NSX-T Data Center REST API
ALBAuthToken (type)
{
"description": "Avi Load Balancer Auth Token.",
"id": "ALBAuthToken",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"expires_at": {
"description": "Expiry time of the token will be set by LCM at the time of Enforcement Point Creation.",
"required": false,
"title": "Expiry time of the token",
"type": "string"
},
"hours": {
"description": "Hours to validate the token.",
"required": true,
"title": "hours",
"type": "string"
},
"token": {
"description": "Token for Avi Controller.",
"title": "Token for Avi Controller",
"type": "string"
},
"username": {
"description": "Avi controller username.",
"required": true,
"title": "username",
"type": "string"
}
},
"title": "Auth Token",
"type": "object"
}
ALBControllerAdminCredential (type)
{
"description": "Avi Load Balancer Controller admin user credential for validation.",
"id": "ALBControllerAdminCredential",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"password": {
"description": "Password for the Avi Load Balancer Controller admin user.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "secure_string"
}
},
"title": "ALBControllerAdminCredential",
"type": "object"
}
ALBControllerBackupConfiguration (type)
{
"description": "Configuration for Avi Load Balancer Controller remote backup.",
"id": "ALBControllerBackupConfiguration",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"backup_location": {
"description": "Directory in backup server.",
"required": true,
"title": "Directory in backup server",
"type": "string"
},
"backup_passphrase": {
"description": "Passphrase for in the backup.",
"required": true,
"sensitive": true,
"title": "Passphrase for in the backup",
"type": "secure_string"
},
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"password": {
"description": "Backup server password.",
"required": true,
"sensitive": true,
"title": "Backup server password",
"type": "secure_string"
},
"server_address": {
"$ref": "HostnameOrIPv4Address",
"description": "Backup server address.",
"required": true,
"title": "Backup server address"
},
"server_port": {
"description": "Port number of backup server for SFTP connection.",
"maximum": 65535,
"minimum": 1,
"title": "Port number of backup server",
"type": "integer"
},
"ssh_fingerprint": {
"description": "SSH fingerprint of backup server.",
"pattern": "^SHA256:.*$",
"title": "SSH fingerprint of backup server",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.fingerprint_pattern.message"
},
"username": {
"description": "Backup server username.",
"required": true,
"title": "Backup server username",
"type": "string"
}
},
"title": "ALBControllerBackupConfiguration",
"type": "object"
}
ALBControllerCertificate (type)
{
"description": "Avi Load Balancer Controller portal certificate.",
"id": "ALBControllerCertificate",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"cert": {
"description": "Avi Load Balancer Controller portal certificate or CSR.",
"required": false,
"title": "Avi Load Balancer Controller portal certificate or CSR",
"type": "string"
},
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"csr": {
"description": "Avi Load Balancer Controller portal certificate or CSR.",
"required": false,
"title": "Avi Load Balancer Controller portal certificate or CSR",
"type": "string"
},
"name": {
"description": "Name of Avi Load Balancer Controller portal certificate or CSR.",
"required": true,
"title": "Name of Avi Load Balancer Controller portal certificate or CSR",
"type": "string"
}
},
"title": "ALBControllerCertificate",
"type": "object"
}
ALBControllerCertificateCsr (type)
{
"description": "CSR for Avi Load Balancer Controller portal certificate.",
"id": "ALBControllerCertificateCsr",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"algorithm": {
"description": "Algorithm for Avi Load Balancer Controller portal certificate.",
"required": false,
"title": "Algorithm for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"common_name": {
"description": "Common name for Avi Load Balancer Controller portal certificate.",
"required": true,
"title": "Common name for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"country": {
"description": "Country name for Avi Load Balancer Controller portal certificate.",
"required": false,
"title": "Country name for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"email": {
"description": "Email for Avi Load Balancer Controller portal certificate.",
"required": false,
"title": "Email for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"key_size": {
"description": "Key size for Avi Load Balancer Controller portal certificate.",
"required": false,
"title": "Key size for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"locality": {
"description": "Location or region for Avi Load Balancer Controller portal certificate.",
"required": false,
"title": "Location or region for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"organization": {
"description": "Organization for Avi Load Balancer Controller portal certificate.",
"required": false,
"title": "Organization for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"organization_unit": {
"description": "Organization unit for Avi Load Balancer Controller portal certificate.",
"required": false,
"title": "Organization unit for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"state_name": {
"description": "State name for Avi Load Balancer Controller portal certificate.",
"required": false,
"title": "State name for Avi Load Balancer Controller portal certificate",
"type": "string"
},
"subject_alt_names": {
"description": "List of SAN for Avi Load Balancer Controller portal certificate.",
"items": {
"type": "string"
},
"required": false,
"title": "List of SAN for Avi Load Balancer Controller portal certificate",
"type": "array"
}
},
"title": "ALBControllerCertificateCsr",
"type": "object"
}
ALBControllerCertificateParameters (type)
{
"additionalProperties": false,
"id": "ALBControllerCertificateParameters",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"ca_only": {
"description": "If set to True, given CA certificate will be added to NSX truststore, no certificate install will be performed on Avi Load Balancer Controller.",
"required": false,
"title": "Add given CA certificate to NSX Truststore",
"type": "boolean"
}
},
"type": "object"
}
ALBControllerClusterInfo (type)
{
"additionalProperties": false,
"description": "Avi Load Balancer Controller cluster information about nodes in the cluster and cluster information.",
"id": "ALBControllerClusterInfo",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"cluster_name": {
"description": "Avi Load Balancer Controller cluster name.",
"readonly": true,
"title": "Avi Load Balancer Controller cluster name",
"type": "string"
},
"cluster_state": {
"description": "Avi Load Balancer Controller cluster state.",
"readonly": true,
"title": "Avi Load Balancer Controller cluster state",
"type": "string"
},
"cluster_uuid": {
"description": "ID of the Cluster maintained internally. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"title": "ID of the cluster used to recognize it",
"type": "string"
},
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"error": {
"$ref": "AlbControllerClusterRuntimeError",
"description": "Avi Load Balancer Controller cluster error information, if any.",
"readonly": true,
"title": "Avi Load Balancer Controller cluster error"
},
"nodes": {
"items": {
"$ref": "ALBControllerNodeInfo"
},
"title": "Avi Load Balancer Controller node information",
"type": "array"
},
"reason": {
"description": "Avi Load Balancer cluster state not STABLE reason.",
"readonly": true,
"title": "Avi Load Balancer cluster state not STABLE reason",
"type": "string"
},
"version": {
"description": "Avi Load Balancer Controller cluster version.",
"readonly": true,
"title": "Avi Load Balancer Controller cluster version",
"type": "string"
},
"virtual_ip": {
"$ref": "IPAddress",
"description": "Avi Load Balancer Controller cluster virtual_ip.",
"readonly": true,
"title": "Avi Load Balancer Controller cluster VIP"
}
},
"title": "Avi Load Balancer Controller cluster info",
"type": "object"
}
ALBControllerClusterNodeVMFormFactor (type)
{
"description": "Specifies the desired \"form factor\" of the node. Affects number of virtual CPUs and/or memory size given to the new cluster node.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE",
"XLARGE",
"CUSTOM"
],
"id": "ALBControllerClusterNodeVMFormFactor",
"module_id": "PolicyALBControllerDeployment",
"title": "Supported node form factor for Avi Load Balancer Controller",
"type": "string"
}
ALBControllerClusterTrigger (type)
{
"description": "Avi Load Balancer Controller node clustering trigger response.",
"id": "ALBControllerClusterTrigger",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"status": {
"description": "Avi Load Balancer Controller node clustering trigger status.",
"readonly": true,
"title": "Avi Load Balancer Controller node clustering trigger status",
"type": "string"
}
},
"title": "Avi Load Balancer Controller node clustering trigger response",
"type": "object"
}
ALBControllerClusteringParameters (type)
{
"additionalProperties": false,
"description": "Parameters for filtering the Avi Load Balancer Controller clusters.",
"id": "ALBControllerClusteringParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"clustering_id": {
"description": "Id to filter Avi Load Balancer Controllers, if not provided Avi Load Balancer Controllers without clustering Id will be returned.",
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
}
},
"title": "Filtering parameters for Avi Load Balancer Controller clusters",
"type": "object"
}
ALBControllerConfiguration (type)
{
"additionalProperties": false,
"description": "Avi Load Balancer Controller config details.",
"id": "ALBControllerConfiguration",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"cluster_ip": {
"$ref": "IPAddress",
"description": "The cluster IP of the Avi Load Balancer Controller cluster. This is mandatory parameter and required for single node Avi controller deployments as well.",
"readonly": false,
"required": true,
"title": "Cluster IP of Avi Load Balancer Controller cluster"
},
"default_cert": {
"description": "Is Avi Load Balancer Controller using default portal certificate.",
"enum": [
true,
false
],
"required": false,
"title": "Is Avi Load Balancer Controller using default portal certificate",
"type": "string"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPv4Address"
},
"required": false,
"title": "DNS servers",
"type": "array"
},
"infra_admin_password": {
"description": "Password for the Avi controller admin user. For deployment, this property is required. The password specified must be at least 8 characters in length.",
"required": true,
"sensitive": true,
"title": "Avi Load Balancer Controller admin password",
"type": "secure_string"
},
"infra_admin_username": {
"description": "Username for server authentication.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "secure_string"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPv4Address"
},
"required": false,
"title": "NTP servers",
"type": "array"
},
"owned_by": {
"description": "OnBoarding workflow is initiated by VCF/LCM.",
"enum": [
"LCM",
"VCF"
],
"required": true,
"title": "owned_by",
"type": "string"
}
},
"title": "ALBControllerConfiguration",
"type": "object"
}
ALBControllerNodeFormFactor (type)
{
"additionalProperties": false,
"description": "Avi Load Balancer node form factor.",
"id": "ALBControllerNodeFormFactor",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"disk": {
"description": "Disk size of the Avi Load Balancer Controller node in Bytes.",
"readonly": true,
"title": "Disk size of the Avi Load Balancer Controller node in Bytes",
"type": "integer"
},
"memory": {
"description": "Memory size of the Avi Load Balancer Controller node in Bytes.",
"readonly": true,
"title": "Memory size of the Avi Load Balancer Controller node in Bytes",
"type": "integer"
},
"type": {
"$ref": "ALBControllerClusterNodeVMFormFactor",
"description": "Avi Load Balancer Controller node form factor type.",
"readonly": true,
"title": "Avi Load Balancer Controller node form factor type"
},
"vcpu": {
"description": "Number of virtual cpus on the Avi Load Balancer Controller node.",
"readonly": true,
"title": "Number of virtual cpus on the Avi Load Balancer Controller node",
"type": "integer"
}
},
"title": "Avi Load Balancer Controller node form factor",
"type": "object"
}
ALBControllerNodeFormFactorParameters (type)
{
"additionalProperties": false,
"description": "parameters for Avi Load Balancer Controller Form Factors.",
"id": "ALBControllerNodeFormFactorParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"alb_major_version": {
"description": "Major release version of Avi Load Balancer Controller for which form factor details will be returned.",
"title": "Major release version of Avi Load Balancer Controller for which form factor details will be returned.",
"type": "string"
}
},
"title": "Filtering parameters for Avi Load Balancer Controller Form Factors.",
"type": "object"
}
ALBControllerNodeFormFactors (type)
{
"id": "ALBControllerNodeFormFactors",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"form_factors": {
"items": {
"$ref": "ALBControllerNodeFormFactor"
},
"title": "Avi Load Balancer Controller form factor list",
"type": "array"
}
},
"title": "Avi Load Balancer Controller form factors list result",
"type": "object"
}
ALBControllerNodeInfo (type)
{
"description": "Avi Load Balancer Controller node information like node IP and node name.",
"id": "ALBControllerNodeInfo",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"is_dhcp": {
"description": "Avi Load Balancer Controller node IP configuration is static or DHCP.",
"readonly": true,
"title": "Is DHCP based IP assignment",
"type": "boolean"
},
"node_ip": {
"$ref": "IPAddress",
"description": "Avi Load Balancer Controller node IP.",
"readonly": true,
"title": "Avi Load Balancer Controller node IP"
},
"node_name": {
"description": "Avi Load Balancer Controller node name.",
"readonly": true,
"title": "Avi Load Balancer Controller node name",
"type": "string"
},
"node_role": {
"description": "Avi Load Balancer Controller node role in cluster.",
"readonly": true,
"title": "Avi Load Balancer Controller node role",
