Each phase supports certain types of match conditions, supported match
conditions in HTTP_REQUEST_REWRITE phase are:
LbHttpRequestMethodCondition
LbHttpRequestUriCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestVersionCondition
LbHttpRequestHeaderCondition
LbHttpRequestCookieCondition
LbHttpRequestBodyCondition
LbTcpHeaderCondition
LbIpHeaderCondition
LbVariableCondition
LbHttpSslCondition
Supported match conditions in HTTP_FORWARDING phase are:
LbHttpRequestMethodCondition
LbHttpRequestUriCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestVersionCondition
LbHttpRequestHeaderCondition
LbHttpRequestCookieCondition
LbHttpRequestBodyCondition
LbTcpHeaderCondition
LbIpHeaderCondition
LbVariableCondition
LbHttpSslCondition
LbSslSniCondition
Supported match condition in HTTP_RESPONSE_REWRITE phase is:
LbHttpResponseHeaderCondition
LbHttpRequestMethodCondition
LbHttpRequestUriCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestVersionCondition
LbHttpRequestHeaderCondition
LbHttpRequestCookieCondition
LbTcpHeaderCondition
LbIpHeaderCondition
LbVariableCondition
LbHttpSslCondition
Supported match condition in HTTP_ACCESS phase is:
LbHttpRequestMethodCondition
LbHttpRequestUriCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestVersionCondition
LbHttpRequestHeaderCondition
LbHttpRequestCookieCondition
LbHttpRequestBodyCondition
LbTcpHeaderCondition
LbIpHeaderCondition
LbVariableCondition
LbHttpSslCondition
Supported match condition in TRANSPORT phase is:
LbSslSniCondition
This is an abstract type. Concrete child types:
LbHttpRequestBodyCondition
LbHttpRequestCookieCondition
LbHttpRequestHeaderCondition
LbHttpRequestMethodCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestUriCondition
LbHttpRequestVersionCondition
LbHttpResponseHeaderCondition
LbHttpSslCondition
LbIpHeaderCondition
LbSslSniCondition
LbTcpHeaderCondition
LbVariableCondition

Name	Description	Type	Notes
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
type	Type of load balancer rule condition	LbRuleConditionType	Required

LbRuleConditionType (schema) (Deprecated)

Type of load balancer rule match condition

Name	Description	Type	Notes
LbRuleConditionType	Type of load balancer rule match condition	string	Deprecated Enum: LbHttpRequestMethodCondition, LbHttpRequestUriCondition, LbHttpRequestUriArgumentsCondition, LbHttpRequestVersionCondition, LbHttpRequestHeaderCondition, LbHttpRequestCookieCondition, LbHttpRequestBodyCondition, LbHttpResponseHeaderCondition, LbTcpHeaderCondition, LbIpHeaderCondition, LbVariableCondition, LbHttpSslCondition, LbSslSniCondition

LbRuleListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	paginated list of LB rules	array of LbRule	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

LbSelectPoolAction (schema) (Deprecated)

Action to select a pool for HTTP request messages

This action is used to select a pool for matched HTTP request messages. The
pool is specified by UUID. The matched HTTP request messages are forwarded
to the specified pool.

Name	Description	Type	Notes
pool_id	UUID of load balancer pool	string	Required
pool_name	Display name of load balancer pool	string	Readonly
type	Must be set to the value LbSelectPoolAction	LbRuleActionType	Required

LbServerSslProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
cipher_group_label	Label of cipher group It is a label of cipher group which is mostly consumed by GUI.	SslCipherGroup
ciphers	supported SSL cipher list to client side	array of SslCipher
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
is_fips	FIPS compliance of ciphers and protocols This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.	boolean	Readonly
is_secure	Secure/Insecure SSL profile flag This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.	boolean	Readonly
protocols	supported SSL protocol list to client side TLS1.2 is supported and enabled.	array of SslProtocol
resource_type	Must be set to the value LbServerSslProfile	string
session_cache_enabled	session cache enable/disable falg SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.	boolean	Default: "True"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LbServerSslProfileListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	paginated list of load balancer server SSL profiles	array of LbServerSslProfile	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

LbSessionCookieTime (schema) (Deprecated)

Name	Description	Type	Notes
cookie_max_idle	session cookie max idle time in seconds Instead of using HTTP Cookie max-age and relying on client to expire the cookie, max idle time and/or max lifetime of the cookie can be used. Max idle time, if configured, specifies the maximum interval the cookie is valid for from the last time it was seen in a request. It is available for insert mode.	integer	Minimum: 1 Maximum: 2147483647
cookie_max_life	session cookie max lifetime in seconds Max life time, if configured, specifies the maximum interval the cookie is valid for from the first time the cookie was seen in a request. It is available for insert mode.	integer	Minimum: 1 Maximum: 2147483647
type	Must be set to the value LbSessionCookieTime	CookieTimeType	Required

LbSnatAutoMap (schema) (Deprecated)

Name	Description	Type	Notes
type	Must be set to the value LbSnatAutoMap	SnatTranslationType	Required
port_overload	port overloading with same SNAT IP and port Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.	integer	Deprecated Minimum: 1 Maximum: 32 Default: "32"

LbSnatIpElement (schema) (Deprecated)

Name	Description	Type	Notes
ip_address	Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160	IPElement	Required
prefix_length	subnet prefix length Subnet prefix length should be not specified if there is only one single IP address or IP range.	integer

LbSnatIpPool (schema) (Deprecated)

Name	Description	Type	Notes
ip_addresses	List of Ip address or ip range If an IP range is specified, the range may contain no more than 64 IP addresses.	array of LbSnatIpElement	Required Maximum items: 64
type	Must be set to the value LbSnatIpPool	SnatTranslationType	Required
port_overload	port overloading with same SNAT IP and port Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.	integer	Deprecated Minimum: 1 Maximum: 32 Default: "32"

LbSnatTranslation (schema) (Deprecated)

This is an abstract type. Concrete child types:
LbSnatAutoMap
LbSnatIpPool

Name	Description	Type	Notes
type		SnatTranslationType	Required
port_overload	port overloading with same SNAT IP and port Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.	integer	Deprecated Minimum: 1 Maximum: 32 Default: "32"

LbSslModeSelectionAction (schema) (Deprecated)

Action to select SSL mode

This action is used to select SSL mode. Three types of SSL mode actions can
be specified in Transport phase, ssl passthrough, ssl offloading and ssl
end-to-end.

Name	Description	Type	Notes
ssl_mode	Type of SSL mode SSL Passthrough: LB establishes a TCP connection with client and another connection with selected backend server. LB won't inspect the stream data between client and backend server, but just pass it through. Backend server exchanges SSL connection with client. SSL Offloading: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTP without SSL. LB estalishes new connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured. SSL End-to-End: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTPS. LB estalishes new SSL connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured.	string	Required Enum: SSL_PASSTHROUGH, SSL_END_TO_END, SSL_OFFLOAD
type	Must be set to the value LbSslModeSelectionAction	LbRuleActionType	Required

LbSslProfile (schema) (Deprecated)

Load balancer abstract SSL profile

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
resource_type	Must be set to the value LbSslProfile	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LbSslSniCondition (schema) (Deprecated)

Condition to match SSL SNI in client hello

This condition is used to match SSL SNI in client hello. This condition is
only supported in TRANSPORT phase and HTTP_FORWARDING phase.

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for SNI comparing If true, case is significant when comparing SNI value.	boolean	Default: "True"
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
match_type	Match type of SNI Determine how a specified string value is used to match SNI.	LbRuleMatchType	Default: "REGEX"
sni	The server name indication The SNI(Server Name indication) in client hello message.	string	Required
type	Must be set to the value LbSslSniCondition	LbRuleConditionType	Required

LbTcpHeaderCondition (schema) (Deprecated)

Condition to match TCP header fields

This condition is used to match TCP header fields of HTTP messages.
Currently, only the TCP source port is supported. Ports can be expressed as
a single port number like 80, or a port range like 1024-1030.

Name	Description	Type	Notes
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
source_port	TCP source port of HTTP message	PortElement	Required
type	Must be set to the value LbTcpHeaderCondition	LbRuleConditionType	Required

LbTcpMonitor (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
fall_count	num of consecutive checks must fail before marking it down	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
id	Unique identifier of this resource	string	Sortable
interval	the frequency at which the system issues the monitor check (in second)	integer	Minimum: 1 Maximum: 2147483647 Default: "5"
monitor_port	port which is used for healthcheck If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.	PortElement
receive	expected data received from server Expected data, if specified, can be anywhere in the response and it has to be a string, regular expressions are not supported.	string
resource_type	Must be set to the value LbTcpMonitor	MonitorType	Required
rise_count	num of consecutive checks must pass before marking it up	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
send	data to send If both send and receive are not specified, then just a TCP connection is established (3-way handshake) to validate server is healthy, no data is sent.	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
timeout	the number of seconds the target has in which to respond to the monitor request	integer	Minimum: 1 Maximum: 2147483647 Default: "15"

LbUdpMonitor (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
fall_count	num of consecutive checks must fail before marking it down	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
id	Unique identifier of this resource	string	Sortable
interval	the frequency at which the system issues the monitor check (in second)	integer	Minimum: 1 Maximum: 2147483647 Default: "5"
monitor_port	port which is used for healthcheck If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.	PortElement
receive	expected data received from server Expected data, can be anywhere in the response and it has to be a string, regular expressions are not supported. UDP healthcheck is considered failed if there is no server response within the timeout period.	string	Required
resource_type	Must be set to the value LbUdpMonitor	MonitorType	Required
rise_count	num of consecutive checks must pass before marking it up	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
send	data to send The data to be sent to the monitored server.	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
timeout	the number of seconds the target has in which to respond to the monitor request	integer	Minimum: 1 Maximum: 2147483647 Default: "15"

LbUsageSeverity (schema) (Deprecated)

Load balancer usage severity

Severity is calculated from usage percentage:
GREEN means the current usage percentage is less than 60%.
ORANGE means the current usage percentage is less than 80% and larger than
or equal to 60%.
RED means the current usage percentage is larger than or equal to 80%.

Name	Description	Type	Notes
LbUsageSeverity	Load balancer usage severity Severity is calculated from usage percentage: GREEN means the current usage percentage is less than 60%. ORANGE means the current usage percentage is less than 80% and larger than or equal to 60%. RED means the current usage percentage is larger than or equal to 80%.	string	Deprecated Enum: GREEN, ORANGE, RED

LbVariableAssignmentAction (schema) (Deprecated)

Action to create variable and assign value to it.

This action is used to create a new variable and assign value to it.
One action can be used to create one variable. To create multiple
variables, multiple actions must be defined.
The variables can be used by LbVariableCondition, etc.

Name	Description	Type	Notes
type	Must be set to the value LbVariableAssignmentAction	LbRuleActionType	Required
variable_name	Name of the variable to be assigned	string	Required
variable_value	Value of variable	string	Required

LbVariableCondition (schema) (Deprecated)

Condition to match IP header fields

This condition is used to match variable's name and value at all
phases. The variables could be captured from REGEX or assigned by
LbVariableAssignmentAction or system embedded variable. Varialbe_name
and variable_value should be matched at the same time.