"type": "string"
},
"node_start_time": {
"$ref": "EpochMsTimestamp",
"description": "Avi Load Balancer Controller node start time in its local timezone.",
"readonly": true,
"title": "Avi Load Balancer Controller node start time"
},
"node_state": {
"description": "Avi Load Balancer Controller node current state in the cluster.",
"readonly": true,
"title": "Avi Load Balancer Controller node state",
"type": "string"
},
"vm_id": {
"description": "ID of the node maintained internally. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"title": "ID of node used to recognize it",
"type": "string"
}
},
"title": "Information for Avi Load Balancer Controller nodes",
"type": "object"
}
ALBControllerNodeParameters (type)
{
"additionalProperties": false,
"description": "Parameters for listing the Avi Load Balancer Controller nodes.",
"id": "ALBControllerNodeParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"clustering_id": {
"description": "Id to filter Avi Load Balancer Controllers, if not provided Avi Load Balancer Controllers without clustering Id will be returned.",
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"state": {
"description": "If state is pending then pending requests for Avi Load Balancer Controller nodes are shown. If state is deployed then deployed requests for Avi Load Balancer Controller nodes are shown. else show all the Avi Load Balancer Controller deployment requests.",
"enum": [
"DEPLOYED",
"PENDING"
],
"title": "The current state of the Avi Load Balancer Controller node deployment",
"type": "string"
}
},
"title": "List parameters for Avi Load Balancer Controller nodes",
"type": "object"
}
ALBControllerNodeUserSettings (type)
{
"additionalProperties": false,
"id": "ALBControllerNodeUserSettings",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"admin_password": {
"description": "Password for the Avi controller admin user. For deployment, this property is required. The password specified must be at least 8 characters in length and should match Avi Controller password strength requirements.",
"required": true,
"sensitive": true,
"title": "Avi Load Balancer Controller admin password",
"type": "secure_string"
},
"admin_ssh_key": {
"description": "To configure ssh into the Avi Load Balancer Controller, this property is required.",
"required": false,
"title": "Admin User SSH key",
"type": "string"
}
},
"type": "object"
}
ALBControllerNodeVMClusterConfig (type)
{
"description": "Contains the cluster configuration for Avi Load Balancer Controller.",
"extends": {
"$ref": "ManagedResource"
},
"id": "ALBControllerNodeVMClusterConfig",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cluster_ip": {
"$ref": "IPAddress",
"description": "The cluster IP of the Avi Load Balancer Controller node cluster. This is mandatory parameter and required for single node controller deployments as well.",
"readonly": false,
"required": true,
"title": "Cluster IP of Avi Load Balancer Controller cluster"
},
"cluster_name": {
"description": "The cluster name of the Avi Load Balancer Controller cluster.",
"readonly": false,
"required": false,
"title": "Cluster name of Avi Load Balancer Controller cluster",
"type": "string"
},
"cluster_uuid": {
"description": "ID of the Cluster maintained internally. This is different from cluster_uuid internal to Avi Load Balancer Controller. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"title": "ID of the Avi Load Balancer Controller cluster used to recognize it",
"type": "string"
},
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Info for Avi Load Balancer Controller cluster configuration",
"type": "object"
}
ALBControllerNodeVMDeletionParameters (type)
{
"description": "Parameters for deletion of a Avi Load Balancer Controller node.",
"id": "ALBControllerNodeVMDeletionParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"force_delete": {
"description": "If true, the Avi Load Balancer Controller node will be undeployed even if it cannot be removed from its cluster.",
"title": "Delete by force",
"type": "boolean"
},
"inaccessible": {
"description": "If inaccessible is provided along with force_delete and if this is the last Avi Load Balancer Controller node in the cluster then deployment request will be deleted from NSX even if Policy objects are present.",
"title": "Delete when controller is inaccessible",
"type": "string"
}
},
"title": "Parameters for deleting a deployed Avi Load Balancer Controller",
"type": "object"
}
ALBControllerNodeVMDeploymentConfig (type)
{
"abstract": true,
"description": "Information used to configure the Avi Load Balancer Controller node.",
"id": "ALBControllerNodeVMDeploymentConfig",
"module_id": "PolicyALBControllerDeployment",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "placement_type"
},
"properties": {
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the Avi Load Balancer Controller node.",
"enum": [
"AlbControllerVsphereClusterNodeVmDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
}
},
"title": "Configuration for deploying Avi Load Balancer Controller node",
"type": "object"
}
ALBControllerNodeVMDeploymentProgressState (type)
{
"description": "Deployment progress state of Avi Load Balancer Controller node. This Object contains name of current deployment step and overall progress percentage.",
"id": "ALBControllerNodeVMDeploymentProgressState",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"current_step_title": {
"description": "Name of the current running step of deployment.",
"readonly": true,
"required": false,
"title": "Name of the current step",
"type": "string"
},
"progress": {
"description": "Overall progress percentage of deployment completed.",
"readonly": true,
"required": false,
"title": "Progress percentage",
"type": "integer"
}
},
"title": "Deployment progress of Avi Load Balancer Controller node",
"type": "object"
}
ALBControllerNodeVMDeploymentRequest (type)
{
"additionalProperties": false,
"description": "Contains the deployment information for a Avi Load Balancer Controller node.",
"extends": {
"$ref": "ManagedResource"
},
"id": "ALBControllerNodeVMDeploymentRequest",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"deployment_config": {
"$ref": "ALBControllerNodeVMDeploymentConfig",
"description": "Deployment information and basic configuration for the Avi Load Balancer Controller.",
"required": true,
"title": "Deployment config for Avi Load Balancer Controller node"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"form_factor": {
"$ref": "ALBControllerClusterNodeVMFormFactor",
"default": "MEDIUM",
"description": "Specifies the desired \"form factor\" of the node.",
"required": false,
"title": "Form factor for Avi Load Balancer Controller"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sddc_manager": {
"$ref": "HostnameOrIPv4Address",
"description": "FQDN or IP of SDDC Manager for VCF workflow.",
"required": false,
"title": "FQDN or IP of SDDC Manager for VCF workflow"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"user_settings": {
"$ref": "ALBControllerNodeUserSettings",
"description": "SSH key and password for the Avi Load Balancer Controller cluster. Note: SSH key settings will be honored only during node deployment.",
"required": true,
"sensitive": true,
"title": "User settings for the node"
},
"vm_id": {
"description": "ID of the node maintained internally. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"required": false,
"title": "ID of Avi Load Balancer Controller node used to recognize it",
"type": "string"
}
},
"title": "Info for Avi Load Balancer Controller node deployment request",
"type": "object"
}
ALBControllerNodeVMDeploymentRequestList (type)
{
"additionalProperties": false,
"description": "List of Avi Load Balancer Controller Deployment Requests.",
"extends": {
"$ref": "ListResult"
},
"id": "ALBControllerNodeVMDeploymentRequestList",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"clustering_id": {
"description": "Id to filter Avi Load Balancer Controllers, if not provided Avi Load Balancer Controllers without clustering Id will be returned.",
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of Avi Load Balancer Controller Deployment Requests.",
"items": {
"$ref": "ALBControllerNodeVMDeploymentRequest"
},
"required": true,
"title": "Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ALBControllerNodeVMDeploymentRequest list",
"type": "object"
}
ALBControllerNodeVMDeploymentStatusReport (type)
{
"description": "Contains up-to-date information relating to Avi Load Balancer Controller node, including its status and (potentially) an error message.",
"id": "ALBControllerNodeVMDeploymentStatusReport",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"deployment_progress_state": {
"$ref": "ALBControllerNodeVMDeploymentProgressState",
"description": "Detailed progress state of Avi Load Balancer Controller node deployment realization.",
"readonly": true,
"required": false,
"title": "Deployment progress state of node"
},
"failure_code": {
"description": "In case of auto-deployment-related failure, the code for the error will be stored here.",
"required": false,
"title": "Error code for failure",
"type": "integer"
},
"failure_message": {
"description": "In case of auto-deployment-related failure, an error message will be stored here.",
"required": false,
"title": "Error message for failure",
"type": "string"
},
"status": {
"description": "Status of the addition or deletion of an auto-deployed Avi Load Balancer Controller node.",
"enum": [
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"VM_POWER_ON_SUCCESSFUL",
"VM_REGISTRATION_IN_PROGRESS",
"VM_REGISTRATION_SUCCESSFUL",
"VM_REGISTRATION_FAILED",
"VM_WAITING_TO_COME_ONLINE",
"VM_ONLINE_FAILED",
"VM_CONFIGURATION_IN_PROGRESS",
"VM_CONFIGURATION_SUCCESSFUL",
"VM_CONFIGURATION_FAILED",
"VM_CLUSTERING_QUEUED",
"VM_CLUSTERING_IN_PROGRESS",
"VM_CLUSTERING_SUCCESSFUL",
"VM_CLUSTERING_FAILED",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"WAITING_TO_UNDEPLOY_VM",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"UNKNOWN_STATE"
],
"required": true,
"title": "Auto-deployed Avi Load Balancer Controller node deployment status",
"type": "string"
}
},
"title": "Status report of Avi Load Balancer Controller node deployment",
"type": "object"
}
ALBControllerNodeVMUpdateParameters (type)
{
"description": "Parameters for updating Avi Load Balancer Controller node password, DNS and NTP related configuration",
"id": "ALBControllerNodeVMUpdateParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"running_config": {
"description": "If true, then the configuration will be updated in the running Avi Load Balancer Controllers as well.",
"title": "Update Avi Load Balancer Controller runtime config as well",
"type": "boolean"
}
},
"title": "Parameters for updating Avi Load Balancer Controller request",
"type": "object"
}
ALBControllerSystemConfiguration (type)
{
"description": "Avi Load Balancer Controller System Configuration.",
"id": "ALBControllerSystemConfiguration",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"backup_server_config": {
"$ref": "ALBControllerBackupConfiguration",
"description": "Backup server configuration for Avi Load Balancer Controller.",
"required": false,
"title": "Backup server configuration for Avi Load Balancer Controller"
},
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPv4Address"
},
"required": false,
"title": "DNS servers",
"type": "array"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPv4Address"
},
"required": false,
"title": "NTP servers",
"type": "array"
}
},
"title": "ALBControllerSystemConfiguration",
"type": "object"
}
ALBControllerSystemConfigurationResponse (type)
{
"description": "Avi Load Balancer Controller node system configuration update response.",
"id": "ALBControllerSystemConfigurationResponse",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"status": {
"description": "Avi Load Balancer Controller node system configuration update status.",
"readonly": true,
"title": "Avi Load Balancer Controller node system configuration update status",
"type": "string"
}
},
"title": "Avi Load Balancer Controller node system configuration update response",
"type": "object"
}
ALBControllerUserCredential (type)
{
"description": "Avi Load Balancer Controller user credentials.",
"id": "ALBControllerUserCredential",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"clustering_id": {
"description": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"password": {
"description": "Password for user credential object.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"user_credential_type": {
"description": "Type of user credential.",
"enum": [
"CONTROLLER_ADMIN_USER_CREDENTIAL",
"VCENTER_SERVICE_USER_CREDENTIAL",
"NSX_SERVICE_USER_CREDENTIAL",
"NSXT_ALB_REMOTE_BACKUP_CREDENTIAL"
],
"required": true,
"title": "Type of user credential",
"type": "string"
},
"username": {
"description": "Username for the credential object.",
"required": true,
"title": "Username",
"type": "string"
}
},
"title": "ALBControllerServiceUserCredential",
"type": "object"
}
ALBControllerUserCredentialDeleteParameters (type)
{
"additionalProperties": false,
"description": "Parameters for deleting user credentials from the Avi Load Balancer Controller.",
"id": "ALBControllerUserCredentialDeleteParameters",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"clustering_id": {
"description": "Id to filter Avi Load Balancer Controllers.",
"title": "Unique Id for Avi Load Balancer Controller Cluster used in VCF managed NSX",
"type": "string"
},
"user_credential_type": {
"description": "Type of user credential.",
"enum": [
"VCENTER_SERVICE_USER_CREDENTIAL",
"NSX_SERVICE_USER_CREDENTIAL"
],
"required": true,
"title": "Type of user credential",
"type": "string"
}
},
"title": "ALBControllerUserCredentialDeleteParameters",
"type": "object"
}
ALBControllerUserCredentialResponse (type)
{
"description": "Avi Load Balancer Controller user credential response.",
"id": "ALBControllerUserCredentialResponse",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"user_credential_type": {
"description": "Type of user credential.",
"enum": [
"CONTROLLER_ADMIN_USER_CREDENTIAL",
"VCENTER_SERVICE_USER_CREDENTIAL",
"NSX_SERVICE_USER_CREDENTIAL",
"NSXT_ALB_REMOTE_BACKUP_CREDENTIAL"
],
"required": true,
"title": "Type of user credential",
"type": "string"
},
"username": {
"description": "Username for the user credential object.",
"required": true,
"title": "Username",
"type": "string"
}
},
"title": "ALBControllerUserCredentialResponse",
"type": "object"
}
ALBEnforcementPointState (type)
{
"description": "Valid ENUM values for ALBEnforcementPointState",
"enum": [
"ACTIVATE",
"DEACTIVATE_PROVIDER",
"DEACTIVATE_API"
],
"id": "ALBEnforcementPointState",
"module_id": "PolicyEnforcementPointManagement",
"title": "Enforcement point state for ALB",
"type": "string"
}
ALGTypeNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement"
},
"id": "ALGTypeNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "ALGTypeNSService"
},
"properties": {
"alg": {
"description": "The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead.",
"enum": [
"ORACLE_TNS",
"FTP",
"SUN_RPC_TCP",
"SUN_RPC_UDP",
"MS_RPC_TCP",
"MS_RPC_UDP",
"NBNS_BROADCAST",
"NBDG_BROADCAST",
"TFTP"
],
"required": true,
"title": "The Application Layer Gateway (ALG) protocol",
"type": "string"
},
"destination_ports": {
"items": {
"$ref": "PortElement"
},
"maxItems": 15,
"minItems": 1,
"required": true,
"title": "The destination_port cannot be empty and must be a single value.",
"type": "array"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
},
"source_ports": {
"items": {
"$ref": "PortElement"
},
"maxItems": 15,
"required": false,
"title": "Source ports",
"type": "array"
}
},
"title": "An NSService element that represents an ALG protocol",
"type": "object"
}
ALGTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry"
},
"id": "ALGTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ALGTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alg": {
"description": "The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead.",
"enum": [
"ORACLE_TNS",
"FTP",
"SUN_RPC_TCP",
"SUN_RPC_UDP",
"MS_RPC_TCP",
"MS_RPC_UDP",
"NBNS_BROADCAST",
"NBDG_BROADCAST",
"TFTP"
],
"required": true,
"title": "The Application Layer Gateway (ALG) protocol",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_ports": {
"items": {
"$ref": "PortElement"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "The destination_port cannot be empty and must be a single value.",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"source_ports": {
"items": {
"$ref": "PortElement"
},
"maxItems": 15,
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An ServiceEntry that represents an ALG protocol",
"type": "object"
}
AbstractSpace (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents the space in which the policy is being defined.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "AbstractSpace",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connectivity_strategy": {
"deprecated": true,
"description": "The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelisting with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy used by this tenant",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "The space in which policy is being defined",
"type": "object"
}
AcceptableComponentVersion (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VersionList"
},
"id": "AcceptableComponentVersion",
"module_id": "VersionWhitelist",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"acceptable_versions": {
"items": {
"type": "string"
},
"required": true,
"title": "List of component versions",
"type": "array"
},
"component_type": {
"enum": [
"HOST",
"EDGE",
"CCP",
"MP"
],
"required": true,
"title": "Node type",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AcceptableComponentVersionList (type)
{
"additionalProperties": false,
"id": "AcceptableComponentVersionList",
"module_id": "VersionWhitelist",
"properties": {
"results": {
"items": {
"$ref": "AcceptableComponentVersion"
},
"required": true,
"title": "Acceptable version whitelist for different components",
"type": "array"
}
},
"type": "object"
}
Action (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Reaction Action is the action to take when the stipulated criteria specified in the event exist over the source. Some example actions include: - Notify Admin (or VMC's SRE) via email. - Populate a specific label with the IPSec VPN Session. - Remove the IPSec VPN Session from a specific label.",
"id": "Action",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Reaction Action resource type.",
"enum": [
"PatchResources",
"SetFields"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Reaction Action",
"type": "object"
}
ActionRequest (type)
{
"additionalProperties": false,
"id": "ActionRequest",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"description": "Action required to be performed on intent",
"title": "Action to be performed",
"type": "string"
}
},
"title": "Action request object",
"type": "object"
}
ActionableResource (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "ActionableResource",
"module_id": "ClusterRestore",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"format": "hostname-or-ip",
"required": false,
"title": "A resource reference on which actions can be performed",
"type": "string"
},
"ipv6_address": {
"description": "IPv6 address of the current node",
"format": "hostname-or-ip",
"required": false,
"title": "ipv6 address",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Resources managed during restore process",
"type": "object"
}
ActionableResourceListRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ActionableResourceListRequestParameters",
"module_id": "ClusterRestore",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"instruction_id": {
"required": true,
"title": "Id of the instruction set whose instructions are to be returned",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ActionableResourceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ActionableResourceListResult",
"module_id": "ClusterRestore",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ActionableResource"
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ActiveDirectoryIdentitySource (type)
{
"description": "An identity source service that runs Microsoft Active Directory. The service allows selected user accounts defined in Active Directory to log into and access NSX-T.",
"extends": {
"$ref": "LdapIdentitySource"
},
"id": "ActiveDirectoryIdentitySource",
"module_id": "LdapIdentitySources",
"polymorphic-type-descriptor": {
"type-identifier": "ActiveDirectoryIdentitySource"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alternative_domain_names": {
"description": "After parsing the \"user@domain\", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.",
"items": {
"type": "string"
},
"title": "Additional domains to be directed to this identity source",
"type": "array"
},
"base_dn": {
"description": "The subtree of the LDAP identity source to search when locating users and groups.",
"required": true,
"title": "DN of subtree for user and group searches",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "The name of the authentication domain. When users log into NSX using an identity of the form \"user@domain\", NSX uses the domain portion to determine which LDAP identity source to use.",
"required": true,
"title": "Authentication domain name",
"type": "string"
},
"group_cache_ttl": {
"default": 60,
"description": "NSX keeps a cache of Active Directory group membership for groups that have a configured NSX role, in order to speed up authentication. The cache will be refreshed after the time-to-live has expired. Until the cache is refreshed, any new groups added to Active Directory will not be visible to NSX. By default, the cached is refreshed once per minute.",
"title": "Group cache time-to-live, in seconds",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.",
"items": {
"$ref": "IdentitySourceLdapServer"
},
"maxItems": 3,
"title": "LDAP servers for this identity source",
"type": "array"
},
"resolve_nested_groups": {
"default": true,
"description": "If true, NSX will recursively find all groups that the user belongs to, even if the groups are nested. This can perform slowly for users who are in many deeply nested groups. You can disable this option to improve performance, but only the groups that directly contain the user will be considered for access control decisions.",
"title": "Resolve nested groups",
"type": "boolean"
},
"resource_type": {
"enum": [
"ActiveDirectoryIdentitySource",
"OpenLdapIdentitySource"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "An Active Directory identity source service",
"type": "object"
}
ActiveStandbySyncStatus (type)
{
"id": "ActiveStandbySyncStatus",
"module_id": "SiteManagerModule",
"properties": {
"description": {
"required": true,
"title": "Description of the status.",
"type": "string"
},
"full_sync_status": {
"$ref": "FullSyncStatus",
"required": true,
"title": "Status of full sync."
},
"is_data_consistent": {
"required": true,
"title": "Indicates whether the data is consistent. Always returned as true when queried on an active Global Manager node.",
"type": "boolean"
},
"percentage_completed": {
"required": false,
"title": "Percentage estimate of synchronization progress. Ranges from 0 to 100. This value is only returned when queried on an active Global Manager node.",
"type": "integer"
},
"remaining_entries_to_send": {
"required": false,
"title": "Number of entries pending synchronization. This value is only returned when queried on an active Global Manager node.",
"type": "integer"
},
"standby_site": {
"required": true,
"title": "Name of standby site.",
"type": "string"
},
"status": {
"enum": [
"UNAVAILABLE",
"ERROR",
"ONGOING",
"NOT_STARTED"
],
"required": true,
"title": "Status of synchronization between active and standby Global Manager nodes.",
"type": "string"
},
"sync_type": {
"enum": [
"UNAVAILABLE",
"DELTA_SYNC",
"FULL_SYNC"
],
"required": true,
"title": "Type of synchronization currently in effect between active and standby Global Manager nodes.",
"type": "string"
}
},
"type": "object"
}
AddALBControllerNodeVMInfo (type)
{
"description": "Contains a list of Avi Load Balancer Controller node deployment requests.",
"id": "AddALBControllerNodeVMInfo",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"deployment_requests": {
"description": "Avi Load Balancer Controller deployment requests to be deployed by NSX.",
"items": {
"$ref": "ALBControllerNodeVMDeploymentRequest"
},
"minItems": 1,
"required": true,
"title": "List of deployment requests",
"type": "array"
}
},
"title": "Info for AddALBControllerNodeVM",
"type": "object"
}
AddClusterNodeAction (type)
{
"id": "AddClusterNodeAction",
"module_id": "ClusterManagement",
"properties": {
"action": {
"enum": [
"add_cluster_node"
],
"readonly": false,
"required": true,
"type": "string"
}
},
"type": "object"
}
AddClusterNodeSpec (type)
{
"id": "AddClusterNodeSpec",
"module_id": "ClusterManagement",
"properties": {
"controller_role_config": {
"$ref": "AddControllerNodeSpec"
},
"display_name": {
"title": "Display name for the node",
"type": "string"
},
"external_id": {
"readonly": false,
"title": "External identifier of the node",
"type": "string"
},
"mgr_role_config": {
"$ref": "AddManagementNodeSpec"
}
},
"type": "object"
}
AddClusterNodeVMInfo (type)
{
"description": "Contains a list of cluster node VM deployment requests and optionally a clustering configuration.",
"id": "AddClusterNodeVMInfo",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"clustering_config": {
"$ref": "ClusteringConfig",
"deprecated": true,
"description": "This property is deprecated since ClusteringConfig is no longer needed for auto-installation and will be ignored if provided.",
"required": false,
"title": "Configuration for auto-clustering of VMs post-deployment"
},
"deployment_requests": {
"description": "Cluster node VM deployment requests to be deployed by the Manager.",
"items": {
"$ref": "ClusterNodeVMDeploymentRequest"
},
"minItems": 1,
"required": true,
"title": "List of deployment requests",
"type": "array"
}
},
"title": "Info for AddClusterNodeVM",
"type": "object"
}
AddControllerNodeSpec (type)
{
"additionalProperties": false,
"id": "AddControllerNodeSpec",
"module_id": "ClusterManagement",
"properties": {
"clustering_params": {
"$ref": "ClusteringInfo",
"description": "The details of the controller node required for cluster initialization or joining to an existing cluster. If this property is set, the node will be added to an existing cluster or used to create a new cluster. Otherwise no clustering operation/s will be performed.",
"required": false,
"title": "Clustering parameters for the node"
},
"control_plane_server_certificate": {
"deprecated": true,
"description": "Deprecated. Do not supply a value for this property.",
"type": "string"
},
"host_msg_client_info": {
"$ref": "MsgClientInfo",
"required": true
},
"mpa_msg_client_info": {
"$ref": "MsgClientInfo",
"required": true
},
"node_id": {
"description": "Only use this if an id for the node already exists with MP. If not specified, then the node_id will be set to a random id.",
"required": false,
"title": "Internal identifier of the node",
"type": "string"
},
"type": {
"enum": [
"AddControllerNodeSpec"
],
"readonly": false,
"required": true,
"title": "must be set to AddControllerNodeSpec",
"type": "string"
}
},
"type": "object"
}
AddIdsCustomSignatureActionParameter (type)
{
"additionalProperties": false,
"id": "AddIdsCustomSignatureActionParameter",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"action": {
"description": "Action to add custom signatures.",
"enum": [
"ADD_CUSTOM_SIGNATURES"
],
"required": true,
"title": "Action to add custom signatures",
"type": "string"
}
},
"title": "Action parameter to add custom signatures",
"type": "object"
}
AddManagementNodeSpec (type)
{
"additionalProperties": false,
"id": "AddManagementNodeSpec",
"module_id": "ClusterManagement",
"properties": {
"cert_thumbprint": {
"readonly": false,
"title": "The certificate thumbprint of the remote node.",
"type": "string"
},
"mpa_msg_client_info": {
"$ref": "MsgClientInfo"
},
"password": {
"readonly": false,
"required": true,
"sensitive": true,
"title": "The password to be used to authenticate with the remote node.",
"type": "secure_string"
},
"remote_address": {
"$ref": "IPAddress",
"readonly": false,
"required": true,
"title": "The host address of the remote node to which to send this join request."