Name	Description	Type	Notes
case_sensitive	A case sensitive flag for variable value comparing If true, case is significant when comparing variable value.	boolean	Default: "True"
inverse	A flag to indicate whether reverse the match result of this condition	boolean	Default: "False"
match_type	Match type of variable value	LbRuleMatchType	Default: "REGEX"
type	Must be set to the value LbVariableCondition	LbRuleConditionType	Required
variable_name	Name of the variable to be matched	string	Required
variable_value	Value of variable to be matched	string	Required

LbVariablePersistenceLearnAction (schema) (Deprecated)

Action to learn the variable value

This action is performed in HTTP response rewrite phase. It is used to
learn the value of variable from the HTTP response, and insert an entry
into the persistence table if the entry doesn't exist.

Name	Description	Type	Notes
persistence_profile_id	UUID of LbPersistenceProfile If the persistence profile UUID is not specified, a default persistence table is created per virtual server. Currently, only LbGenericPersistenceProfile is supported.	string
type	Must be set to the value LbVariablePersistenceLearnAction	LbRuleActionType	Required
variable_hash_enabled	Whether to enable a hash operation for variable value The property is used to enable a hash operation for variable value when composing the persistence key.	boolean	Default: "False"
variable_name	Variable name The property is the name of variable to be learnt. It is used to identify which variable's value is learnt from HTTP response. The variable can be a system embedded variable such as "_cookie_JSESSIONID", a customized variable defined in LbVariableAssignmentAction or a captured variable in regular expression such as "article".	string	Required

LbVariablePersistenceOnAction (schema) (Deprecated)

Action to persist the variable value

This action is performed in HTTP forwarding phase. It is used to inspect
the variable of HTTP request, and look up the persistence entry with its
value and pool uuid as key.
If the persistence entry is found, the HTTP request is forwarded to the
recorded backend server according to the persistence entry.
If the persistence entry is not found, a new entry is created in the
table after backend server is selected.

Name	Description	Type	Notes
persistence_profile_id	UUID of LbPersistenceProfile If the persistence profile UUID is not specified, a default persistence table is created per virtual server. Currently, only LbGenericPersistenceProfile is supported.	string
type	Must be set to the value LbVariablePersistenceOnAction	LbRuleActionType	Required
variable_hash_enabled	Whether to enable a hash operation for variable value The property is used to enable a hash operation for variable value when composing the persistence key.	boolean	Default: "False"
variable_name	Variable name The property is the name of variable to be used. It specifies which variable's value of a HTTP Request will be used in the key of persistence entry. The variable can be a system embedded variable such as "_cookie_JSESSIONID", a customized variable defined in LbVariableAssignmentAction or a captured variable in regular expression such as "article".	string	Required

LldpHostSwitchProfile (schema) (Deprecated)

Host Switch for LLDP

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
required_capabilities		array of string	Readonly
resource_type	Must be set to the value LldpHostSwitchProfile	HostSwitchProfileType	Required
send_enabled	Enabled or disabled sending LLDP packets	boolean	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LogicalDhcpServer (schema) (Deprecated)

Logical DHCP server

Definition of a logical DHCP server which can be attached a logical switch
via a logical port. Both ipv4_dhcp_server and ipv6_dhcp_server can be
configured at the same time, or only configure either ipv4_dhcp_server or
ipv6_dhcp_server.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
attached_logical_port_id	Id of attached logical port The uuid of the attached logical port. Read only.	string	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
dhcp_profile_id	DHCP profile uuid The DHCP profile uuid the logical DHCP server references.	string	Required
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
ipv4_dhcp_server	DHCP server for ipv4 addresses The DHCP server for ipv4 addresses allocation service.	IPv4DhcpServer
ipv6_dhcp_server	DHCP server for ipv6 addresses The DHCP server for ipv6 addresses allocation service.	IPv6DhcpServer
resource_type	Must be set to the value LogicalDhcpServer	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LogicalDhcpServerListResult (schema) (Deprecated)

A list of logical DHCP servers

A paginated list of logical DHCP servers.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Paginated list of DHCP servers A paginated list of logical DHCP servers.	array of LogicalDhcpServer	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

LogicalPort (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
address_bindings	Address bindings for logical port Each address binding must contain both an IPElement and MAC address. VLAN ID is optional. This binding configuration can be used by features such as spoof-guard and overrides any discovered bindings. Any non unique entries are deduplicated to generate a unique set of address bindings and then stored. For IP addresses, a subnet address cannot have host bits set. A maximum of 128 unique address bindings is allowed per port.	array of PacketAddressClassifier	Minimum items: 0 Maximum items: 512
admin_state	Represents Desired state of the logical port	string	Required Enum: UP, DOWN
attachment	Logical port attachment	LogicalPortAttachment
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
extra_configs	Extra configs on logical port This property could be used for vendor specific configuration in key value string pairs. Logical port setting will override logical switch setting if the same key was set on both logical switch and logical port.	array of ExtraConfig
id	Unique identifier of this resource	string	Sortable
ignore_address_bindings	Address bindings to be ignored by IP Discovery module IP Discovery module uses various mechanisms to discover address bindings being used on each port. If a user would like to ignore any specific discovered address bindings or prevent the discovery of a particular set of discovered bindings, then those address bindings can be provided here. Currently IP range in CIDR format is not supported.	array of PacketAddressClassifier	Minimum items: 0 Maximum items: 16
init_state	Initial state of this logical ports Set initial state when a new logical port is created. 'UNBLOCKED_VLAN' means new port will be unblocked on traffic in creation, also VLAN will be set with corresponding logical switch setting. This port setting can only be configured at port creation (POST), and cannot be modified. 'RESTORE_VIF' fetches and restores VIF attachment from ESX host.	LogicalPortInitState
internal_id	ID of the logical port in Global Manager The internal_id of the logical port may or may not be identical to it's managed resource ID. If a VirtualMachine connected to logical port migrates from one site to another, then on the destination site, it will be connected to different logical port managed resource. However, the internal_id field will be persisted across vmotion.	string
logical_switch_id	Id of the Logical switch that this port belongs to.	string	Required
origin_id	ID of the distributed virtual port and the distributed virtual switch in the source vCenter ID populated by NSX when NSX on DVPG is used to indicate the source distributed virtual port and the corresponding distributed virtual switch. This ID is populated only for logical ports that belong to a logical switch of type DVPG.	string	Readonly
resource_type	Must be set to the value LogicalPort	string
switching_profile_ids		array of SwitchingProfileTypeIdEntry
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
tofu_version	Version of Trust On First Use (TOFU) paradigm. This is an experimental field. The TOFU workflow will be triggered upon modification of this value to a different non-zero positive value.	integer	Minimum: 0 Maximum: 4294967295

LogicalPortAttachment (schema) (Deprecated)

Logical port attachment

Name	Description	Type	Notes
attachment_type	Type of attachment for logical port Indicates the type of logical port attachment. By default it is Virtual Machine interface (VIF)	AttachmentType	Default: "VIF"
context	Attachment context Extra context data for the attachment	AttachmentContext (Abstract type: pass one of the following concrete types) L2VpnAttachmentContext VifAttachmentContext
id	Identifier of the interface attached to the logical port	string	Required

LogicalPortAttachmentState (schema) (Deprecated)

VIF attachment state of a logical port

Name	Description	Type	Notes
attachers	VM or vmknic entities that are attached to the LogicalPort	array of PortAttacher	Readonly
id	VIF ID	string	Readonly
state	State of the VIF attached to LogicalPort A logicalPort must be in one of following state. FREE - If there are no active attachers. The LogicalPort may or may not have an attachment ID configured on it. This state is applicable only to LogialPort of static type. ATTACHED - LogicalPort has exactly one active attacher and no further configuration is pending. ATTACHED_PENDING_CONF - LogicalPort has exactly one attacher, however it may not have been configured completely. Additional configuration will be provided by other nsx components. ATTACHED_IN_MOTION - LogicalPort has multiple active attachers. This state represents a scenario where VM is moving from one location (host or storage) to another (e.g. vmotion, vSphere HA) DETACHED - A temporary state after all LogialPort attachers have been detached. This state is applicable only to LogicalPort of ephemeral type and the LogicalPort will soon be deleted.	string	Required Readonly Enum: FREE, ATTACHED, ATTACHED_PENDING_CONF, ATTACHED_IN_MOTION, DETACHED

LogicalPortDeleteParameters (schema) (Deprecated)

Name	Description	Type	Notes
detach	force delete even if attached or referenced by a group If this is set to true, then logical port is deleted regardless of whether it has attachments, or it is added to any NSGroup.	boolean	Default: "False"

LogicalPortInitState (schema) (Deprecated)

Supported initial state of logical port

Name	Description	Type	Notes
LogicalPortInitState	Supported initial state of logical port	string	Deprecated Enum: UNBLOCKED_VLAN, RESTORE_VIF

LogicalPortListParameters (schema) (Deprecated)

Logical port list parameters

Name	Description	Type	Notes
attachment_id	Logical Port attachment Id	string
attachment_type	Type of attachment for logical port; NONE means no attachment.	AttachmentTypeQueryString
bridge_cluster_id	Bridge Cluster identifier	string
container_ports_only	Only container VIF logical ports will be returned if true	boolean	Default: "False"
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
diagnostic	Flag to enable showing of transit logical port.	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
logical_switch_id	Logical Switch identifier	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
parent_vif_id	ID of the VIF of type PARENT Get logical ports that have CHILD VIF attachment of given PARENT VIF.	string
sort_ascending		boolean
sort_by	Field by which records are sorted	string
switching_profile_id	Network Profile identifier	string
transport_node_id	Transport node identifier Get logical ports on the transport node; it can not be given together with other parameters except container_ports_only and attachment_type VIF.	string
transport_zone_id	Transport zone identifier	string

LogicalPortListResult (schema) (Deprecated)

Logical port queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	LogicalPort Results	array of LogicalPort	Readonly
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

LogicalPortState (schema) (Deprecated)

Realized state of the logical port.

Contians realized state of the logical port. For example, transport node
on which the port is located, discovered and realized address bindings of
the logical port.