},
"type": {
"enum": [
"AddManagementNodeSpec"
],
"readonly": false,
"required": true,
"title": "must be set to AddManagementNodeSpec",
"type": "string"
},
"user_name": {
"readonly": false,
"required": true,
"title": "The username to be used to authenticate with the remote node.",
"type": "string"
}
},
"type": "object"
}
AdditionalMetadata (type)
{
"additionalProperties": false,
"id": "AdditionalMetadata",
"module_id": "SecurityLicenseUsage",
"properties": {
"edge_number_of_edge_node_cpu_cores": {
"description": "Telemetry info about the 'edge_number_of_edge_node_cpu_cores'",
"readonly": true,
"title": "Number of Edge node cores",
"type": "string"
},
"host_number_of_host_node_cpu_cores": {
"description": "Telemetry info about the 'host_number_of_host_node_cpu_cores'",
"readonly": true,
"title": "Number of Host node cores",
"type": "string"
},
"intelligence_deployed": {
"description": "Telemetry info about the 'k8s_deployed'",
"readonly": true,
"title": "intelligence deployed",
"type": "string"
},
"license_edition_type": {
"description": "Telemetry info about the 'license_edition_type'",
"items": {
"type": "string"
},
"readonly": true,
"title": "license edition types",
"type": "array"
},
"license_key": {
"description": "Telemetry info about the 'license_key'",
"items": {
"type": "string"
},
"readonly": true,
"title": "license keys",
"type": "array"
},
"max_raw_core_count_per_host": {
"readonly": true,
"title": "Max raw cores count found on host.",
"type": "string"
},
"max_raw_core_count_per_socket": {
"readonly": true,
"title": "Max raw cores per socket count found on host.",
"type": "string"
},
"max_socket_count_per_host": {
"readonly": true,
"title": "Max socket count found on host.",
"type": "string"
},
"mps_number_of_dfw_ids_rules_with_custom_mps_profiles": {
"description": "Telemetry info about the 'mps_number_of_dfw_ids_rules_with_custom_mps_profiles'",
"readonly": true,
"title": "mps number of dfw ids rules with custom mps profiles",
"type": "string"
},
"mps_number_of_gateway_ids_rules_with_custom_mps_profiles": {
"description": "Telemetry info about the 'mps_number_of_gateway_ids_rules_with_custom_mps_profiles'",
"readonly": true,
"title": "mps number of gateway ids rules with custom mps profiles",
"type": "string"
},
"mps_total_number_of_profiles": {
"description": "Telemetry info about the 'mps_total_number_of_profiles'",
"readonly": true,
"title": "Total number of mps custom and default profiles.",
"type": "string"
},
"napp_appliance_version": {
"description": "Telemetry info about the 'napp_appliance_version'",
"readonly": true,
"title": "napp version",
"type": "string"
},
"nsx_deployment_id": {
"description": "Telemetry info about the 'deployment_id'",
"readonly": true,
"title": "deployment id",
"type": "string"
},
"nsx_manager_version": {
"description": "Telemetry info about the 'version'",
"readonly": true,
"title": "nsx manager version",
"type": "string"
},
"nsx_site_id": {
"description": "NSX default site id.",
"readonly": true,
"title": "nsx site id",
"type": "string"
},
"nta_enabled": {
"description": "true if value of any one of \"nta_detectorstate_*\" events in SSP telemetry is enabled. Does not show if unable to get events.",
"readonly": true,
"required": false,
"title": "nta enabled",
"type": "string"
},
"num_edge_baremetal_at_minimum_cores": {
"readonly": true,
"title": "Number of edge baremetals cores between 8-24 cores.",
"type": "string"
},
"num_edge_baremetal_at_recommended_cores": {
"readonly": true,
"title": "Number of edge baremetals cores between 25-80 cores.",
"type": "string"
},
"num_edge_large_factor": {
"readonly": true,
"title": "Number of edges with 8 cores.",
"type": "string"
},
"num_edge_medium_factor": {
"readonly": true,
"title": "Number of edges with 4 cores.",
"type": "string"
},
"num_edge_small_factor": {
"readonly": true,
"title": "Number of edges with 2 cores.",
"type": "string"
},
"num_edge_xlarge_factor": {
"readonly": true,
"title": "Number of edges with 16 cores.",
"type": "string"
},
"number_of_dfw_rules": {
"description": "Telemetry info about the 'number_of_dfw_rules'",
"readonly": true,
"title": "number of dfw rules",
"type": "string"
},
"number_of_firewall_rules": {
"description": "Telemetry info about the 'number_of_firewall_rules'",
"readonly": true,
"title": "number of firewall rules",
"type": "string"
},
"number_of_ids_gateway_rules": {
"description": "Telemetry info about the 'number_of_ids_gateway_rules'",
"readonly": true,
"title": "number of ids gateway rules",
"type": "string"
},
"number_of_ids_security_policies": {
"description": "Telemetry info about the 'number_of_ids_security_policies'",
"readonly": true,
"title": "number of ids security policies",
"type": "string"
},
"number_of_nsgroups": {
"description": "Telemetry info about the 'number_of_nsgroup'",
"readonly": true,
"title": "number of NSGroup",
"type": "string"
},
"number_of_prepared_hosts": {
"description": "Telemetry info about the 'number_of_prepared_hosts'",
"readonly": true,
"title": "number of prepared hosts",
"type": "string"
},
"number_of_tier_0_gateways": {
"description": "Telemetry info about the 'tier0_gateways'",
"readonly": true,
"title": "number of tier 0 gateways",
"type": "string"
},
"number_of_tier_1_gateways": {
"description": "Telemetry info about the 'tier1_gateways'",
"readonly": true,
"title": "count of number of vms used by this feature",
"type": "string"
},
"number_of_virtual_machines": {
"description": "Telemetry info about the 'number_of_virtual_machines'",
"readonly": true,
"title": "number of virtual machines",
"type": "string"
},
"recommendation_sessions_total": {
"description": "Telemetry info about the 'recommendation_sessions_total'",
"readonly": true,
"title": "recommendation sessions total",
"type": "string"
},
"total_firewall_ipfix_profiles": {
"description": "Telemetry info about the 'total_firewall_ipfix_profiles'",
"readonly": true,
"title": "total firewall ipfix profiles",
"type": "string"
}
},
"type": "object"
}
AdditionalSearchParameters (type)
{
"additionalProperties": false,
"description": "This object presents additional search capabilities over any API through free text query string. e.g. query=\"Web-VM-1\".",
"experimental": true,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "AdditionalSearchParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"dsl": {
"description": "It's human readable and context-based query language for retreiving information from search indices. For example: Find router where ip is 10.10.1.10",
"required": false,
"title": "Search DSL (domain specific language) query",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"query": {
"required": false,
"title": "Search query",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Represents search object that provides additional search capabilities",
"type": "object"
}
AddressBindingEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "An address binding entry is a combination of the IP-MAC-VLAN binding for a logical port. The address bindings can be obtained via various methods like ARP snooping, DHCP snooping etc. or by user configuration.",
"id": "AddressBindingEntry",
"module_id": "LogicalPort",
"properties": {
"binding": {
"$ref": "PacketAddressClassifier",
"title": "Combination of IP-MAC-VLAN binding"
},
"binding_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp at which the binding was discovered via snooping or manually specified by the user",
"title": "Timestamp of binding"
},
"source": {
"$ref": "AddressBindingSource",
"default": "UNKNOWN",
"description": "Source from which the address binding entry was obtained",
"title": "Address binding source"
}
},
"title": "Combination of IP-MAC-VLAN binding",
"type": "object"
}
AddressBindingSource (type) (Deprecated)
{
"deprecated": true,
"enum": [
"INVALID",
"UNKNOWN",
"USER_DEFINED",
"ARP_SNOOPING",
"DHCP_SNOOPING",
"VM_TOOLS",
"ND_SNOOPING",
"DHCPV6_SNOOPING",
"VM_TOOLS_V6"
],
"id": "AddressBindingSource",
"module_id": "LogicalPort",
"title": "Source from which the address binding is obtained",
"type": "string"
}
AddressFamilyType (type)
{
"additionalProperties": false,
"enum": [
"IPV4_UNICAST",
"VPNV4_UNICAST",
"IPV6_UNICAST",
"L2VPN_EVPN"
],
"id": "AddressFamilyType",
"module_id": "Routing",
"title": "Type of Address Family",
"type": "string"
}
Addresses (type)
{
"additionalProperties": false,
"id": "Addresses",
"module_id": "PolicyVpcSubnetStatistics",
"properties": {
"ip": {
"$ref": "IPAddress",
"required": true
},
"mac": {
"$ref": "MACAddress",
"required": true
}
},
"title": "IP and MAC address",
"type": "object"
}
AdvanceClusterRestoreInput (type)
{
"id": "AdvanceClusterRestoreInput",
"module_id": "ClusterRestore",
"properties": {
"id": {
"readonly": true,
"required": true,
"title": "Unique id of an instruction (as returned by the GET /restore/status\ncall) for which input is to be provided\n",
"type": "string"
},
"resources": {
"items": {
"$ref": "SelectableResourceReference"
},
"required": true,
"title": "List of resources for which the instruction is applicable.",
"type": "array"
}
},
"type": "object"
}
AdvanceClusterRestoreRequest (type)
{
"id": "AdvanceClusterRestoreRequest",
"module_id": "ClusterRestore",
"properties": {
"data": {
"items": {
"$ref": "AdvanceClusterRestoreInput"
},
"required": true,
"title": "List of instructions and their associated data",
"type": "array"
}
},
"type": "object"
}
AdvanceServiceConfig (type)
{
"additionalProperties": false,
"description": "Contain optional configuration for deployment.",
"id": "AdvanceServiceConfig",
"module_id": "PolicyCloudNative",
"properties": {
"kubectl_tool": {
"desciption": "Filename of uploaded Kubernetes tools. Advanced\nconfiguraion option on UI has option to deploy\nKubernetes tools. User need to get this file from\nVMware website. File will contain kubectl binary,\nhelm binary and signature to verify them.\n",
"readonly": true,
"title": "Filename of uploaded Kubernetes tools",
"type": "string"
},
"messaging_service_name": {
"description": "FQDN to access kafka messaging service pod.",
"title": "Messaging service FQDN",
"type": "string"
},
"service_name": {
"description": "FQDN to access deployment pod.",
"title": "Service FQDN",
"type": "string"
}
},
"title": "Advanced deployment configuration",
"type": "object"
}
AdvancedConfig (type)
{
"extends": {
"$ref": "HighPerformanceConfig"
},
"id": "AdvancedConfig",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ADV_CONFIG"
},
"properties": {
"high_performance_config_params": {
"items": {
"$ref": "HighPerformanceConfigParams"
},
"title": "List of parameters that could be used to configure high performance.",
"type": "array"
},
"high_performance_config_type": {
"enum": [
"ADV_CONFIG",
"DRIVER_CONFIG",
"MISC_CONFIG"
],
"required": true,
"title": "The specific type of config.",
"type": "string"
},
"version": {
"items": {
"type": "string"
},
"required": false,
"title": "Based on the high_performance_config_type, it could\nbe either driver version or host version. For\nhigh_performance_config_type as ADV_CONFIG or MISC_CONFIG,\nthis represents host version. For high_performance_config_type\nas DRIVER_CONFIG, this represents physical NIC driver version.\n",
"type": "array"
}
},
"title": "These are advanced configuration options.",
"type": "object"
}
AdvertiseRule (type)
{
"additionalProperties": false,
"id": "AdvertiseRule",
"module_id": "Routing",
"properties": {
"action": {
"default": "ALLOW",
"description": "ALLOW action enables the advertisment and DENY action disables the advertisement of a filtered routes to the connected TIER0 router.",
"enum": [
"DENY",
"ALLOW"
],
"required": false,
"title": "Action to ALLOW or DENY advertisement of routes",
"type": "string"
},
"description": {
"maxLength": 1024,
"required": false,
"title": "Description",
"type": "string"
},
"display_name": {
"maxLength": 255,
"required": false,
"title": "Display name",
"type": "string"
},
"networks": {
"items": {
"$ref": "IPCIDRBlock"
},
"required": true,
"title": "network(CIDR) to be routed",
"type": "array"
},
"rule_filter": {
"$ref": "AdvertisementRuleFilter",
"required": false,
"title": "Rule filter for the advertise rule"
}
},
"type": "object"
}
AdvertiseRuleList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "AdvertiseRuleList",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rules": {
"default": [],
"items": {
"$ref": "AdvertiseRule"
},
"minItems": 0,
"required": false,
"title": "List of advertisement rules",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AdvertisedNetworkCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord"
},
"id": "AdvertisedNetworkCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"network": {
"description": "Advertised network address.",
"readonly": true,
"required": true,
"title": "Advertised Network",
"type": "string"
},
"rule_filter_type": {
"description": "Advertised rule filter type",
"readonly": true,
"required": false,
"title": "Advertised rule filter type",
"type": "string"
},
"status": {
"description": "advertisement status of network to connected gateway SUCCESS - network route successfully plumbed on target gateway DENIED_BY_TARGET_GATEWAY - network denied by target gateway because of in filter rules or missing inter vrf config",
"readonly": true,
"required": false,
"title": "Advertisement status of network",
"type": "string"
}
},
"type": "object"
}
AdvertisedNetworksListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "AdvertisedNetworksListRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Advertised networks list parameters",
"type": "object"
}
AdvertisementConfig (type)
{
"additionalProperties": false,
"description": "Advertisement config for different types of routes which need to be advertised from TIER1 logical router to the linked TIER0 logical router",
"extends": {
"$ref": "ManagedResource"
},
"id": "AdvertisementConfig",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advertise_dns_forwarder": {
"default": false,
"description": "Flag to advertise all routes of dns forwarder listener ips and source ips",
"required": false,