Name	Description	Type	Notes
attachment	Logical port attachment state	LogicalPortAttachmentState	Readonly
discovered_bindings	Logical port bindings discovered automatically Contains the list of address bindings for a logical port that were automatically dicovered using various snooping methods like ARP, DHCP etc.	array of AddressBindingEntry
duplicate_bindings	Duplicate logical port address bindings If any address binding discovered on the port is also found on other port on the same logical switch, then it is included in the duplicate bindings list along with the ID of the port with which it conflicts.	array of DuplicateAddressBindingEntry
id	Id of the logical port	string	Required
realized_bindings	Realized logical port bindings List of logical port bindings that are realized. This list may be populated from the discovered bindings or manual user specified bindings. This binding configuration can be used by features such as firewall, spoof-guard, traceflow etc.	array of AddressBindingEntry
transport_node_ids	Identifiers of the transport node where the port is located	array of string

LogicalSwitch (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
admin_state	Represents Desired state of the Logical Switch	string	Required Enum: UP, DOWN
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
extra_configs	Extra configs on logical switch This property could be used for vendor specific configuration in key value string pairs, the setting in extra_configs will be automatically inheritted by logical ports in the logical switch.	array of ExtraConfig
global_vni	VNI allocated by the global manager The VNI is used for intersite traffic and the global logical switch ID. The global VNI pool is agnostic of the local VNI pool, and there is no need to have an exclusive VNI range. For example, VNI x can be the global VNI for logical switch B and the local VNI for logical switch A.	int
hybrid	Flag to identify a hybrid logical switch If this flag is set to true, then all the logical switch ports attached to this logical switch will behave in a hybrid fashion. The hybrid logical switch port indicates to NSX that the VM intends to operate in underlay mode, but retains the ability to forward egress traffic to the NSX overlay network. This flag can be enabled only for the logical switches in the overlay type transport zone which has host switch mode as LEGACY and also has either CrossCloud or CloudScope tag scopes. Only the NSX public cloud gateway (PCG) uses this flag, other host agents like ESX, KVM and Edge will ignore it. This property cannot be modified once the logical switch is created.	boolean	Default: "False"
id	Unique identifier of this resource	string	Sortable
ip_pool_id	Allocation ip pool associated with the Logical switch IP pool id that associated with a LogicalSwitch.	string
mac_pool_id	Allocation mac pool associated with the Logical switch Mac pool id that associated with a LogicalSwitch.	string
node_local_switch	A flag to prevent BUM (broadcast, unknown-unicast and multicast) traffic from reaching the other spanned edges.	boolean
origin_id	ID of the LS of type DVPG in the source vCenter ID populated by NSX when NSX on DVPG is used to indicate the source DVPG.	string	Readonly
origin_type	The type of source from which the DVPG is discovered	string	Readonly Enum: VCENTER
replication_mode	Replication mode of the Logical Switch	string	Enum: MTEP, SOURCE
resource_type	Must be set to the value LogicalSwitch	string
span	List of Local Manager IDs the logical switch extends Each manager ID represents the NSX Local Manager the logical switch connects. This will be populated by the manager.	array of string	Minimum items: 0 Maximum items: 16
switch_type	Type of LogicalSwitch. This field indicates purpose of a LogicalSwitch. It is set by manager internally or user can provide this field. If not set, DEFAULT type is assigned. NSX components can use this field to create LogicalSwitch that provides component specific functionality. DEFAULT type LogicalSwitches are created for basic L2 connectivity by API users. SERVICE_PLANE type LogicalSwitches are system created service plane LogicalSwitches for Service Insertion service. User can not create SERVICE_PLANE type of LogicalSwitch. DHCP_RELAY type LogicalSwitches are created by external user like Policy with special permissions or by system and will be treated as internal LogicalSwitches. Such LogicalSwitch will not be exposed to vSphere user. GLOBAL type LogicalSwitches are created to span multiple NSX domains to connect multiple remote sites. INTER_ROUTER type LogicalSwitches are policy-created LogicalSwitches which provide inter-router connectivity. DVPG type LogicalSwitches are NSX-created based on DVPGs found in VC which are used as shadow objects in NSX on DVPG.	string	Enum: DEFAULT, SERVICE_PLANE, DHCP_RELAY, GLOBAL, INTER_ROUTER, EVPN, DVPG
switching_profile_ids		array of SwitchingProfileTypeIdEntry
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
transport_zone_id	Id of the TransportZone to which this LogicalSwitch is associated	string	Required
uplink_teaming_policy_name	The name of the switching uplink teaming policy for the logical switch This name has to be one of the switching uplink teaming policy names listed inside the logical switch's TransportZone. If this field is not specified, the logical switch will not have a teaming policy associated with it and the host switch's default teaming policy will be used.	string
vlan	VLAN Id of logical switch This property is dedicated to VLAN based network, to set VLAN of logical network. It is mutually exclusive with 'vlan_trunk_spec'.	VlanID
vlan_trunk_spec	VLAN trunk spec of logical switch This property is used for VLAN trunk specification of logical switch. It's mutually exclusive with 'vlan'. Also it could be set to do guest VLAN tagging in overlay network.	VlanTrunkSpec
vni	VNI for this LogicalSwitch. Only for OVERLAY network. A VNI will be auto-allocated from the default VNI pool if not given; otherwise the given VNI has to be inside the default pool and not used by any other LogicalSwitch.	int

LogicalSwitchDeleteParameters (schema) (Deprecated)

Name	Description	Type	Notes
cascade	Delete a Logical Switch and all the logical ports in it, if none of the logical ports have any attachment.	boolean	Default: "False"
detach	Force delete a logical switch If this is set to true, then logical switch is deleted regardless of whether or not it is added to NSGroup. If cascade is set to true in the meantime, then logical switch and all logical ports are deleted regardless of whether any logical port in this switch has attachments.	boolean	Default: "False"

LogicalSwitchListParameters (schema) (Deprecated)

Logical Switch list parameters

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
diagnostic	Flag to enable showing of transit logical switch.	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string
switch_type	Logical Switch type	string	Enum: DEFAULT, SERVICE_PLANE, DHCP_RELAY, GLOBAL, INTER_ROUTER, EVPN, DVPG
switching_profile_id	Switching Profile identifier	string
transport_type	Mode of transport supported in the transport zone for this logical switch	TransportType
transport_zone_id	Transport zone identifier	string
uplink_teaming_policy_name	The logical switch's uplink teaming policy name	string
vlan	Return VLAN logical switches whose "vlan" field matches this value	VlanID
vni	VNI of the OVERLAY LogicalSwitch(es) to return.	int

LogicalSwitchListResult (schema) (Deprecated)

Logical Switch queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Logical Switch Results	array of LogicalSwitch	Readonly
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

LogicalSwitchState (schema) (Deprecated)

Name	Description	Type	Notes
details	Array of configuration state of various sub systems	array of ConfigurationStateElement	Readonly
failure_code	Error code	integer	Readonly
failure_message	Error message in case of failure	string	Readonly
logical_switch_id	Id of the logical switch	string	Readonly
state	Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated.	string	Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, VC_VCP_ACTION_PENDING, VC_VCP_ACTION_FAILED, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING

LogicalSwitchStateListResult (schema) (Deprecated)

Logical Switch state queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Logical Switch State Results	array of LogicalSwitchState	Readonly
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

LogicalSwitchStateParameters (schema) (Deprecated)

Name	Description	Type	Notes
status	Realized state of logical switches	string	Enum: PENDING, IN_PROGRESS, PARTIAL_SUCCESS, SUCCESS

LogicalSwitchStatus (schema) (Deprecated)

Name	Description	Type	Notes
logical_switch_id	Unique ID identifying the the Logical Switch	string	Readonly
num_logical_ports	Count of Logical Ports belonging to this switch	int	Readonly

MacLearningSpec (schema) (Deprecated)

MAC learning configuration

Name	Description	Type	Notes
aging_time	Aging time in sec for learned MAC address	int	Readonly Default: "600"
enabled	Allowing source MAC address learning	boolean	Required
limit	The maximum number of MAC addresses that can be learned on this port This property specifies the limit on the maximum number of MAC addresses that can be learned on a port. It is consumed by vswitch kernel module on the hypervisor while learning MACs per port for VMs that are local to the host.	int	Minimum: 0 Maximum: 4096 Default: "4096"
limit_policy	The policy after MAC Limit is exceeded	string	Enum: ALLOW, DROP Default: "ALLOW"
remote_overlay_mac_limit	The maximum number of MAC addresses learned on an overlay Logical Switch This property specifies the limit on the maximum number of MACs learned for a remote Virtual Machine's MAC to vtep binding per overlay logical switch.	int	Minimum: 2048 Maximum: 8192 Default: "2048"
unicast_flooding_allowed	Allowing flooding for unlearned MAC for ingress traffic	boolean

MacManagementSwitchingProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
mac_change_allowed	Allowing source MAC address change	boolean	Default: "False"
mac_learning	MAC learning configuration	MacLearningSpec
required_capabilities		array of string	Readonly
resource_type	Must be set to the value MacManagementSwitchingProfile	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

MetadataProxy (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
attached_logical_port_id	id of attached logical port	string	Readonly
crypto_protocols	metadata proxy supported cryptographic protocols. The cryptographic protocols listed here are supported by the metadata proxy. The TLSv1.1 and TLSv1.2 are supported by default.	array of MetadataProxyCryptoProtocol
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
edge_cluster_id	edge cluster uuid	string	Required
edge_cluster_member_indexes	edge cluster member indexes If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster. If user provides only one edge node, there will be no HA support.	array of integer	Minimum items: 0 Maximum items: 2
enable_standby_relocation	Flag to enable standby Metadata proxy server relocation Flag to enable the auto-relocation of standby Metadata Proxy in case of edge node failure. Only tier 1 and auto placed Metadata Proxy are considered for the relocation.	boolean	Default: "False"
id	Unique identifier of this resource	string	Sortable
metadata_server_ca_ids	uuids of CAs to verify metadata server certificate The CAs referenced here must be uploaded to the truststore using the API POST /api/v1/trust-management/certificates?action=import. User needs to ensure a correct CA for this metedata server is used. The REST API can not detect a wrong CA which was used to verify a different server. If the Metadata Proxy reports an ERROR or NO_BACKUP status, user can check the metadata proxy log at transport node for a possible CA issue.	array of string
metadata_server_url	metadata server url The URL in format scheme://host:port/path. Please note, the scheme supports only http and https as of now, port supports range 3000 - 9000, inclusive.	string	Required
resource_type	Must be set to the value MetadataProxy	string
secret	secret to access metadata server	secure_string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

MetadataProxyCryptoProtocol (schema) (Deprecated)

Metadata proxy supported cryptographic protocol

Name	Description	Type	Notes
MetadataProxyCryptoProtocol	Metadata proxy supported cryptographic protocol	string	Deprecated Enum: TLS_V1, TLS_V1_1, TLS_V1_2

MetadataProxyListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	paginated list of metadata proxies	array of MetadataProxy	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

MetadataProxyStatistics (schema) (Deprecated)

Name	Description	Type	Notes
metadata_proxy_id	metadata proxy uuid	string	Required
statistics	metadata proxy statistics per logical switch	array of MetadataProxyStatisticsPerLogicalSwitch
timestamp	timestamp of the statistics	EpochMsTimestamp	Required

MetadataProxyStatisticsPerLogicalSwitch (schema) (Deprecated)

Name	Description	Type	Notes
error_responses_from_nova_server	error responses from nova server	integer	Required
logical_switch_id	uuid of attached logical switch	string	Required
requests_from_clients	requests from clients	integer	Required
requests_to_nova_server	requests to nova server	integer	Required
responses_to_clients	responses to clients	integer	Required
succeeded_responses_from_nova_server	succeeded responses from nova server	integer	Required

MetadataProxyStatisticsRequestParameters (schema) (Deprecated)

Name	Description	Type	Notes
logical_switch_id	The uuid of logical switch	string
source	The data source, either realtime or cached. If not provided, cached data is returned.	DataSourceType

MetadataProxyStatus (schema) (Deprecated)

Name	Description	Type	Notes
error_message	Error message, if available	string
proxy_status	UP means the metadata proxy is working fine on both transport-nodes(if have); DOWN means the metadata proxy is is down on both transport-nodes(if have), hence the metadata proxy will not repsonse any metadata request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The metadata proxy may be working (or not working); NO_BACK means metadata proxy is working in one of the transport node while not in the other transport-node (if have). Hence if the metadata proxy in the working transport-node goes down, the metadata proxy will go down.	string	Required Enum: UP, DOWN, ERROR, NO_BACKUP
transport_nodes	ids of transport nodes where this metadata proxy is running Order of the transport nodes is insensitive because Metadata Proxy is running in Active-Active mode among target transport nodes.	array of string	Required

MonitorQueryType (schema) (Deprecated)

monitor query type

MonitorQueryType is used to query load balancer monitors.
LbActiveMonitor represents active load balancer monitors.
While LbActiveMonitor is specified to query load balancer
monitors, it returns all active monitors, including LbHttpMonitor,
LbHttpMonitor, LbIcmpMonitor, LbTcpMonitor,
LbUdpMonitor.

Name	Description	Type	Notes
MonitorQueryType	monitor query type MonitorQueryType is used to query load balancer monitors. LbActiveMonitor represents active load balancer monitors. While LbActiveMonitor is specified to query load balancer monitors, it returns all active monitors, including LbHttpMonitor, LbHttpMonitor, LbIcmpMonitor, LbTcpMonitor, LbUdpMonitor.	string	Deprecated Enum: LbHttpMonitor, LbHttpsMonitor, LbIcmpMonitor, LbTcpMonitor, LbUdpMonitor, LbPassiveMonitor, LbActiveMonitor

MonitorType (schema) (Deprecated)

monitor type

Load balancers monitor the health of backend servers to ensure traffic
is not black holed.
There are two types of healthchecks: active and passive.
Passive healthchecks depend on failures in actual client traffic (e.g. RST
from server in response to a client connection) to detect that the server
or the application is down.
In case of active healthchecks, load balancer itself initiates new
connections (or sends ICMP ping) to the servers periodically to check their
health, completely independent of any data traffic.
Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP
and ICMP protocols.

Name	Description	Type	Notes
MonitorType	monitor type Load balancers monitor the health of backend servers to ensure traffic is not black holed. There are two types of healthchecks: active and passive. Passive healthchecks depend on failures in actual client traffic (e.g. RST from server in response to a client connection) to detect that the server or the application is down. In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP and ICMP protocols.	string	Deprecated Enum: LbHttpMonitor, LbHttpsMonitor, LbIcmpMonitor, LbTcpMonitor, LbUdpMonitor, LbPassiveMonitor

NamedTeamingPolicy (schema) (Deprecated)

Uplink Teaming Policy with a name that can be referenced by logical switches

Name	Description	Type	Notes
active_list	List of Uplinks used in active list	array of Uplink	Required
name	The name of the uplink teaming policy An uplink teaming policy of a given name defined in UplinkHostSwitchProfile. The names of all NamedTeamingPolicies in an UplinkHostSwitchProfile must be different, but a name can be shared by different UplinkHostSwitchProfiles. Different TransportNodes can use different NamedTeamingPolicies having the same name in different UplinkHostSwitchProfiles to realize an uplink teaming policy on a logical switch. An uplink teaming policy on a logical switch can be any policy defined by a user; it does not have to be a single type of FAILOVER or LOADBALANCE. It can be a combination of types, for instance, a user can define a policy with name "MyHybridTeamingPolicy" as "FAILOVER on all ESX TransportNodes and LOADBALANCE on all KVM TransportNodes". The name is the key of the teaming policy and can not be changed once assigned.	string	Required Maximum length: 136
policy	Teaming policy	string	Required Enum: FAILOVER_ORDER, LOADBALANCE_SRCID, LOADBALANCE_SRC_MAC
rolling_order	Flag for preemptive mode	boolean
standby_list	List of Uplinks used in standby list	array of Uplink

NatActions (schema) (Deprecated)

NAT action types

NAT action types.

Name	Description	Type	Notes
NatActions	NAT action types NAT action types.	string	Deprecated Enum: SNAT, DNAT, REFLEXIVE, NO_SNAT, NO_DNAT, NAT64

NatCounters (schema) (Deprecated)

NAT statistics count

Provides the following statistics for the NAT rules:

- Current number of active traffic sessions matching the NAT rules.
- Total number of bytes processed on the NAT rules since the time the rules
were created.
- Total number of packets processed on the NAT rules since the time the rules
were created.

Name	Description	Type	Notes
active_sessions	Active sessions Provides the current number of active traffic sessions matching the NAT rules.	integer	Readonly
total_bytes	Total bytes Provides the total number of bytes processed on the NAT rules since the time the rules were created.	integer	Readonly
total_packets	Total packets Provides the total number of packets processed on the NAT rules since the time the rules were created.	integer	Readonly

NatFirewallMatch (schema) (Deprecated)

The rule how the firewall is applied to a traffic packet

The type indicates how the firewall is applied to a traffic packet.
MATCH_EXTERNAL_ADRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done.
MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done.
BYPASS indicates the firewall stage will be skipped.

Name	Description	Type	Notes
NatFirewallMatch	The rule how the firewall is applied to a traffic packet The type indicates how the firewall is applied to a traffic packet. MATCH_EXTERNAL_ADRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done. MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done. BYPASS indicates the firewall stage will be skipped.	string	Deprecated Enum: MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS, BYPASS

NatRule (schema) (Deprecated)

The configuration entity to define a NAT rule

The configuration entity to define a NAT rule. It defines how an ip packet
is matched via source address or/and destination address or/and service(s),
how the address (and/or) port is translated, and how the related firewall
stage is involved or bypassed.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
action	NAT rule action type Valid actions: SNAT, DNAT, NO_SNAT, NO_DNAT, REFLEXIVE, NAT64. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, can NOT be supported when the logical router is running at active-active HA mode; REFLEXIVE is stateless. NO_SNAT and NO_DNAT have no translated_fields, only match fields are supported.	NatActions	Required
applied_tos	List of LogicalRouterPort resources as applied to Holds the list of LogicalRouterPort Ids that a NAT rule can be applied to. The LogicalRouterPort used must belong to the same LogicalRouter for which the NAT Rule is created. As of now a NAT rule can only have a single LogicalRouterPort as applied_tos. When applied_tos is not set, the NAT rule is applied to all LogicalRouterPorts beloging to the LogicalRouter.	array of ResourceReference	Maximum items: 1
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	enable/disable the rule Indicator to enable/disable the rule.	boolean	Default: "True"
firewall_match	The rule how the firewall is applied Indicate how firewall is applied to a traffic packet. Firewall can be bypassed, or be applied to external/internal address of NAT rule.	NatFirewallMatch
id	Unique identifier of this resource	string	Sortable
internal_rule_id	Internal NAT rule uuid Internal NAT rule uuid for debug used in Controller and backend.	string	Readonly
logging	Enable/disable the logging of rule Enable/disable the logging of rule.	boolean	Default: "False"
logical_router_id	Logical router id The logical router id which the nat rule runs on.	string	Readonly
match_destination_network	match destination network IP Address \| CIDR \| (null implies Any)	string
match_service	match service A NSServiceElement that specifies the matching services of source ports, destination ports, ip protocol version and number, sub protocol version and number, ICMP type and code, etc. The match_service can be one of IPProtocolNSService,L4PortSetNSService or ICMPTypeNSService. REFLEXIVE NAT does not support match_service.	NSServiceElement (Abstract type: pass one of the following concrete types) ALGTypeNSService EtherTypeNSService ICMPTypeNSService IGMPTypeNSService IPProtocolNSService L4PortSetNSService
match_source_network	match source network IP Address \| CIDR \| (null implies Any)	string
pb_vpn_mode	The rule how the NAT applies to Policy-Based VPN traffic Indicate how the rule applies to Policy-Based VPN traffic. It's supported only for NAT rule action type DNAT and NO_DNAT. BYPASS indicates that NAT rule is applied to the traffic received on Routed-Based VPN tunnel. EXCLUSIVE indicates that NAT rule is applied to the inbound traffic received on Policy-Based VPN tunnel only.	PbVpnMode	Default: "BYPASS"
resource_type	Must be set to the value NatRule	string
rule_priority	NAT rule priority Ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.	integer	Default: "1024"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
translated_network	IP Address \| IP Range \| CIDR The translated address for the matched IP packet. For a SNAT, it can be a single ip address, an ip range, or a CIDR block. For a DNAT and a REFLEXIVE, it can be a single ip address or a CIDR block. Translated network is not supported for NO_SNAT or NO_DNAT.	string
translated_ports	port number or port range. DNAT only The translated port(s) for the mtached IP packet. It can be a single port or a port range. Please note, port translating is supported only for DNAT.	string

NatRuleList (schema) (Deprecated)

Name	Description	Type	Notes
rules	NAT rules list Add new NatRules to the list in Bulk creation.	array of NatRule	Required Maximum items: 128

NatRuleListResult (schema) (Deprecated)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	NAT rule list results	array of NatRule	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

NatRuleTypeParameter (schema) (Deprecated)

The parameter of getting NAT rules

The parameters for getting NAT rules.

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
rule_type	Action type for getting NAT rules If not specify rule_type, backend returns NAT rule list for IPv4. If specify rule_type to ALL, backend returns all NAT rules list. If specify rule_type to NATv4, backend returns NAT rule list for IPv4. If specify rule_type to NAT64, backend returns NAT rule list for IPv6.	string	Enum: ALL, NATv4, NAT64
sort_ascending		boolean
sort_by	Field by which records are sorted	string

NatStatisticsPerLogicalRouter (schema) (Deprecated)

Name	Description	Type	Notes
last_update_timestamp	Timestamp when the data was last updated; unset if data source has never updated the data.	EpochMsTimestamp	Readonly
logical_router_id	Id for the logical router	string	Required Readonly
per_transport_node_statistics	Detailed per node statistics	array of NatStatisticsPerTransportNode	Readonly
statistics_across_all_nodes	Rolled-up statistics for all rules on the logical router across all the nodes	NatCounters	Required Readonly

NatStatisticsPerRule (schema) (Deprecated)

Name	Description	Type	Notes
active_sessions	Active sessions Provides the current number of active traffic sessions matching the NAT rules.	integer	Readonly
id	The id of the NAT rule.	string	Required Readonly
last_update_timestamp	Timestamp when the data was last updated; unset if data source has never updated the data.	EpochMsTimestamp	Readonly
logical_router_id	The id of the logical router which owns the NAT rule.	string	Required Readonly
total_bytes	Total bytes Provides the total number of bytes processed on the NAT rules since the time the rules were created.	integer	Readonly
total_packets	Total packets Provides the total number of packets processed on the NAT rules since the time the rules were created.	integer	Readonly
warning_message	The warning message about the NAT Rule statistics.	string	Readonly

NiocProfile (schema) (Deprecated)

Profile for Nioc

This profile is created for Network I/O Control(NIOC).