"title": "Advertise dns forwarder ips",
"type": "boolean"
},
"advertise_ipsec_local_ip": {
"default": false,
"description": "Flag to advertise all IPSec VPN local endpoint ips to linked TIER0 logical router",
"required": false,
"title": "Advertise IPSec VPN local endpoint ips",
"type": "boolean"
},
"advertise_lb_snat_ip": {
"default": false,
"description": "Flag to advertise all lb SNAT ips",
"required": false,
"title": "Advertise lb SNAT ips",
"type": "boolean"
},
"advertise_lb_vip": {
"default": false,
"description": "Flag to advertise lb vip ips",
"required": false,
"title": "Advertise lb vip ips",
"type": "boolean"
},
"advertise_nat_routes": {
"default": false,
"description": "Flag to advertise all routes of nat",
"required": false,
"title": "Advertise NAT routes",
"type": "boolean"
},
"advertise_nsx_connected_routes": {
"default": false,
"description": "Flag to advertise all connected routes",
"required": false,
"title": "Advertise connected routes",
"type": "boolean"
},
"advertise_static_routes": {
"default": false,
"description": "Flag to advertise all static routes",
"required": false,
"title": "Advertise static routes",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Flag to enable this configuration",
"required": false,
"title": "Enable advertisement",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"description": "TIER1 logical router id on which to enable this configuration",
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Advertisement config",
"type": "object"
}
AdvertisementRuleFilter (type)
{
"additionalProperties": false,
"description": "To filter the routes advertised by the TIER1 LR to TIER0 LR. Filtering will be based on the type of route and the prefix operator configured.",
"id": "AdvertisementRuleFilter",
"module_id": "Routing",
"properties": {
"match_route_types": {
"items": {
"$ref": "AdvertisementRuleFilterRouteType"
},
"minItems": 1,
"required": true,
"title": "Array of route types to filter routes",
"type": "array"
},
"prefix_operator": {
"default": "GE",
"description": "GE prefix operator filters all the routes having network subset of any of the networks configured in Advertise rule. EQ prefix operator filter all the routes having network equal to any of the network configured in Advertise rule.",
"enum": [
"GE",
"EQ"
],
"required": true,
"title": "Prefix operator to apply on networks",
"type": "string"
}
},
"type": "object"
}
AdvertisementRuleFilterRouteType (type)
{
"additionalProperties": false,
"description": "Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised.",
"enum": [
"ANY",
"STATIC",
"T1_STATIC",
"NSX_CONNECTED",
"T1_CONNECTED",
"T1_NAT",
"T1_LB_VIP",
"T1_LB_SNAT",
"T1_DNSFORWARDER",
"T1_IPSEC_LOCAL_IP"
],
"id": "AdvertisementRuleFilterRouteType",
"module_id": "Routing",
"title": "Route types to filter TIER1 LR advertised routes",
"type": "string"
}
AgentResource (type)
{
"id": "AgentResource",
"module_id": "Heatmap",
"properties": {
"cpu_usage": {
"description": "The Agent's share of the elapsed CPU time since the last screen update, expressed as a percentage of total CPU time.",
"title": "CPU Usage",
"type": "number"
},
"memory_total": {
"description": "Total available memory in kilobytes.",
"title": "Total available memory",
"type": "integer"
},
"memory_used": {
"description": "Used memory in kilobytes.",
"title": "Used memory",
"type": "integer"
}
},
"type": "object"
}
AgentStatus (type)
{
"id": "AgentStatus",
"module_id": "Heatmap",
"properties": {
"components": {
"description": "List of agent subcomponent statuses",
"items": {
"$ref": "AgentSubStatus"
},
"title": "agent subcomponent statuses",
"type": "array"
},
"health_metrics": {
"description": "Periodically collected critical health metrics.",
"items": {
"$ref": "ComponentHealthMetric"
},
"title": "Health metrics of components",
"type": "array"
},
"last_status_changed_time": {
"$ref": "EpochMsTimestamp",
"title": "Timestamp of the last status change, in epoch milliseconds"
},
"name": {
"enum": [
"NSX_AGENT",
"NSX_OPSAGENT",
"NSX_CFGAGENT",
"NSX_NESTDB",
"NSX_EXPORTER",
"NSX_VDPI",
"NSX_VDL2",
"NSX_SWSEC",
"NSX_OBSRV",
"NSX_KCP",
"NSX_FC",
"NSX_VSWITCH",
"NSX_VDR",
"NSX_ENS",
"NSX_PROXY",
"NSX_PLATFORM_CLIENT",
"NSX_SHA"
],
"title": "Agent name",
"type": "string"
},
"resource_usage": {
"$ref": "AgentResource",
"description": "Periodically collected critical resource usage including memory usage.",
"title": "Resource usage of this agent"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN",
"DEGRADED"
],
"title": "Agent status",
"type": "string"
},
"status_description": {
"description": "Describe what makes the status not UP",
"title": "Status description",
"type": "string"
}
},
"type": "object"
}
AgentStatusCount (type)
{
"additionalProperties": false,
"id": "AgentStatusCount",
"module_id": "Heatmap",
"properties": {
"agents": {
"description": "List of agent statuses belonging to the transport node",
"items": {
"$ref": "AgentStatus"
},
"title": "NSX agents status",
"type": "array"
},
"degraded_count": {
"title": "Degraded count",
"type": "int"
},
"down_count": {
"title": "Down count",
"type": "int"
},
"last_status_changed_time": {
"$ref": "EpochMsTimestamp",
"title": "Timestamp of the last status change, in epoch milliseconds"
},
"smartnic_agents": {
"description": "List of Smartnic agent statuses",
"items": {
"$ref": "SmartnicAgentStatus"
},
"title": "NSX smartnic agents status",
"type": "array"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN",
"DEGRADED"
],
"title": "Roll-up agent status",
"type": "string"
},
"up_count": {
"title": "Up count",
"type": "int"
}
},
"type": "object"
}
AgentSubStatus (type)
{
"id": "AgentSubStatus",
"module_id": "Heatmap",
"properties": {
"name": {
"title": "Agent subcomponent name",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"title": "Agent subcomponent status",
"type": "string"
},
"status_description": {
"description": "Describe what makes the status not UP",
"title": "Status description",
"type": "string"
}
},
"type": "object"
}
AggregateDNSForwarderStatistics (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder statistics across enforcement points.",
"id": "AggregateDNSForwarderStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
},
"statistics_per_enforcement_point": {
"description": "List of DNS forwarder statistics per enforcement point.",
"items": {
"$ref": "DNSForwarderStatisticsPerEnforcementPoint"
},
"readonly": true,
"title": "List of DNS forwarder statistics per enforcement point",
"type": "array"
}
},
"title": "Aggregate of DNS forwarder statistics",
"type": "object"
}
AggregateDNSForwarderStatus (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder status across enforcement points.",
"id": "AggregateDNSForwarderStatus",
"module_id": "PolicyDNSStatistics",
"properties": {
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
},
"status_per_enforcement_point": {
"description": "List of DNS forwarder status per enforcement point.",
"items": {
"$ref": "DNSForwarderStatusPerEnforcementPoint"
},
"readonly": true,
"title": "List of DNS forwarder status per enforcement point",
"type": "array"
}
},
"title": "Aggregate of DNS forwarder status",
"type": "object"
}
AggregateIPSecVpnSessionStatistics (type)
{
"additionalProperties": false,
"description": "Provides the following details for an IPSec VPN session across all enforcement points: - Aggregated statistics of all IPSec tunnels. - Aggregated statistics of all IPSec tunnels under a policy. - Individual tunnel statistics under a policy. - Alarm information details. - VPN session name. - IKE status summary. Note: IKE traffic statistics are not supported.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateIPSecVpnSessionStatistics",
"module_id": "PolicyVpnStats",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "For every enforcement point, it lists the aggregated IPSec tunnel statistics, policy statistics, IKE status summary, VPN session name and any associated alarm details.",
"items": {
"$ref": "IPSecVpnSessionStatisticsPerEP",
"title": "IPSec VPN Session Statistics per Enforcement Point"
},
"readonly": true,
"title": "List of IPSec VPN session statistics per enforcement point",
"type": "array"
}
},
"title": "Aggregate of IPSec VPN session statistics",
"type": "object"
}
AggregateIPSecVpnSessionStatus (type)
{
"additionalProperties": false,
"description": "Aggregate of IPSec VPN Session Status across Enforcement Points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateIPSecVpnSessionStatus",
"module_id": "PolicyVpnStats",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "List of IPSec VPN Session Status per Enforcement Point.",
"items": {
"$ref": "IPSecVpnSessionStatusPerEP",
"title": "IPSec VPN Session Status per Enforcement Point"
},
"readonly": true,
"title": "List of IPSec VPN Session Status per Enforcement Point",
"type": "array"
}
},
"title": "Aggregate of IPSec VPN Session Status",
"type": "object"
}
AggregateL2VPNSessionPeerConfig (type)
{
"additionalProperties": false,
"description": "Aggregate of L2VPN Session peer config across Enforcement Points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateL2VPNSessionPeerConfig",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "List of L2VPN Session peer config per Enforcement Point.",
"items": {
"$ref": "L2VPNSessionPeerConfigPerEP"
},
"readonly": true,
"title": "List of L2VPN Session Peer config per Enforcement Point",
"type": "array"
}
},
"title": "Aggregate of L2VPN Session Peer Config",
"type": "object"
}
AggregateL2VPNSessionStatistics (type)
{
"additionalProperties": false,
"description": "Provides the following details for L2VPN sessions across all enforcement points: - Traffic statistics of an L2VPN tunnel. - Traffic statistics of all L2VPN stretched segment ports. - Alarm information details. - L2VPN session name.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateL2VPNSessionStatistics",
"module_id": "PolicyVpnStats",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "For every enforcement point, it lists the VPN session name, alarm details, and statistics of L2VPN tunnels and L2VPN segments.",
"items": {
"$ref": "L2VPNSessionStatisticsPerEP",
"title": "L2VPN Session Statistics per Enforcement Point"
},
"readonly": true,
"title": "List of L2VPN session statistics per enforcement point",
"type": "array"
}
},
"title": "Aggregate of L2VPN session statistics",
"type": "object"
}
AggregateL2VPNSessionStatus (type)
{
"additionalProperties": false,
"description": "Aggregate of L2VPN Session Status across Enforcement Points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateL2VPNSessionStatus",
"module_id": "PolicyVpnStats",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "List of L2VPN Session Status per Enforcement Point.",
"items": {
"$ref": "L2VPNSessionStatusPerEP",
"title": "L2VPN Session Status per Enforcement Point"
},
"readonly": true,
"title": "List of L2VPN Session Status per Enforcement Point",
"type": "array"
}
},
"title": "Aggregate of L2VPN Session Status",
"type": "object"
}
AggregateL2VpnSessionRemoteMac (type)
{
"additionalProperties": false,
"description": "Aggregate of L2Vpn session remote mac across enforcement points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateL2VpnSessionRemoteMac",
"module_id": "PolicyVPNStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"l2vpn_session_remote_macs": {
"descripton": "List of L2Vpn session remote mac per Enforcement Point.\n",
"items": {
"$ref": "L2VpnSessionRemoteMacPerEP"
},
"readonly": true,
"title": "List of L2Vpn Session remote mac",
"type": "array"
}
},
"title": "Aggregate of L2Vpn Session Remote Mac",
"type": "object"
}
AggregateLBNodeCapacitySummary (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBNodeCapacitySummary",
"module_id": "PolicyVpcLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBNodeCapacitySummary list results.",
"items": {
"$ref": "LBNodeCapacitySummary",
"title": "LBNodeCapacitySummary"
},
"readonly": true,
"title": "LBNodeCapacitySummary list results",
"type": "array"
}
},
"title": "Aggregate of LBNodeCapacitySummary across Enforcement Points.",
"type": "object"
}
AggregateLBNodeUsageSummary (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBNodeUsageSummary",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBNodeUsageSummary list results.",
"items": {
"$ref": "LBNodeUsageSummary",
"title": "LBNodeUsageSummary"
},
"readonly": true,
"title": "LBNodeUsageSummary list results",
"type": "array"
}
},
"title": "Aggregate of LBNodeUsageSummary across Enforcement Points.",
"type": "object"
}
AggregateLBPoolStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBPoolStatistics",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBPoolStatisticsPerEP list results.",
"items": {
"$ref": "LBPoolStatisticsPerEP",
"title": "LBPoolStatisticsPerEP"
},
"readonly": true,
"title": "LBPoolStatisticsPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBPoolStatisticsPerEP",
"type": "object"
}
AggregateLBPoolStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBPoolStatus",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBPoolStatusPerEP list results.",
"items": {
"$ref": "LBPoolStatusPerEP",
"title": "LBPoolStatusPerEP"
},
"readonly": true,
"title": "LBPoolStatusPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBPoolStatusPerEP",
"type": "object"
}
AggregateLBServiceStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBServiceStatistics",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBServiceStatisticsPerEP list results.",
"items": {
"$ref": "LBServiceStatisticsPerEP",
"title": "LBServiceStatisticsPerEP"
},
"readonly": true,
"title": "LBServiceStatisticsPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBServiceStatisticsPerEP",
"type": "object"
}
AggregateLBServiceStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBServiceStatus",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBServiceStatusPerEP list results.",
"items": {
"$ref": "LBServiceStatusPerEP",
"title": "LBServiceStatusPerEP"
},
"readonly": true,
"title": "LBServiceStatusPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBServiceStatusPerEP",
"type": "object"
}
AggregateLBServiceUsage (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBServiceUsage",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBServiceUsagePerEP list results.",
"items": {
"$ref": "LBServiceUsagePerEP",
"title": "LBServiceUsagePerEP"
},
"readonly": true,
"title": "LBServiceUsagePerEP list results",
"type": "array"
}
},
"title": "Aggregate of LBServiceUsagePerEP across Enforcement Points.",
"type": "object"
}
AggregateLBVirtualServerStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBVirtualServerStatistics",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBVirtualServerStatisticsPerEP list results.",
"items": {
"$ref": "LBVirtualServerStatisticsPerEP",
"title": "LBVirtualServerStatisticsPerEP"
},
"readonly": true,
"title": "LBVirtualServerStatisticsPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBVirtualServerStatisticsPerEP",
"type": "object"
}
AggregateLBVirtualServerStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "AggregateLBVirtualServerStatus",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBVirtualServerStatusPerEP list results.",
"items": {
"$ref": "LBVirtualServerStatusPerEP",
"title": "LBVirtualServerStatusPerEP"
},
"readonly": true,
"title": "LBVirtualServerStatusPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBVirtualServerStatusPerEP",
"type": "object"
}
AggregatePolicyDnsAnswer (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder nslookup answer across enforcement points.",
"id": "AggregatePolicyDnsAnswer",
"module_id": "PolicyDnsForwarder",
"properties": {
"dns_answer_per_enforcement_point": {
"description": "List of DNS forwarder nslookup answer per enforcement point.",
"items": {
"$ref": "PolicyDnsAnswerPerEnforcementPoint"
},
"readonly": true,
"title": "List of DNS forwarder nslookup answer per enforcement point",
"type": "array"
},
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
}
},
"title": "Aggregate of DNS forwarder nslookup answer",
"type": "object"
}
AggregatePolicyRuntimeInfo (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Aggregate of PolicyRuntimeInfoPerEP across Enforcement Points.",
"id": "AggregatePolicyRuntimeInfo",
"module_id": "PolicyBaseStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
}
},
"title": "Aggregate of PolicyRuntimeInfoPerEP",
"type": "object"
}
AggregateTunnelTrafficStatistics (type)
{
"description": "Provides aggregated traffic statistics of a given tunnel resource type.",
"id": "AggregateTunnelTrafficStatistics",
"module_id": "PolicyConnectivityStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "GreTunnelAggregateTrafficStatistics - Resource type as GreTunnelAggregateTrafficStatistics will be used to populate P2P GRE Aggregate Tunnel traffic statistics",
"enum": [
"GreTunnelAggregateTrafficStatistics"
],
"required": true,
"title": "Indicates Resource type of tunnel",
"type": "string"
}
},
"title": "Aggregate Tunnel Traffic Statistics object",
"type": "object"
}
AggregatedDataCounter (type)
{
"id": "AggregatedDataCounter",
"module_id": "AggSvcL2Types",
"properties": {
"rx_bytes": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter",
"readonly": true,
"required": false
}
},
"type": "object"
}
AggregatedDataCounterEx (type)
{
"extends": {
"$ref": "AggregatedDataCounter"
},
"id": "AggregatedDataCounterEx",
"module_id": "AggSvcL2Types",
"properties": {
"distributed_dhcp_server_packets": {
"$ref": "DistributedDhcpServerPackets",
"readonly": true,
"required": false
},
"dropped_by_firewall_packets": {
"$ref": "DfwDropCounters",
"readonly": true,
"required": false
},
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity",
"readonly": true,
"required": false
},
"mac_learning": {
"$ref": "MacLearningCounters",
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter",
"readonly": true,
"required": false
}
},
"type": "object"
}
AggregatedFeatureDetailListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "AggregatedFeatureDetailListResult",
"module_id": "PolicyFeatureFlags",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AggregatedFeatureStateDetails"
},
"required": true,
"title": "AggregatedFeatureStateDetail list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of AggregatedFeatureStateDetail",
"type": "object"
}
AggregatedFeatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "AggregatedFeatureListResult",
"module_id": "PolicyFeatureFlags",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AggregatedFeatureState"
},
"required": true,
"title": "AggregatedFeatureState list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of AggregatedFeatureState",
"type": "object"
}
AggregatedFeatureState (type)
{
"additionalProperties": false,
"description": "Feature state aggregating both feature flag and license information",
"id": "AggregatedFeatureState",
"module_id": "PolicyFeatureFlags",
"properties": {
"feature_name": {
"required": true,
"title": "feature name",
"type": "string"
},
"state": {
"enum": [
"INCOMPATIBLE",
"DISABLED_AND_UNLICENSED",
"ENABLED_ONLY",
"LICENSED_ONLY",
"ENABLED_AND_LICENSED"
],
"required": true,
"title": "Aggregated feature state",
"type": "string"
}
},
"title": "Aggregated Feature State",
"type": "object"
}
AggregatedFeatureStateDetails (type)
{
"additionalProperties": false,
"description": "Feature state aggregating both feature flag and license information including API details",
"id": "AggregatedFeatureStateDetails",
"module_id": "PolicyFeatureFlags",
"properties": {
"apis": {
"description": "The list of APIs included in the named feature",
"items": {
"type": "string"
},
"required": false,
"title": "APIs in feature",
"type": "array"
},
"attributes": {
"description": "The list of DTO attributes included in the named feature",
"items": {
"type": "string"
},
"required": false,
"title": "DTO attributes in feature",
"type": "array"
},
"enum_values": {
"description": "The list of DTO attribute enum values included in the named feature",
"items": {
"type": "string"
},
"required": false,
"title": "DTO attribute enums in feature",
"type": "array"
},
"feature_name": {
"required": true,
"title": "feature name",
"type": "string"
},
"state": {
"enum": [
"INCOMPATIBLE",
"DISABLED_AND_UNLICENSED",
"ENABLED_ONLY",
"LICENSED_ONLY",
"ENABLED_AND_LICENSED"
],
"required": true,
"title": "Aggregated feature state",
"type": "string"
}
},
"title": "Aggregated Feature State Details",
"type": "object"
}
AggregatedLogicalRouterPortCounters (type)
{
"description": "Provides the following aggregated information of the logical router ports: - <b>Incoming packet counters</b> on the logical router ports. It includes the total number of packets received, dropped, and the number of errors and failures causing the drops. The counters are from the time the logical router port was created. The interface statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node. - <b>Outgoing packet counters</b> on the logical router ports. It includes the total number of packets sent, dropped, and the number of errors and failures causing the drops. The counters are from the time logical router port was created. The logical router port statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node. - Some of the packet drop reasons include, the DAD (Duplicate Address Detection) status of the IP is not in ASSIGNED state, firewall rules, failed to fragment the packet, receive malformed packet, could not find route to destination, absence of the receiver, insufficient memory, incomplete ARP resolution of the next-hop, RPF check failure, failed to redirect packet to KNI interface, TTL exceeded, port does not have a linked peer port and and unsupported - destination, protocol or L4 port. - Some of the IPSec packet drop reasons include the missing security association or VTI interface. It also includes packets dropped due to policy lookup error or block policy. - Provides the total number of service-insertion, KNI, non-IP and IPv6 packets dropped.",
"id": "AggregatedLogicalRouterPortCounters",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"rx": {
"$ref": "LogicalRouterPortCounters",
"description": "Provides the aggregated incoming packet counters on the logical router port. It includes the total number of packets received, dropped, and the number of errors and failures causing the drops. The counters are from the time the logical router port was created. The statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node.",
"readonly": true,
"required": false,
"title": "Packets in statistics"
},
"tx": {
"$ref": "LogicalRouterPortCounters",
"description": "Provides the aggregated outcoming packet counters on the logical router port. It includes the total number of packets sent, dropped, and the number of errors and failures causing the drops. The counters are from the time the logical router port was created. The statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node.",
"readonly": true,
"required": false,
"title": "Packets out statistics"
}
},
"title": "Aggregate of logical router port statistics",
"type": "object"
}
Alarm (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "Alarm",
"module_id": "Monitoring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarm_source": {
"description": "If alarm_source_type = INTENT_PATH, this field will contain a list of intent paths for the entity that the event instance applies to. If alarm_source_type = ENTITY_ID, this field will contain a list with a single item identifying the entity id that the event instance applies to.",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Source identifying entity that the Event instance applies to\n",
"type": "array",
"uniqueItems": true
},
"alarm_source_type": {
"$ref": "AlarmSourceType",
"description": "Type of alarm source of the Event instance. Can be one of - INTENT_PATH, ENTITY_ID.",
"readonly": true,
"required": true,
"title": "Alarm Source type of the Event"
},
"description": {
"description": "Detailed description of Alarm. This is the same detailed description as the corresponding Event identified by feature_name.event_type.",
"readonly": true,
"required": true,
"title": "Detailed description of Alarm",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entity_id": {
"description": "The entity that the Event instance applies to. Note entity_id may not be included in a response body. For example, the cpu_high Event may not return an entity_id.",
"readonly": true,
"title": "The UUID of the entity that the Event instance applies to",
"type": "string"
},
"entity_resource_type": {
"description": "The entity type that the Event instance applies to.",
"readonly": true,
"title": "The type of entity that the Event instance applies to",
"type": "string"
},
"event_tags": {
"description": "Tags applicable to event, for example, INFRASTRUCTURE or INTELLIGENCE.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Tags applicable to the event",
"type": "array"
},
"event_type": {
"description": "Name of Event, e.g. manager_cpu_usage_high, certificate_expired.",
"readonly": true,
"required": true,
"title": "Name of event",
"type": "string"
},
"event_type_display_name": {
"description": "Display name of Event type.",
"readonly": true,
"required": true,
"title": "Display name of event type",
"type": "string"
},
"feature_display_name": {
"description": "Display name of feature defining this Event.",
"readonly": true,
"required": true,
"title": "Display name of feature",
"type": "string"
},
"feature_name": {
"description": "Feature defining this Event, e.g. manager_health, certificates.",
"readonly": true,
"required": true,
"title": "Feature defining this event",
"type": "string"
},
"id": {
"description": "ID that uniquely identifies an Alarm.",
"readonly": true,
"required": true,
"title": "ID that uniquely identifies an Alarm",
"type": "string"
},
"kb_article": {
"description": "KB article link that contains more information on this alarm and recommended actions. Users can refer to the specified link if needed.",
"readonly": true,
"title": "Link to knowledge base article",
"type": "string"
},
"last_reported_time": {
"$ref": "EpochMsTimestamp",
"description": "Indicates when the corresponding Event instance was last reported in milliseconds since epoch.",
"readonly": true,
"title": "Last reported time of event instance"
},
"node_display_name": {
"description": "Display name of node that the event instance applies to.",
"readonly": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"description": "The UUID of the node that the Event instance applies to.",
"readonly": true,
"required": true,
"title": "The UUID of the node that the Event instance applies to",
"type": "string"
},
"node_ip_addresses": {
"description": "IP addresses of node that the event instance applies to.",
"items": {
"type": "string"
},
"readonly": true,
"title": "IP addresses of node",
"type": "array"
},
"node_resource_type": {
"description": "The resource type of node that the Event instance applies to eg. ClusterNodeConfig, TransportNode.",
"readonly": true,
"title": "The resource type of node that the Event instance applies to",
"type": "string"
},
"recommended_action": {
"description": "Recommended action for Alarm. This is the same action as the corresponding Event identified by feature_name.event_type.",
"readonly": true,
"required": true,
"title": "Recommended action for Alarm",
"type": "string"
},
"reoccurrences_while_suppressed": {
"description": "The number of reoccurrences since this alarm has been SUPPRESSED.",
"readonly": true,
"title": "The number of reoccurrences since this alarm has been SUPPRESSED",
"type": "integer"
},
"resolved_by": {
"description": "User ID of the user that set the status value to RESOLVED. This value can be SYSTEM to indicate that the system resolved the Alarm, for example when the system determines CPU usage is no longer high and the cpu_high Alarm is no longer applicable. This property is only returned when the status value is RESOLVED.",
"readonly": true,
"title": "User ID of the user that set the status value to RESOLVED",