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enabled status of NIOC feature The enabled property specifies the status of NIOC feature. When enabled is set to true, NIOC feature is turned on and the bandwidth allocations specified for the traffic resources are enforced. When enabled is set to false, NIOC feature is turned off and no bandwidth allocation is guaranteed. By default, enabled will be set to true.	boolean	Default: "True"
host_infra_traffic_res	Resource allocation associated with NiocProfile host_infra_traffic_res specifies bandwidth allocation for various traffic resources.	array of ResourceAllocation
id	Unique identifier of this resource	string	Sortable
required_capabilities		array of string	Readonly
resource_type	Must be set to the value NiocProfile	HostSwitchProfileType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

NsLookupParameters (schema) (Deprecated)

The parameters of nslookup

The parameters for DNS nslookup.

Name	Description	Type
address	IP address or FQDN for nslookup IP address or FQDN for this lookup	string
server_ip	Target server used for this lookup If absent, the underlying DNS forwarder will be used as the target server. And the answer could be cached by the forwarder if it was not cached yet. If provided, the query will go directly to the given server. You will need to ensure this address represents a workable and reachale DNS server. The answer will not be cached by the forwarder unless this server_ip is exactly the same listener ip of the forwarder.	IPv4Address
source_ip	Source ip used for this lookup Source ip used for this lookup. If absent, the listener ip of the underlying DNS forwarder will be used as the source ip. If provided, you will need to ensure this source ip is valid and can be routed back to the transport node via data plane	IPv4Address

PacketAddressClassifier (schema) (Deprecated)

Address classifications for a packet

A packet is classified to have an address binding, if its address
configuration matches with all user specified properties.

Name	Description	Type
ip_address	A single IP address or a subnet, e.g. x.x.x.x or x.x.x.x/y	IPElement
mac_address	A single MAC address	MACAddress
vlan		VlanID

PerForwarderStatistics (schema) (Deprecated)

Per-forwarder query statistics counters

Query statistics counters of a forwarder identified by domain names.

Name	Description	Type	Notes
domain_names	Domain names configured for the forwarder Domain names configured for the forwarder. Empty if this is the default forwarder.	array of string	Readonly Minimum items: 0 Maximum items: 100
upstream_statistics	Statistics per upstream server.	array of PerUpstreamServerStatistics	Readonly Minimum items: 0 Maximum items: 3

PerNodeUsedCacheStatistics (schema) (Deprecated)

Per-node used cache query statistics counters

Query statistics counters of used cache from node

Name	Description	Type	Notes
cached_entries	The total number of cached entries	integer	Readonly
node_id	Uuid of active/standby transport node	string	Readonly
used_cache_size	The memory size used in cache, in kb	integer	Readonly

PerUpstreamServerStatistics (schema) (Deprecated)

Per-upstream server query statistics counters

Query statistics counters to an upstream server including successfully
forwarded queries and failed queries.

Name	Description	Type	Notes
queries_failed	Queries failed to forward.	integer	Readonly
queries_succeeded	Queries forwarded successfully	integer	Readonly
upstream_server	Upstream server ip	IPAddress	Readonly

Pnic (schema) (Deprecated)

Physical NIC specification

Name	Description	Type	Notes
device_name	device name or key	string	Required
uplink_name	Uplink name for this Pnic. This name will be used to reference this Pnic in other configurations.	string	Required

PolicyBasedL3VpnSession (schema) (Deprecated)

Policy based L3Vpn Session

A Policy-based L3Vpn session is a configuration in which a specific vpn tunnel is
referenced in a policy whose action is set as tunnel.

Name	Description	Type	Notes
resource_type	Must be set to the value PolicyBasedL3VpnSession	L3VpnSessionResourceType	Required
rules	L3Vpn Rules L3Vpn rules that are specific to the L3Vpn. Only L3Vpn rules with PROTECT action are supported.	array of L3VpnRule

PolicyDHGroup (schema) (Deprecated)

Diffie-Hellman groups

Diffie-Hellman groups represent algorithm used to derive shared keys between
IPSec VPN initiator and responder over an unsecured network.
GROUP2 uses 1024-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.

Name	Description	Type	Notes
PolicyDHGroup	Diffie-Hellman groups Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group.	string	Deprecated Enum: GROUP2, GROUP5, GROUP14, GROUP15, GROUP16

PolicyIKEDigestAlgorithm (schema) (Deprecated)

Digest Algorithms used in IKE negotiations

The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation.
SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.

Name	Description	Type	Notes
PolicyIKEDigestAlgorithm	Digest Algorithms used in IKE negotiations The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.	string	Deprecated Enum: SHA1, SHA2_256, SHA2_384, SHA2_512

PolicyIKEEncryptionAlgorithm (schema) (Deprecated)

Encryption algorithms used in IKE

IKEEncryption algorithms are used to ensure confidentiality of the messages
exchanged during IKE negotiations. AES stands for Advanced Encryption Standards.
AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and
decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for
Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to
provide both confidentiality and data origin authentication. AES_GCM composed
of two separate functions one for encryption(AES) and one for authentication(GMAC).
AES_GCM algorithms will be available with IKE_V2 version only.
AES_GMAC_128 uses 128-bit keys.
AES_GMAC_192 uses 192-bit keys.
AES_GMAC_256 uses 256-bit keys.

Name	Description	Type	Notes
PolicyIKEEncryptionAlgorithm	Encryption algorithms used in IKE IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GMAC_128 uses 128-bit keys. AES_GMAC_192 uses 192-bit keys. AES_GMAC_256 uses 256-bit keys.	string	Deprecated Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256

PolicyIKEVersion (schema) (Deprecated)

IKE version

IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds
to both IKE-V1 and IKE-V2.

Name	Description	Type	Notes
PolicyIKEVersion	IKE version IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.	string	Deprecated Enum: IKE_V1, IKE_V2, IKE_FLEX

PolicyIPAddressInfo (schema) (Deprecated)

IP address information

Used to specify the display name and value of the IPv4Address.

Name	Description	Type	Notes
address_value	Value of the IPv4Address Value of the IPv4Address.	IPv4Address	Required
display_name	Display name of the IPv4Address Display name used to help identify the IPv4Address.	string
next_hop	Next Hop of the IPv4Address Next hop used in auto-plumbing of static route. If a value is not provided, static route will not be auto-plumbed.	IPv4Address

PolicyNiocProfile (schema) (Deprecated)

Profile for Nioc

This profile is created for Network I/O Control(NIOC).

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
children	Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.	array of ChildPolicyConfigResource Children are not allowed for this type
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enabled status of NIOC feature The enabled property specifies the status of NIOC feature. When enabled is set to true, NIOC feature is turned on and the bandwidth allocations specified for the traffic resources are enforced. When enabled is set to false, NIOC feature is turned off and no bandwidth allocation is guaranteed. By default, enabled will be set to true.	boolean	Default: "True"
host_infra_traffic_res	Resource allocation associated with NiocProfile host_infra_traffic_res specifies bandwidth allocation for various traffic resources.	array of PolicyPolicyResourceAllocation
id	Unique identifier of this resource	string	Sortable
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
origin_site_id	A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.	string	Readonly
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
owner_id	A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.	string	Readonly
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remote_path	Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.	string	Readonly
required_capabilities		array of string	Readonly
resource_type	Must be set to the value PolicyNiocProfile	PolicyHostSwitchProfileType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly

PolicyTunnelDigestAlgorithm (schema) (Deprecated)

Digest Algorithms used in tunnel establishment

The TunnelDigestAlgorithms are used to verify message integrity during tunnel establishment.
SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.

Name	Description	Type	Notes
PolicyTunnelDigestAlgorithm	Digest Algorithms used in tunnel establishment The TunnelDigestAlgorithms are used to verify message integrity during tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.	string	Deprecated Enum: SHA1, SHA2_256, SHA2_384, SHA2_512

PolicyTunnelEncryptionAlgorithm (schema) (Deprecated)

Encryption algorithm used in tunnel

TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged
during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses
128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128
and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES)
in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin
authentication.

Name	Description	Type	Notes
PolicyTunnelEncryptionAlgorithm	Encryption algorithm used in tunnel TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication.	string	Deprecated Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256

PortAttacher (schema) (Deprecated)

VM or vmknic entity attached to LogicalPort

Name	Description	Type	Notes
entity	Reference to the attached entity This is a vmknic name if the attacher is vmknic. Otherwise, it is full path of the attached VM's config file	string	Required
host	TransportNode on which the attacher resides	string	Required

PreconfiguredEndpoint (schema) (Deprecated)

Tunnel endpoint configuration of preconfigured host switch

Name	Description	Type	Notes
device_name	Name of the virtual tunnel endpoint	string	Required

PreconfiguredHostSwitch (schema) (Deprecated)

Preconfigured host switch

Preconfigured host switch is used for manually configured transport node.

Name	Description	Type	Notes
endpoints	List of virtual tunnel endpoints which are preconfigured on this host switch	array of PreconfiguredEndpoint	Maximum items: 1
host_switch_id	External Id of the preconfigured host switch.	string	Required
transport_zone_endpoints	Transport zone endpoints. List of TransportZones that are to be associated with specified host switch.	array of TransportZoneEndPoint

PreconfiguredHostSwitchSpec (schema) (Deprecated)

Specification of transport node preconfigured host switch

Preconfigured host switch specification is used for manually configured transport node. It is user's responsibility to ensure correct configuration is provided to NSX. This type is only valid for supported KVM fabric nodes.

Name	Description	Type	Notes
host_switches	Preconfigured Transport Node host switches	array of PreconfiguredHostSwitch	Required Maximum items: 1
resource_type	Must be set to the value PreconfiguredHostSwitchSpec	string	Required Enum: StandardHostSwitchSpec, PreconfiguredHostSwitchSpec

QosBaseRateShaper (schema) (Deprecated)

A shaper configuration entry that specifies type and metrics

This is an abstract type. Concrete child types:
EgressRateShaper
IngressBroadcastRateShaper
IngressRateShaper

Name	Description	Type	Notes
enabled		boolean	Required
resource_type		string	Required Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper Default: "IngressRateShaper"

QosSwitchingProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
class_of_service	Class of service Class of service groups similar types of traffic in the network and each type of traffic is treated as a class with its own level of service priority. The lower priority traffic is slowed down or in some cases dropped to provide better throughput for higher priority traffic. If the field is not provided during create / update call, a default value is assigned.	int	Minimum: 0 Maximum: 7
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dscp		Dscp
id	Unique identifier of this resource	string	Sortable
required_capabilities		array of string	Readonly
resource_type	Must be set to the value QosSwitchingProfile	string	Required
shaper_configuration		array of QosBaseRateShaper (Abstract type: pass one of the following concrete types) EgressRateShaper IngressBroadcastRateShaper IngressRateShaper	Minimum items: 0 Maximum items: 3
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

RateLimits (schema) (Deprecated)

Rate limiting configuration

Enables traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to disable rate limiting for a specific traffic type

Name	Description	Type	Notes
enabled	Whether rate limiting is enabled	boolean	Default: "False"
rx_broadcast	Incoming broadcast traffic limit in packets per second	int	Minimum: 0 Default: "0"
rx_multicast	Incoming multicast traffic limit in packets per second	int	Minimum: 0 Default: "0"
tx_broadcast	Outgoing broadcast traffic limit in packets per second	int	Minimum: 0 Default: "0"
tx_multicast	Outgoing multicast traffic limit in packets per second	int	Minimum: 0 Default: "0"

ResourceAllocation (schema) (Deprecated)

Resource allocation information for a host infrastructure traffic type

Specify limit, shares and reservation for all kinds of traffic.
Values for limit and reservation are expressed in percentage. And for shares,
the value is expressed as a number between 1-100.
The overall reservation among all traffic types should not exceed 75%.
Otherwise, the API request will be rejected.