"type": "string"
},
"resolved_time": {
"$ref": "EpochMsTimestamp",
"description": "Indicates when the Alarm was resolved in milliseconds since epoch. This property is only returned when the status value is RESOLVED.",
"readonly": true,
"title": "Time when Alarm was resolved"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_data": {
"description": "Runtime data for Alarm. When an alarming condition occurs, there may be additional data of interest when triaging the underlying issue, for example, output from system commands captured at the time of the error. Note, the contents of this property are not localized.",
"readonly": true,
"title": "Runtime data for Alarm",
"type": "string"
},
"severity": {
"$ref": "MonitoringSeverity",
"description": "Severity of the Alarm.Can be one of - CRITICAL, HIGH, MEDIUM, LOW.",
"readonly": true,
"required": true,
"title": "Severity of the Alarm"
},
"status": {
"$ref": "MonitoringStatus",
"description": "Indicate the status which the Alarm is in.",
"required": true,
"title": "Status of the Alarm"
},
"summary": {
"description": "Summary description of Alarm. This is the same summary description as the corresponding Event identified by feature_name.event_type.",
"readonly": true,
"required": true,
"title": "Summary description of Alarm",
"type": "string"
},
"suppress_duration": {
"description": "The time period between suppress_start_time and suppress_start_time + suppress_duration (specified in hours) an Alarm is SUPPRESSED. This property is only returned when the status value is SUPPRESSED.",
"title": "Duration in hours for which an Alarm is SUPPRESSED",
"type": "integer"
},
"suppress_start_time": {
"$ref": "EpochMsTimestamp",
"description": "Indicates when the Alarm was suppressed in milliseconds since epoch. This property is only returned when the status value is SUPPRESSED.",
"readonly": true,
"title": "Time when Alarm was suppressed"
},
"suppressed_by": {
"description": "User ID of the user that set the status value to SUPPRESSED. This property is only returned when the status value is SUPPRESSED.",
"readonly": true,
"title": "User ID of the user that set the status value to SUPPRESSED",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AlarmFilterParameter (type)
{
"id": "AlarmFilterParameter",
"module_id": "Monitoring",
"properties": {
"after": {
"$ref": "EpochMsTimestamp",
"description": "Filter to fetch alarms after the specified time.",
"required": false,
"title": "Filter to fetch alarms after the specified time"
},
"before": {
"$ref": "EpochMsTimestamp",
"description": "Filter to fetch alarms before the specified time.",
"required": false,
"title": "Filter to fetch alarms before the specified time"
},
"cursor": {
"description": "Opaque cursor to be used for getting next page of records (supplied by current result page).",
"readonly": false,
"required": false,
"title": "Cursor for pagination",
"type": "string"
},
"event_tag": {
"description": "Specify tags for which alarms should be filtered, for example, INFRASTRUCTURE or INTELLIGENCE.",
"required": false,
"title": "Event tag",
"type": "string"
},
"event_type": {
"description": "Specify one or more event types for which alarms should be filtered.",
"required": false,
"title": "Event Type Filter",
"type": "string"
},
"feature_name": {
"description": "Specify one or more feature names for which alarms should be filtered.",
"required": false,
"title": "Feature Name",
"type": "string"
},
"id": {
"description": "Specify one or more alarm IDs for which alarms should be filtered.",
"required": false,
"title": "Alarm ID",
"type": "string"
},
"intent_path": {
"description": "Specify one or more intent paths for which alarms should be filtered.",
"required": false,
"title": "Intent Path for entity ID",
"type": "string"
},
"node_id": {
"description": "Specify one or more node IDs for which alarms should be filtered.",
"required": false,
"title": "Node ID",
"type": "string"
},
"node_resource_type": {
"description": "Specify one or more node resource types for which alarms should be filtered.",
"required": false,
"title": "Node Resource Type",
"type": "string"
},
"org": {
"description": "Specify Org ID for which alarms should be filtered.",
"required": false,
"title": "Org ID",
"type": "string"
},
"page_size": {
"description": "Maximum number of results to return in this page (server may return fewer).",
"required": false,
"title": "Page Size for pagination",
"type": "integer"
},
"project": {
"description": "Specify Project ID for which alarms should be filtered.",
"required": false,
"title": "Project ID",
"type": "string"
},
"severity": {
"description": "Specify one or more severity levels for which alarms should be filtered. Must be one of CRITICAL, HIGH, MEDIUM, LOW.",
"required": false,
"title": "Severity",
"type": "string"
},
"sort_ascending": {
"default": true,
"description": "If true, the value of the column are sorted in ascending order. Otherwise, in descending order.",
"required": false,
"title": "Represents order of sorting the values",
"type": "boolean"
},
"sort_by": {
"description": "Sorting on column is based on the sort_by. sort_by represents the field in the output data on which sort is requested.",
"required": false,
"title": "Key for sorting on this column",
"type": "string"
},
"status": {
"description": "Specify one or more status for which alarms should be filtered. Must be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED.",
"required": false,
"title": "Status",
"type": "string"
},
"vpc": {
"description": "Specify VPC ID for which alarms should be filtered.",
"required": false,
"title": "VPC ID",
"type": "string"
}
},
"title": "Parameters to filter alarms",
"type": "object"
}
AlarmSourceType (type)
{
"enum": [
"INTENT_PATH",
"ENTITY_ID",
"SYSTEM_ID"
],
"id": "AlarmSourceType",
"module_id": "Monitoring",
"type": "string"
}
AlarmStatusParameter (type)
{
"id": "AlarmStatusParameter",
"module_id": "Monitoring",
"properties": {
"new_status": {
"$ref": "MonitoringStatus",
"description": "Specify new alarm status for the alarm. Can be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED.",
"required": true,
"title": "Status"
},
"suppress_duration": {
"description": "Specify duration in hours for which Alarm should be suppressed.This value must be specified if the new_status is SUPPRESSED.",
"title": "Duration in hours for which Alarm should be suppressed",
"type": "integer"
}
},
"title": "Parameters to update status of alarm",
"type": "object"
}
AlarmsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "AlarmsListResult",
"module_id": "Monitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Alarm"
},
"readonly": true,
"title": "List of alarms known to the system",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
AlbControllerClusterRuntimeError (type)
{
"description": "Avi Load Balancer Controller cluster runtime error.",
"id": "AlbControllerClusterRuntimeError",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"error_code": {
"description": "Avi Load Balancer cluster runtime error code.",
"readonly": true,
"title": "Avi Load Balancer cluster runtime error code",
"type": "int"
},
"error_message": {
"description": "Avi Load Balancer cluster runtime error msg.",
"readonly": true,
"title": "Avi Load Balancer cluster runtime error msg",
"type": "string"
}
},
"title": "Avi Load Balancer Controller cluster runtime error",
"type": "object"
}
AlbControllerVsphereClusterNodeVmDeploymentConfig (type)
{
"description": "The vSphere deployment configuration determines where to deploy the Avi Load Balancer Controller node through a vCenter server. It contains settings that are applied during install time. If using DHCP, the following fields must be left unset - management_port_subnets, and default_gateway_addresses",
"extends": {
"$ref": "ALBControllerNodeVMDeploymentConfig"
},
"id": "AlbControllerVsphereClusterNodeVmDeploymentConfig",
"module_id": "PolicyALBControllerDeployment",
"polymorphic-type-descriptor": {
"type-identifier": "AlbControllerVsphereClusterNodeVmDeploymentConfig"
},
"properties": {
"compute_id": {
"description": "The Avi Load Balancer Controller node will be deployed on the specified cluster or resourcepool for specified VC server.",
"required": true,
"title": "Cluster identifier or resourcepool identifier",
"type": "string"
},
"default_gateway_addresses": {
"description": "The default gateway for the Avi Load Balancer Controller node to be deployed must be specified if all the other nodes it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use DHCP. Note: only single IPv4 default gateway address is supported and it must belong to management network.",
"items": {
"$ref": "IPAddress"
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Default gateway for the Avi Load Balancer Controller node",
"type": "array"
},
"disk_provisioning": {
"$ref": "DiskProvisioning",
"default": "THIN",
"description": "Specifies the disk provisioning type of the Avi Load Balancer Controller node.",
"required": false,
"title": "Disk provitioning type"
},
"display_name": {
"description": "Desired display name for Avi Load Balancer Controller node to be deployed.",
"required": false,
"title": "Avi Load Balancer Controller node display name",
"type": "string"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPv4Address"
},
"required": false,
"title": "DNS servers",
"type": "array"
},
"host_id": {
"description": "The Avi Load Balancer Controller node will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host.",
"required": false,
"title": "Host identifier",
"type": "string"
},
"hostname": {
"description": "Desired host name/FQDN for the Avi Load Balancer Controller node to be deployed.",
"format": "hostname-or-ip",
"required": true,
"title": "Host name or FQDN for the Avi Load Balancer Controller node",
"type": "string"
},
"management_network_id": {
"description": "Distributed portgroup identifier to which the management vnic of Avi Load Balancer Controller node will be connected.",
"required": true,
"title": "Portgroup identifier for management network connectivity",
"type": "string"
},
"management_port_subnets": {
"description": "IP Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use DHCP. Note: only one IPv4 address is supported for the management port.",
"items": {
"$ref": "IPSubnet"
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Port subnets for management port",
"type": "array"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPv4Address"
},
"required": false,
"title": "NTP servers",
"type": "array"
},
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the Avi Load Balancer Controller node.",
"enum": [
"AlbControllerVsphereClusterNodeVmDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
},
"storage_id": {
"description": "The Avi Load Balancer Controller node will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host.",
"required": true,
"title": "Storage/datastore identifier",
"type": "string"
},
"storage_policy_id": {
"description": "The Avi Controller cluster node will be deployed with the specified storage policy on the specified datastore in the specified VC server. User must ensure that the storage policy is applicable on the given datastore.",
"required": false,
"title": "Storage policy uuid",
"type": "string"
},
"vc_id": {
"description": "The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server.",
"required": true,
"title": "vSphere compute identifier for identifying VC server",
"type": "string"
}
},
"title": "Deployment config on the vSphere platform",
"type": "object"
}
AllClusterGroupStatus (type)
{
"additionalProperties": false,
"description": "A list of the statuses of all the groups in the cluster.",
"id": "AllClusterGroupStatus",
"module_id": "Cluster",
"properties": {
"cluster_id": {
"readonly": true,
"title": "UUID of the cluster",
"type": "string"
},
"groups": {
"items": {
"$ref": "ClusterGroupStatus"
},
"readonly": true,
"title": "Array of groups and their statuses",
"type": "array"
},
"overall_status": {
"enum": [
"STABLE",
"DEGRADED",
"UNAVAILABLE"
],
"readonly": true,
"title": "Overall status of the cluster",
"type": "string"
}
},
"title": "Status of all the cluster groups",
"type": "object"
}
AllIdsEventsRequestQueryParameters (type)
{
"description": "Represents the query parameters, such as the tenancy context, that the ids-events API accepts.",
"id": "AllIdsEventsRequestQueryParameters",
"module_id": "PolicyIDSMetrics",
"properties": {
"context": {
"$ref": "TenancyContextQueryParameter"
},
"enforcement_point_path": {
"$ref": "EnforcementPointPathQueryParameter"
}
},
"title": "Query parameters passed to the ids-events API",
"type": "object"
}
AllocatedByVpc (type)
{
"additionalProperties": false,
"id": "AllocatedByVpc",
"module_id": "PolicyVpcStatistics",
"properties": {
"access_mode": {
"readonly": true,
"title": "Access mode of VPC subnet",
"type": "string"
},
"count": {
"readonly": true,
"title": "Count of used resources by VPC on IP block",
"type": "integer"
},
"ip_addresses": {
"items": {
"$ref": "VpcIpAddress"
},
"readonly": true,
"type": "array"
},
"percentage_used": {
"readonly": true,
"title": "Percentage of used IP address resources by VPC",
"type": "string"
}
},
"title": "Allocated Resources on IP Block by VPC",
"type": "object"
}
AllocatedService (type)
{
"additionalProperties": false,
"id": "AllocatedService",
"module_id": "EdgeClusters",
"properties": {
"allocation_details": {
"description": "Additional properties of a service, say the sub_pool_size and sub_pool_type for a LoadBalancer.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"title": "Key-Value map of additional specific properties of services",
"type": "array"
},
"high_availability_status": {
"description": "Represents the active or the standby state of the service.",
"enum": [
"ACTIVE",
"STANDBY",
"DOWN",
"SYNC",
"UNKNOWN"
],
"readonly": true,
"title": "HA Status of the service context node",
"type": "string"
},
"service_reference": {
"$ref": "ResourceReference",
"readonly": true,
"required": true,
"title": "Id and Name of the service context configured on edge node."