Name	Description	Type	Notes
limit	Maximum bandwidth percentage The limit property specifies the maximum bandwidth allocation for a given traffic type and is expressed in percentage. The default value for this field is set to -1 which means the traffic is unbounded for the traffic type. All other negative values for this property is not supported and will be rejected by the API.	number	Required Minimum: -1 Maximum: 100 Default: "-1.0"
reservation	Minimum guaranteed bandwidth percentage	number	Required Minimum: 0 Maximum: 75 Default: "0.0"
shares	Shares	int	Required Minimum: 1 Maximum: 100 Default: "50"
traffic_type	Resource allocation traffic type	HostInfraTrafficType	Required

RouteBasedL3VpnSession (schema) (Deprecated)

Route based L3Vpn Session

A Route Based L3Vpn is more flexible, more powerful and recommended over policy based.
IP Tunnel subnet is created and all traffic routed through tunnel subnet is sent over
tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using
redundant L3Vpn.

Name	Description	Type	Notes
default_rule_logging	Enable logging for whitelisted rule for the VTI interface Indicates if logging should be enabled for the default whitelisting rule for the VTI interface.	boolean	Default: "False"
force_whitelisting	Flag to add default whitelisting FW rule for the VTI interface. The default firewall rule Action is set to DROP if true otherwise set to ALLOW.	boolean	Default: "False"
resource_type	Must be set to the value RouteBasedL3VpnSession	L3VpnSessionResourceType	Required
tunnel_subnets	Virtual Tunnel Interface (VTI) IP subnets Virtual tunnel interface (VTI) port IP subnets to be used to configure route-based L3Vpn session. A max of one tunnel subnet is allowed.	array of TunnelSubnet	Required Minimum items: 1 Maximum items: 1
routing_config_path	Routing configuration policy path This is a deprecated field. Any specified value is not saved and will be ignored.	string	Deprecated

ServerAuthType (schema) (Deprecated)

server authentication mode

Server authentication could be REQUIRED or IGNORE, it is used to specify
if the server certificate presented to the load balancer during handshake
should be actually validated or not. Validation is disabled by default.
If validation is REQUIRED, then to be accepted, server certificate must be
signed by one of the trusted CAs whose self signed certificates are
specified in the same server-side SSL profile binding.

Name	Description	Type	Notes
ServerAuthType	server authentication mode Server authentication could be REQUIRED or IGNORE, it is used to specify if the server certificate presented to the load balancer during handshake should be actually validated or not. Validation is disabled by default. If validation is REQUIRED, then to be accepted, server certificate must be signed by one of the trusted CAs whose self signed certificates are specified in the same server-side SSL profile binding.	string	Deprecated Enum: REQUIRED, IGNORE

ServerSslProfileBinding (schema) (Deprecated)

Name	Description	Type	Notes
certificate_chain_depth	the maximum traversal depth of server certificate chain authentication depth is used to set the verification depth in the server certificates chain.	integer	Minimum: 1 Maximum: 2147483647 Default: "3"
client_certificate_id	client certificate identifier To support client authentication (load balancer acting as a client authenticating to the backend server), client certificate can be specified in the server-side SSL profile binding	string
server_auth	server authentication mode	ServerAuthType	Default: "IGNORE"
server_auth_ca_ids	CA identifier list to verify server certificate If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.	array of string
server_auth_crl_ids	CRL identifier list to verify server certificate A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.	array of string
ssl_profile_id	server SSL profile identifier Server SSL profile defines reusable, application-independent server side SSL properties.	string

SessionLoginCredential (schema) (Deprecated)

A login credential specifying session_id

Details of session based login credential to login to server.

Name	Description	Type	Notes
credential_type	Must be set to the value SessionLoginCredential	string	Required
session_id	The session_id to login to server The session_id to login to server.	secure_string
thumbprint	Thumbprint of the login server Thumbprint of the login server.	string

SnatTranslationType (schema) (Deprecated)

Snat translation type

Load balancers may need to perform SNAT to ensure reverse traffic from
the server can be received and processed by them.
There are two modes:
LbSnatAutoMap uses the load balancer interface IP and an
ephemeral port as the source IP and port of the server side connection.
LbSnatIpPool allows user to specify one or more IP addresses
along with their subnet masks that should be used for SNAT while
connecting to any of the servers in the pool.

Name	Description	Type	Notes
SnatTranslationType	Snat translation type Load balancers may need to perform SNAT to ensure reverse traffic from the server can be received and processed by them. There are two modes: LbSnatAutoMap uses the load balancer interface IP and an ephemeral port as the source IP and port of the server side connection. LbSnatIpPool allows user to specify one or more IP addresses along with their subnet masks that should be used for SNAT while connecting to any of the servers in the pool.	string	Deprecated Enum: LbSnatAutoMap, LbSnatIpPool

Snmpv3User (schema) (Deprecated)

SNMP v3 user

This object contains properties for a SNMP v3 user that can be used to receive SNMP traps/notifications from NSX and/or poll NSX nodes over SNMP.

Name	Description	Type	Notes
access	Type of access Access permissions for polling NSX nodes over SNMP v3.	string	Enum: READ_ONLY Default: "READ_ONLY"
auth_password	Authentication password Authentication password used for SNMP v3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for authentication password.	secure_string
priv_password	Privacy password Privacy password used for SNMP v3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for privacy password.	secure_string
security_level	Security level Security level indicates whether SNMP communication involves authentication and privacy protocols for this user. Value "AUTH_PRIV" indicates both authentication and privacy protocols will be used for SNMP communication.	string	Enum: AUTH_PRIV Default: "AUTH_PRIV"
user_id	User ID Unique SNMP v3 user id.	string	Required Minimum length: 1 Maximum length: 32

SpoofGuardSwitchingProfile (schema) (Deprecated)

SpoofGuard configuration

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
required_capabilities		array of string	Readonly
resource_type	Must be set to the value SpoofGuardSwitchingProfile	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
white_list_providers	List of providers for white listed address bindings.	array of WhiteListProvisionType	Required

StandbyRelocationConfig (schema) (Deprecated)

Standby service contexts relocation setting

Name	Description	Type	Notes
standby_relocation_threshold	Standby service context relocation wait time The time interval (in minutes) to wait before starting the standby service context relocation process. In some cases, the standby relocation trigger may take more time than what is set in threshold because of multiple different reasons, as listed below A. Standby relocation process runs as a background task which poll edge clusters at pre-defined interval of 5 minutes, to check for standby relocation. If during one cycle of standby relocation, an edge is found to be down, and the time remaining to threshold expiry in less then 5 minutes (for example 2 minute), than this relocation will be picked up in next cycle of standby relocation after 5 minutes, and not after 2 minutes. B. If edge becomes down at X time, then edge might take few seconds or minutes for all services to completely go down and report that they are down. So actual time when unified appliance knows edge is down may be X + delta. This delta time adds to the actual standby relocation threshold expiry, and once the [standby relocation threshold time + delta time] is complete for an edge node, and the edge is still down, than the standby relocation task will be performed for this edge node in the next cycle, that may be due to run anytime within next 5 minutes.	integer	Minimum: 10 Maximum: 20000 Default: "30"

StaticIpListSpec (schema) (Deprecated)

IP assignment specification for Static IP List.

Name	Description	Type	Notes
default_gateway	Gateway IP	IPAddress	Required
ip_list	List of IPs for transport node host switch virtual tunnel endpoints	array of IPAddress	Required Maximum items: 32
resource_type	Must be set to the value StaticIpListSpec	string	Required Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec, NoIpv4, FromEsxiVmknic
subnet_mask	Subnet mask	IPAddress	Required

StaticIpMacListSpec (schema) (Deprecated)

IP and MAC assignment specification for Static IP List.

Name	Description	Type	Notes
default_gateway	Gateway IP	IPAddress	Required
ip_mac_list	List of IPs and MACs for transport node host switch virtual tunnel endpoints	array of IpMacPair	Required Maximum items: 32
resource_type	Must be set to the value StaticIpMacListSpec	string	Required Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec, NoIpv4, FromEsxiVmknic
subnet_mask	Subnet mask	IPAddress	Required

StaticIpPoolSpec (schema) (Deprecated)

IP assignment specification for Static IP Pool.

Name	Description	Type	Notes
ip_pool_id		string	Required
resource_type	Must be set to the value StaticIpPoolSpec	string	Required Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec, NoIpv4, FromEsxiVmknic

StaticIpv4MacList (schema) (Deprecated)

IP and MAC assignment specification for Static IP List.

Name	Description	Type	Notes
default_gateway	Gateway IP	IPv4Address	Required
ip_assignment_type	Must be set to the value StaticIpv4MacList	string	Required Enum: StaticIpv4, StaticIpv4Pool, StaticIpv4List, Dhcpv4, StaticIpv6, StaticIpv6Pool, StaticIpv6List, StaticIpv6MacList, StaticIpv4MacList, Dhcpv6, AutoConf, NoAssignment
ip_mac_list	List of IPs and MACs for transport node host switch virtual tunnel endpoints	array of IpMacPair	Required Maximum items: 32
subnet_mask	Subnet mask	IPv4Address	Required

StaticIpv4Pool (schema) (Deprecated)

IP assignment specification for Static IPv4 Pool.

Name	Description	Type	Notes
ip_assignment_type	Must be set to the value StaticIpv4Pool	string	Required Enum: StaticIpv4, StaticIpv4Pool, StaticIpv4List, Dhcpv4, StaticIpv6, StaticIpv6Pool, StaticIpv6List, StaticIpv6MacList, StaticIpv4MacList, Dhcpv6, AutoConf, NoAssignment
ip_pool	Input can be MP ip pool UUID or policy path of IP pool.	string	Required

StaticIpv6MacList (schema) (Deprecated)

IP and MAC assignment specification for Static IPv6 List.

Name	Description	Type	Notes
default_gateway	Gateway IP	IPv6Address	Required
ip_assignment_type	Must be set to the value StaticIpv6MacList	string	Required Enum: StaticIpv4, StaticIpv4Pool, StaticIpv4List, Dhcpv4, StaticIpv6, StaticIpv6Pool, StaticIpv6List, StaticIpv6MacList, StaticIpv4MacList, Dhcpv6, AutoConf, NoAssignment
ip_mac_list	List of IPs and MACs for transport node host switch virtual tunnel endpoints	array of Ipv6MacPair	Required Maximum items: 32
prefix_length	Prefix Length	string	Required

SwitchSecuritySwitchingProfile (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
block_non_ip_traffic	A flag to block all traffic except IP/(G)ARP/BPDU	boolean	Default: "False"
bpdu_filter	Enables or disables BPDU filtering BPDU filtering is enabled by default. A pre-defined list of MAC addresses are automatically excluded from BPDU filtering.	BpduFilter
description	Description of this resource	string	Maximum length: 1024 Sortable
dhcp_filter	Filters DHCP server and/or client traffic. DHCP server blocking is enabled and client blocking is disabled by default	DhcpFilter
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
ra_guard_enabled	Indicates whether ra guard should be enabled RA Guard when enabled blocks unauthorized/rogue Router Advertisement (RA) packets.	boolean	Default: "True"
rate_limits	Allows configuration of rate limits for broadcast and multicast traffic Rate limiting is disabled by default	RateLimits
required_capabilities		array of string	Readonly
resource_type	Must be set to the value SwitchSecuritySwitchingProfile	string	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

SwitchingProfileDeleteParameters (schema) (Deprecated)

Name	Description	Type	Notes
unbind	force unbinding of logical switches and ports from a switching profile	boolean	Default: "False"

SwitchingProfileListParameters (schema) (Deprecated)

Switching profile list parameters

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
include_system_owned	Whether the list result contains system resources	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string
switching_profile_type	comma-separated list of switching profile types, e.g. ?switching_profile_type=QosSwitchingProfile,IpDiscoverySwitchingProfile	string

SwitchingProfileStatus (schema) (Deprecated)

Name	Description	Type	Notes
num_logical_ports	Number of logical ports using a switching profile	integer	Required Readonly
num_logical_switches	Number of logical switches using a switching profile	integer	Readonly
switching_profile_id	Identifier for the switching profile	string

SwitchingProfileType (schema) (Deprecated)

Supported switching profiles.

Supported switching profiles.
'PortMirroringSwitchingProfile' is deprecated, please turn to
"Troubleshooting And Monitoring: Portmirroring" and use
PortMirroringSession API for port mirror function.

Name	Description	Type	Notes
SwitchingProfileType	Supported switching profiles. Supported switching profiles. 'PortMirroringSwitchingProfile' is deprecated, please turn to "Troubleshooting And Monitoring: Portmirroring" and use PortMirroringSession API for port mirror function.	string	Deprecated Enum: QosSwitchingProfile, PortMirroringSwitchingProfile, IpDiscoverySwitchingProfile, SpoofGuardSwitchingProfile, SwitchSecuritySwitchingProfile, MacManagementSwitchingProfile, RealTimeEthernetSwitchingProfile

SwitchingProfileTypeIdEntry (schema) (Deprecated)

Name	Description	Type	Notes
key		SwitchingProfileType
value	key value	string	Required

SwitchingProfilesListResult (schema) (Deprecated)

Switching Profile queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Switching Profile Results	array of BaseSwitchingProfile (Abstract type: pass one of the following concrete types) IpDiscoverySwitchingProfile MacManagementSwitchingProfile QosSwitchingProfile SpoofGuardSwitchingProfile SwitchSecuritySwitchingProfile	Required Readonly
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

TeamingPolicy (schema) (Deprecated)

Uplink Teaming Policy

Name	Description	Type	Notes
active_list	List of Uplinks used in active list	array of Uplink	Required
policy	Teaming policy	string	Required Enum: FAILOVER_ORDER, LOADBALANCE_SRCID, LOADBALANCE_SRC_MAC
rolling_order	Flag for preemptive mode	boolean
standby_list	List of Uplinks used in standby list	array of Uplink

TransportNodeDeleteParameters (schema) (Deprecated)

Parameters that affect how delete operations are processed

Name	Description	Type	Notes
force	Force delete the resource even if it is being used somewhere If true, deleting the resource succeeds even if it is being referred as a resource reference.	boolean	Default: "False"
unprepare_host	Uninstall NSX components from host while deleting	boolean	Default: "True"

TransportNodeDeploymentProgressState (schema) (Deprecated)

Deployment progress of transport node

Deployment progress state of transport node. Object has current deployment step title and progress in percentage.

Name	Description	Type	Notes
current_step_title	Deployment step title	string	Readonly
progress	Percentage of deployment completed	integer	Readonly

TransportNodeMemberInfo (schema) (Deprecated)

Information about participating transport nodes

Name	Description	Type	Notes
compute_collection_id	Id of the compute collection to which this transport node belongs. Empty if this is standalone transport node or non ESX type node.	string	Readonly
host_switches	List of host switches using the transport zone	array of HostSwitchInfo	Readonly
transport_node_display_name	Display name of the transport node which has one or more host switches which belong to associated transport zone.	string	Readonly
transport_node_id	Id of the transport node which has one or more host switches which belong to associated transport zone.	string	Required Readonly

TransportNodeProfile (schema) (Deprecated)

Transport Node Profile

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
host_switch_spec	Transport node host switch specification The HostSwitchSpec is the base class for standard and preconfigured host switch specifications. Only standard host switches are supported in the transport node profile.	HostSwitchSpec (Abstract type: pass one of the following concrete types) PreconfiguredHostSwitchSpec StandardHostSwitchSpec
id	Unique identifier of this resource	string	Sortable
ignore_overridden_hosts	Determines if cluster-level configuration should be applied on overridden hosts Transport Node Profiles specify the configuration that is applied to all hosts in a cluster. The user has the ability to update the configuration on individual hosts within a cluster which will cause the host configuration to differ from the Transport Node Profile and results in the host to be marked as overridden. If a Transport Node Profile is edited or a new Transport Node Profile is applied on a Transport Node Collection, by default, the host configuration will be overwritten with the Transport Node Profile configuration and the overridden flag will be reset to false. This flag should be used when hosts that are set as overridden should not adopt the Transport Node Profile configuration when it is being updated or a new one is applied to the Transport Node Collection. In other words, when this flag is set to the default value of false and configuration is applied at the cluster level, the configuration will be applied on all hosts regardless if overridden or not. When this flag is set to true, all hosts that are set as overridden, i.e., have been updated invidivually, will be ignored and the cluster-level configuration will not be applied. Note, Transport Node Profiles can be applied on multiple clusters. This field will dictate the behavior followed by all clusters using this Transport Node Profile.	boolean	Default: "False"
resource_type	Must be set to the value TransportNodeProfile	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

TransportNodeProfileListResult (schema) (Deprecated)

Transport Node Profile queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	TransportNodeProfile Results	array of TransportNodeProfile	Readonly
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

TransportNodeUpdateParameters (schema) (Deprecated)

Transport node update parameters

Transport node update parameters are mainly used for migrating ESX VMkernel (vmk) interfaces and VM NICs into or out-of logical switches. The 'esx_mgmt_if_migration_dest' and 'if_id' must be used as a pair to migrate vmk interfaces; they can not be used to migrate VM NICs. NSX manager will auto-create logical ports and vif ids for the vmk interfaces when they are used to migrate vmks into logical switches. The 'vnic' and 'vnic_migration_dest' must also be used as a pair; they can be used to migrate both vmk interfaces and VM NICs. When they are used to migrate interfaces into logical switches, logical ports and vif ids must be created in advance because 'vnic_migration_dest' must contain existing vif ids. These two paires can not be specified together.

Name	Description	Type	Notes
esx_mgmt_if_migration_dest	The network ids to which the ESX vmk interfaces will be migrated A comma separated list of network ids. When migrating vmks into logical switches, the ids are the logical switches's ids. When migrating out of logical switches, the ids are vSphere Standard Switch portgroup names in a single vSphere Standard Switch, or distributed virtual portgroup names in a single distributed virtual switch (DVS). This property can only used together with 'if_id'.	string
if_id	The ESX vmk interfaces to migrate A comma separated list of vmk interfaces (for example, vmk0,vmk1). This property can only used along with 'esx_mgmt_if_migration_dest'. If all vmk interfaces will be migrated into the same logical switch or DV portgroup, the 'esx_mgmt_if_migration_dest' can be just one logical switch id or DV portgroup name. Otherwise the number of vmks in this list must equal the number of ids in 'esx_mgmt_if_migration_dest' list, and the orders of the two lists are important because the vmks match the network ids one by one in the same order.	string
override_nsx_ownership	Override NSX Ownership Flag indicating whether the NSX ownership constraints (on Managed Objects like Host/Cluster/DVS) should be overridden/bypassed. Note: Overriding/bypassing NSX ownership constraints is not recommended at all. This indicates, you want to use/configure/own certain Managed Objects (like Cluster, Host or DVS) which seem to be already in use/configured/owned by some other NSX instance. This option should be used with caution. It should only be used to come out of situations where: a. The other NSX instance no longer intends to use the Managed Objects (and has already unconfigured NSX configurations) but the ownership still lies with it (incorrectly) and you want those Managed Objects to be used/configured/owned by this NSX instance. b. The other NSX instance has crashed or decommisioned but the ownership still lies with it and you want those Managed Objects to be used/configured/owned by this NSX instance. Enabling this option, while the Managed Objects affected by this operation are actively used by other NSX, can lead to problematic states on both the NSX instances. For example, if a TN is forcefully reconfigured by this NSX instance (using override_nsx_ownership=true), while it was already configured and in use by the other NSX instance, it could corrupt the HostSwitch configurations pushed down by the other NSX instance.	boolean	Default: "False"
ping_ip	IP Addresses to ping right after ESX vmk interfaces were migrated. A comma separated list of IP addresses that match the vmk interfaces given in property 'if_id" or 'vnic' one-by-one in the same order. '0.0.0.0' is a special IP that indicates the pre-migration gateway of the vmk will be pinged post-migration. If a VMK does not need the ping ip or a VM NIC is given inside 'vnic', the ping ip must be skipped but the comma has to stay. For example, '0.0.0.0,,10.1.1.1' indicates the vmk or VM NIC at the 2nd position does not need ping post-migration. Right after all ESX vmk interfaces are migrated, ping packets will be sent through each vmk to its given ping_ip to check if the migraton will break the network connectivity or not. If any vmk_ping fails, the whole migration of all vmks will be rolled back and transport-node will be in failed state.	string
skip_validation	Whether to skip front-end validation for vmk/vnic/pnic migration If this property is set true, all front-end validation for vmk, vnic, and/or pnic migration will be skipped. This is useful when the remote host becomes unreachable as a result of a migration; in which case the front-end validation will always fail because data from the remote host is no longer available. Skipping the validation will allow user to undo the migration by updating the transport node first and then restoring the host network connectivity.	boolean	Default: "False"
vnic	The ESX vmk interfaces and/or VM NIC to migrate A comma separated list of vmk interfaces and/or one VM NIC. Only one VM NIC is allowed in the list; the format must be vmInstanceUuid:DeviceId like '50ca5f2d-1fa2-432d-991e-f01e0e16d182:4000'. An example list is 'vmk0,vmk1,50ca5f2d-1fa2-432d-991e-f01e0e16d182:4000'. The property can only be used along with 'vnic_migration_dest'.	string
vnic_migration_dest	The migration destinations of ESX vmk interfaces and/or VM NIC A comma separated list of vif ids, or port group names. When migrating into logical switches, the ids are vif ids in the logical ports created in the logical switches. When migrating out of logical switches, the ids are vSphere Standard Switch portgroup names in a single vSphere Standard Switch, or distributed virtual portgroup names in a single distributed virtual switch (DVS). The property can only be used in combination with property 'vnic'. The number of vnic interfaces in 'vnic' must equal the number of vif ids or port-group names in this list. The items in the two lists match by the the order.	string

TransportType (schema) (Deprecated)

Name	Description	Type	Notes
TransportType		string	Deprecated Enum: OVERLAY, VLAN

TransportZone (schema) (Deprecated)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
authorized_vlans	Authorized VLAN ids for this TransportZone This field lists vlan ids allowed on logical network entities, eg. Segments, bridges, etc. created under this transport zone. Can be empty, VLAN id or a range of VLAN ids specified with '-' in between. An empty list allows all vlan ids.	array of string
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
forwarding_mode	The forwarding mode of this transport zone.	ForwardingMode
id	Unique identifier of this resource	string	Sortable
is_default	Flag to indicate if the transport zone is the default one. Only one transport zone can be the default one for a given transport zone type. APIs that need transport zone can choose to use the default transport zone if a transport zone is not given. This is allowed only when the system created default transport zone has the flag is_default set to true for a given transport zone type which is being requested.	boolean	Default: "False"
nested_nsx	Flag to indicate if all transport nodes in this transport zone are connected through nested NSX. This flag should be set to true in nested NSX environment. When the "allow_changing_vdr_mac_in_use" property in the global config object RoutingGlobalConfig is false, this flag can not be changed if this transport zone is OVERLAY and the change will make any transport node in this transport zone to change the VDR MAC used in any host switch. When this flag is true and this transport zone is OVERLAY, all host switches in this transport zone will use the VDR MAC in the "vdr_mac_nested" property in the global config object RoutingGlobalConfig.	boolean	Default: "False"
origin_id	The host switch id generated by the system. This field is populated only if the transport zone was created by NSX system to support security on vSphere Distributed Switch (vDS). The origin_id will refer to the identifier of corresponding vDS from it's parent vCenter server.	string	Readonly
resource_type	Must be set to the value TransportZone	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
transport_type	The transport type of this transport zone.	TransportType	Required
transport_zone_profile_ids	Identifiers of the transport zone profiles associated with this TransportZone.	array of TransportZoneProfileTypeIdEntry
uplink_teaming_policy_names	Names of the switching uplink teaming policies that are supported by this transport zone. The names of switching uplink teaming policies that all transport nodes in this transport zone must support. An exception will be thrown if a transport node within the transport zone does not support a named teaming policy. The user will need to first ensure all trasnport nodes support the desired named teaming policy before assigning it to the transport zone. If the field is not specified, the host switch's default teaming policy will be used.	array of string

TransportZoneEndPoint (schema) (Deprecated)

This object associates TransportNode to a certain TransportZone

Specify which HostSwitch from this TransportNode is used handle traffic for given TransportZone

Name	Description	Type	Notes
transport_zone_id	Unique ID identifying the transport zone for this endpoint For MP APIs provide UUID of transport zone. For Policy APIs provide policyPath of transport zone.	string	Required
transport_zone_profile_ids	Identifiers of the transport zone profiles associated with this transport zone endpoint on this transport node. For MP APIs provide UUID of transport zone profiles. For Policy APIs provide policyPath of transport zone profiles.	array of TransportZoneProfileTypeIdEntry

TransportZoneListParameters (schema) (Deprecated)

Transport Zone list parameters

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
display_name	The transport zone's display name If set, all transport zones with matching display name will be returned.	string
include_system_owned	Filter to indicate whether to include system owned Transport Zones.	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
is_default	Filter to choose if default transport zones will be returned If set to true, only the default transport zones will be returned. If set to false, all transport zones except the default ones will be returned. If unset, all transport zones will be returned.	boolean
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string
transport_type	Filter to choose the type of transport zones to return If set, only transport zones of the given type will be returned; otherwise transport zones of all types will be returned.	TransportType
uplink_teaming_policy_name	The transport zone's uplink teaming policy name All transport zone's with the specified uplink teaming policy name. Otherwise, transport zones with any uplink teaming policy will be returned.	string

TransportZoneListResult (schema) (Deprecated)

Transport zone queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Transport Zone Results	array of TransportZone	Required
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

TransportZoneProfile (schema) (Deprecated)

This is an abstract type. Concrete child types:
BfdHealthMonitoringProfile

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
resource_type	Must be set to the value TransportZoneProfile	string	Required Enum: BfdHealthMonitoringProfile
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

TransportZoneProfileListParameters (schema) (Deprecated)

Transport zone profile list parameters

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
include_system_owned	Whether the list result contains system resources	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
resource_type	comma-separated list of transport zone profile types, e.g. ?resource_type=BfdHealthMonitoringProfile	string
sort_ascending		boolean
sort_by	Field by which records are sorted	string

TransportZoneProfileListResult (schema) (Deprecated)

Transport zone profile queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Transport zone profile results	array of TransportZoneProfile (Abstract type: pass one of the following concrete types) BfdHealthMonitoringProfile	Required Readonly
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

TransportZoneProfileType (schema) (Deprecated)

Supported transport zone profiles.

Name	Description	Type	Notes
TransportZoneProfileType	Supported transport zone profiles.	string	Deprecated Enum: BfdHealthMonitoringProfile

TransportZoneProfileTypeIdEntry (schema) (Deprecated)

Name	Description	Type	Notes
profile_id	profile id of the resource type	string	Required
resource_type	Selects the type of the transport zone profile	TransportZoneProfileType

TransportZoneStatus (schema) (Deprecated)

Transport zone runtime status information

Name	Description	Type	Notes
num_logical_ports	Count of logical ports in the transport zone	int	Required Readonly
num_logical_switches	Count of logical switches in the transport zone	int	Required Readonly
num_transport_nodes	Count of transport nodes in the transport zone	int	Required Readonly
transport_node_members	Information about transport nodes which are part of this transport zone	array of TransportNodeMemberInfo	Readonly
transport_zone_id	Unique ID identifying the transport zone	string	Required Readonly

TrunkVlanRange (schema) (Deprecated)

Trunk VLAN id range

Name	Description	Type	Notes
end		VlanID	Required
start		VlanID	Required

TunnelSubnet (schema) (Deprecated)

Name	Description	Type	Notes
ip_addresses	Subnet ip addresses	array of IPv4Address	Required Minimum items: 1 Maximum items: 1
prefix_length	Subnet Prefix Length	integer	Required Minimum: 1 Maximum: 31

UplinkHostSwitchProfile (schema) (Deprecated)

Profile for uplink policies

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
lags	list of LACP group	array of Lag	Maximum items: 64
mtu	Maximum Transmission Unit used for uplinks	int	Minimum: 1280
named_teamings	List of named uplink teaming policies that can be used by logical switches	array of NamedTeamingPolicy	Maximum items: 32
overlay_encap	The protocol used to encapsulate overlay traffic	string	Enum: VXLAN, GENEVE Default: "GENEVE"
required_capabilities		array of string	Readonly
resource_type	Must be set to the value UplinkHostSwitchProfile	HostSwitchProfileType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
teaming	Default TeamingPolicy associated with this UplinkProfile	TeamingPolicy	Required
transport_vlan	VLAN used for tagging Overlay traffic of associated HostSwitch	VlanID	Default: "0"

UsernamePasswordLoginCredential (schema) (Deprecated)

A login credential specifying a username and password

Name	Description	Type	Notes
credential_type	Must be set to the value UsernamePasswordLoginCredential	string	Required
password	The authentication password for login	secure_string
thumbprint	Thumbprint of the login server	string
username	The username for login	string

VdsUplink (schema) (Deprecated)

VMware vSphere Distributed Switch (VDS) uplink/LAG mapping

If Virtual Distributed Switch is used as a HostSwitch to configure TransportNode or TransportNodeProfie, this mapping should be specified. You can either use vds_uplink_name or vds_lag_name to associate with uplink_name from UplinkHostSwitch profile.

Name	Description	Type	Notes
uplink_name	Uplink name from UplinkHostSwitch profile This name is from UplinkHostSwitch profile that is associated with the HostSwitch specified in TransportNode or TransportNodeProfile configuration. This name will be used as an alias to either VDS uplink or lag in other configuration.	string	Required
vds_lag_name	Link Aggregation Group (LAG) name of Virtual Distributed Switch LAG name that is connected to Physical NIC on a host from vSphere.	string
vds_uplink_name	Uplink name of VMware vSphere Distributed Switch (VDS) Uplink name of VDS that is connected to Physical NIC on a host from vSphere.	string

VifAttachmentContext (schema) (Deprecated)

Name	Description	Type	Notes
allocate_addresses	A flag to indicate whether to allocate addresses from allocation pools bound to the parent logical switch.	string	Enum: IpPool, MacPool, Both, None, Dhcp, DhcpV6, SLAAC
app_id	ID used to identify/look up a child VIF behind a parent VIF An application ID used to identify / look up a child VIF behind a parent VIF. Only effective when vif_type is CHILD.	string
bms_interface_config	Application interface configuration for Bare metal server Indicate application interface configuration for Bare Metal Server. Only effective when vif_type is INDEPENDENT.	AttachedInterface
parent_vif_id	VIF ID of the parent VIF if vif_type is CHILD	string
resource_type	Must be set to the value VifAttachmentContext	string	Required
traffic_tag	Tag used for the traffic between this VIF and parent VIF Current we use VLAN id as the traffic tag. Only effective when vif_type is CHILD. Each logical port inside a container must have a unique traffic tag. If the traffic_tag is not unique, no error is generated, but traffic will not be delivered to any port with a non-unique tag.	int
transport_node_uuid	The UUID of the transport node Only effective when vif_type is INDEPENDENT. Each logical port inside a bare metal server or container must have a transport node UUID. We use transport node ID as transport node UUID.	string
vif_type	Type of the VIF attached to logical port	string	Required Enum: PARENT, CHILD, INDEPENDENT

VlanTrunkSpec (schema) (Deprecated)

VLAN trunk range specification

VlanTrunkspec is used for specifying trunk VLAN id ranges.

Name	Description	Type	Notes
vlan_ranges	Trunk VLAN id ranges	array of TrunkVlanRange	Required

VmknicNetwork (schema) (Deprecated)

Vmknic network specification

Mapping of all vmk interfaces to destination networks

Name	Description	Type	Notes
destination_network	The network id to which the ESX vmk interface will be migrated. When migrating vmks to N-VDS/logical switches, the id is the logical switch id. When migrating out of N-VDS/logical switches, the id is the vSphere Switch portgroup name in a single vSphere Standard Switch (VSS), or distributed virtual portgroup name in a single distributed virtual switch (DVS).	string	Required
device_name	ESX vmk interface name The vmk interface name, e.g., vmk0, vmk1; the id assigned by vCenter.	string	Required

WhiteListProvisionType (schema) (Deprecated)

Ways to provide white listed addresses for SpoofGuard

Name	Description	Type	Notes
WhiteListProvisionType	Ways to provide white listed addresses for SpoofGuard	string	Deprecated Enum: LPORT_BINDINGS

XForwardedForType (schema) (Deprecated)

x-forwarded-for type

Name	Description	Type	Notes
XForwardedForType	x-forwarded-for type	string	Deprecated Enum: INSERT, REPLACE