}
},
"type": "object"
}
AllocationAction (type)
{
"additionalProperties": false,
"id": "AllocationAction",
"module_id": "Ipam",
"properties": {
"action": {
"enum": [
"ALLOCATE",
"RELEASE"
],
"readonly": false,
"required": true,
"title": "Specifies allocate or release action",
"type": "string"
}
},
"type": "object"
}
AllocationBasedOnFailureDomain (type)
{
"additionalProperties": false,
"description": "Auto place TIER1 logical routers, DHCP and MDProxy contexts on two edge nodes (active and standby) from different failure domains.",
"extends": {
"$ref": "AllocationRuleAction"
},
"id": "AllocationBasedOnFailureDomain",
"module_id": "EdgeClusters",
"polymorphic-type-descriptor": {
"type-identifier": "AllocationBasedOnFailureDomain"
},
"properties": {
"action_type": {
"$ref": "AllocationRuleActionType",
"description": "Set action for each allocation rule on edge cluster which will help in auto placement.",
"required": true,
"title": "Type of action for allocation rule"
},
"enabled": {
"default": false,
"description": "Enable placement algorithm to consider failure domain of edge transport nodes and place active and standby contexts in different failure domains.",
"required": false,
"title": "Flag to enable failure domain based allocation",
"type": "boolean"
}
},
"title": "Placement based on failure domain of edge node",
"type": "object"
}
AllocationIpAddress (type)
{
"additionalProperties": false,
"description": "Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.",
"extends": {
"$ref": "ManagedResource"
},
"id": "AllocationIpAddress",
"module_id": "Ipam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_id": {
"$ref": "IPAddress",
"readonly": true,
"title": "Address that is allocated from pool"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AllocationIpAddressListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "AllocationIpAddressListResult",
"module_id": "Ipam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AllocationIpAddress"
},
"required": true,
"title": "Pool allocation list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
AllocationPool (type)
{
"additionalProperties": false,
"id": "AllocationPool",
"module_id": "EdgeClusters",
"properties": {
"active_service_count": {
"description": "Represents the number of acitve services running on the edge node.",
"readonly": true,
"title": "Number of active services on edge node",
"type": "int"
},
"standby_service_count": {
"description": "Represents the number of standby services running on the edge node.",
"readonly": true,
"title": "Number of standby services on edge node",
"type": "int"
},
"sub_pools": {
"description": "Allocation details of sub-pools configured on edge node.",
"items": {
"$ref": "SubPool"
},
"title": "Edge node sub-pool allocation details",
"type": "array"
}
},
"type": "object"
}
AllocationPoolType (type)
{
"additionalProperties": false,
"enum": [
"LoadBalancerAllocationPool"
],
"id": "AllocationPoolType",
"module_id": "LogicalRouter",
"title": "Types of logical router allocation pool based on services",
"type": "string"
}
AllocationRule (type)
{
"additionalProperties": false,
"description": "Allocation rule on edge cluster which will be considered in auto placement of TIER1 logical routers, DHCP and MDProxy.",
"id": "AllocationRule",
"module_id": "EdgeClusters",
"properties": {
"action": {
"$ref": "AllocationRuleAction",
"description": "Set action for each allocation rule",
"required": true,
"title": "Action for allocation rule"
}
},
"title": "Allocation rule on edge cluster",
"type": "object"
}
AllocationRuleAction (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Define action for each allocation rule which added on edge cluster.",
"id": "AllocationRuleAction",
"module_id": "EdgeClusters",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "action_type"
},
"properties": {
"action_type": {
"$ref": "AllocationRuleActionType",
"description": "Set action for each allocation rule on edge cluster which will help in auto placement.",
"required": true,
"title": "Type of action for allocation rule"
}
},
"title": "Set action for allocation rule",
"type": "object"
}
AllocationRuleActionType (type)
{
"additionalProperties": false,
"description": "Set action for each allocation rule on edge cluster which will help in auto placement.",
"enum": [
"AllocationBasedOnFailureDomain"
],
"id": "AllocationRuleActionType",
"module_id": "EdgeClusters",
"title": "Type of action for allocation rule",
"type": "string"
}
AnalyticsMaintenanceMode (type)
{
"description": "Set Analytics agents to maintenance mode during cluster changes.",
"id": "AnalyticsMaintenanceMode",
"module_id": "AnalyticsAgent",
"properties": {
"agent_error_message": {
"description": "string describing the error",
"readonly": false,
"required": false,
"title": "Error if site cannot be found in Corfu",
"type": "string"
},
"enable": {
"description": "Activate/deactivate maintenance mode",
"readonly": false,
"required": true,
"title": "Boolean switch to activate/deactivate the AnalyticsAgent's maintenance mode",
"type": "boolean"
}
},
"title": "NSX+ Analytics Agent Maintenance Mode",
"type": "object"
}
AntreaAdapterStatus (type)
{
"additionalProperties": false,
"id": "AntreaAdapterStatus",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"conditions": {
"description": "Collection of adapter conditions.",
"items": {
"$ref": "ComponentConditionItem"
},
"readonly": true,
"title": "Adapter conditions",
"type": "array"
},
"status": {
"$ref": "ComponentStatus",
"description": "Indicate overall healthy status.",
"readonly": true,
"title": "Antrea adapter status"
}
},
"title": "Antrea adapter status",
"type": "object"
}
AntreaAgentsInfo (type)
{
"additionalProperties": false,
"id": "AntreaAgentsInfo",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"degraded_agent_num": {
"readonly": true,
"title": "The number of degraded agents",
"type": "int"
},
"failed_agent_num": {
"readonly": true,
"title": "The number of failed agents",
"type": "int"
},
"healthy_agent_num": {
"readonly": true,
"title": "The number of healthy agents",
"type": "int"
}
},
"title": "Antrea agents information",
"type": "object"
}
AntreaClusterInfo (type)
{
"additionalProperties": false,
"description": "Antrea cluster status info.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "AntreaClusterInfo",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"agent_info": {
"$ref": "AntreaAgentsInfo",
"readonly": true,
"title": "Antrea agent info"
},
"ccp_adapter_status": {
"$ref": "AntreaAdapterStatus",
"description": "Including component status and CCP_ADAPTER_ prefix conditions status.",
"readonly": true,
"title": "Antrea CCP adapter status"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"controller_status": {
"$ref": "AntreaControllerStatus",
"description": "Including component status, connected agent and CONTROLLER_ prefix conditions status.",
"readonly": true,
"title": "Antrea Controller status"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mp_adapter_status": {
"$ref": "AntreaAdapterStatus",
"description": "Including component status and MP_ADAPTER_ prefix conditions status.",
"readonly": true,
"title": "Antrea MP adapter status"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "ComponentStatus",
"readonly": true,
"title": "Roll-up status of components"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Antrea cluster info",
"type": "object"
}
AntreaClusterListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "AntreaClusterListRequestParameters",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Antrea cluster list request parameters",
"type": "object"
}
AntreaClusterListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Antrea Cluster list.",
"extends": {
"$ref": "ListResult"
},
"id": "AntreaClusterListResult",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AntreaClusterInfo"
},
"required": true,
"title": "Antrea cluster list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Antrea Cluster list",
"type": "object"
}
AntreaContainerClusterNode (type)
{
"id": "AntreaContainerClusterNode",
"properties": {
"cluster_id": {
"required": true,
"title": "The UUID of the container cluster",
"type": "string"
},
"nodes": {
"items": {
"type": "string"
},
"minItems": 1,
"title": "List of at most 200 container node UUIDs requiring a support bundle",
"type": "array"
}
},
"title": "Antrea container cluster and its nodes requiring a support bundle",
"type": "object"
}
AntreaControllerStatus (type)
{
"additionalProperties": false,
"description": "Antrea Controller status, including component status, connected agent and CONTROLLER_ prefix conditions status.",
"id": "AntreaControllerStatus",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"conditions": {
"description": "Collection of controller related conditions.",
"items": {
"$ref": "ComponentConditionItem"
},
"readonly": true,
"title": "Controller conditions",
"type": "array"
},
"connected_agent_num": {
"description": "If status is UNKNOWN, this number is meaningless.",
"readonly": true,
"title": "The number of connected agents",
"type": "int"
},
"status": {
"$ref": "ComponentStatus",
"description": "Indicate overall healthy status.",
"readonly": true,
"title": "Antrea Controller status"
}
},
"title": "Antrea Controller status",
"type": "object"
}
AntreaHeartbeatConfig (type)
{
"additionalProperties": false,
"description": "Antrea heartbeat configuration for interval time.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "AntreaHeartbeatConfig",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"report_interval": {
"default": 60,
"description": "If exceeding 3*report_interval, there is still no heartbeat, cluster status will be UNKNOWN.",
"maximum": 600,
"minimum": 60,
"required": true,
"title": "Report interval for Antrea heartbeat with NSX in seconds",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Antrea heartbeat configuration",
"type": "object"
}
AntreaHeartbeatConfigListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Antrea Cluster heartbeat config.",
"extends": {
"$ref": "ListResult"
},
"id": "AntreaHeartbeatConfigListResult",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of Antrea cluster heartbeat config.",
"items": {
"$ref": "AntreaHeartbeatConfig"
},
"required": true,
"title": "Antrea cluster heartbeat config list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Antrea Cluster heartbeat config list",
"type": "object"
}
AntreaSupportBundleContainerNode (type)
{
"additionalProperties": {},
"extends": {
"$ref": "SupportBundleContainerNode"
},
"id": "AntreaSupportBundleContainerNode",
"polymorphic-type-descriptor": {
"type-identifier": "ANTREA"
},
"properties": {
"clusters": {
"items": {
"$ref": "AntreaContainerClusterNode"
},
"minItems": 1,
"title": "List of AntreaContainerClusterNodes identifying container clusters and their nodes",
"type": "array"
},
"container_type": {
"enum": [
"ANTREA"
],
"required": true,
"title": "Support bundle container type",
"type": "string"
}
},
"type": "object"
}
AntreaTraceflowConfig (type)
{
"additionalProperties": false,
"description": "The configuration for Antrea traceflow.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "AntreaTraceflowConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"container_cluster_id": {
"description": "Container cluster ID in inventory. This property is used to identify multiple clusters under single NSX-T.",
"required": true,
"title": "Container cluster ID",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_external_id": {
"description": "Destination external id for Antrea traceflow. Must be ContainerApplicationInstance or ContainerApplication. Ignored if destination_ip provided in packet data.",
"required": false,
"title": "Destination external id",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_transient": {
"default": true,
"description": "This field indicates if intent is transient and will be cleaned up by the system if set to true.",
"required": false,
"title": "Marker to indicate if intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"packet": {
"$ref": "AntreaTraceflowPacketData",
"description": "Configuration of packet data.",
"required": false,
"title": "Packet configuration"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_external_id": {
"description": "Source external id for Antrea traceflow. Must be ContainerApplicationInstance external_id.",
"required": true,
"title": "Source external id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Antrea traceflow configuration",
"type": "object"
}
AntreaTraceflowConfigListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection for AntreaTraceflowConfigs.",
"extends": {
"$ref": "ListResult"
},
"id": "AntreaTraceflowConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AntreaTraceflowConfig"
},
"required": true,
"title": "AntreaTraceflowConfig list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of AntreaTraceflowConfigs",
"type": "object"
}
AntreaTraceflowIcmpEchoRequestHeader (type)
{
"description": "IcmpEchoRequest header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIcmpEchoRequestHeader",
"module_id": "PolicyConnectivity",
"properties": {
"id": {
"description": "Id of IcmpEchoRequest.",
"title": "IcmpEchoRequest id",
"type": "integer"
},
"sequence": {
"description": "Sequence number of IcmpEchoRequest.",
"title": "Icmp sequence",
"type": "integer"
}
},
"title": "IcmpEchoHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowIpHeader (type)
{
"description": "Ip header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstIp": {
"description": "Destination ip address in IpHeader.",
"title": "Destination ip",
"type": "string"
},
"flags": {
"description": "Protocol setting in IpHeader.",
"title": "Flags",
"type": "integer"
},
"protocol": {
"description": "Protocol setting in IpHeader.",
"title": "Protocol",
"type": "integer"
},
"srcIp": {
"description": "Source ip address in IpHeader.",
"title": "Source ip",
"type": "string"
},
"ttl": {
"description": "TTL value in IpHeader. Default is 64.",
"title": "Time to live",
"type": "integer"
}
},
"title": "IpHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowIpv6Header (type)
{
"description": "Ipv6 header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIpv6Header",
"module_id": "PolicyConnectivity",
"properties": {
"dstIp": {
"description": "Destination ip address in Ipv6Header.",
"title": "Destination ip",
"type": "string"
},
"hopLimit": {
"description": "Hop limit setting in Ipv6Header.",
"title": "Hop limit",
"type": "integer"
},
"nextHeader": {
"description": "Next header setting in Ipv6Header.",
"title": "Next header",
"type": "integer"
},
"srcIp": {
"description": "Source ip address in Ipv6Header.",
"title": "Source ip",
"type": "string"
}
},
"title": "Ipv6Header for Antrea traceflow",
"type": "object"
}
AntreaTraceflowObservation (type)
{
"additionalProperties": false,
"description": "Observation result for Antrea traceflow.",
"id": "AntreaTraceflowObservation",
"module_id": "PolicyConnectivity",
"properties": {
"component_type": {
"description": "The type of component.",
"enum": [
"UNKNOWN",
"ANTREA_SPOOFGUARD",
"ANTREA_LB",
"ANTREA_ROUTING",
"ANTREA_DFW",
"ANTREA_FORWARDING"
],
"readonly": true,
"required": false,
"title": "The component type",
"type": "string"
},
"container_node_id": {
"description": "UID of the container node that observed a traceflow packet.",
"readonly": true,
"required": false,
"title": "Container node UID",
"type": "string"
},
"observation_type": {
"description": "The type of observation. AntreaTraceflowObservationDelivered: The packet was delivered to destination Pod properly AntreaTraceflowObservationReceived: The packet was received from another ContainerNode AntreaTraceflowObservationForwarded: The packet was forwarded to next logical node or ContainerNode AntreaTraceflowObservationDropped: The packet was dropped",
"enum": [
"AntreaTraceflowObservationDelivered",
"AntreaTraceflowObservationReceived",
"AntreaTraceflowObservationForwarded",
"AntreaTraceflowObservationDropped"
],
"required": true,
"title": "The observation type",
"type": "string"
},
"timestamp": {
"description": "Timestamp when the observation was collect by Antrea controller.",
"readonly": true,
"required": false,
"title": "Timestamp",
"type": "integer"
}
},
"title": "Observation for Antrea traceflow",
"type": "object"
}
AntreaTraceflowObservationListResult (type)
{
"additionalProperties": false,
"description": "List collection for AnteaTraceflowObservation, used in batch API.",
"extends": {
"$ref": "ListResult"
},
"id": "AntreaTraceflowObservationListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AntreaTraceflowObservation"
},
"required": false,
"title": "AntreaTraceflowObservation list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List object for AnteaTraceflowObservation",
"type": "object"
}
AntreaTraceflowPacketData (type)
{
"description": "Packet data stuffs for Antrea traceflow.",
"id": "AntreaTraceflowPacketData",
"module_id": "PolicyConnectivity",
"properties": {
"frameSize": {
"description": "This property is used to set packet data size.",
"title": "Packet frame size",
"type": "integer"
},
"ipHeader": {
"$ref": "AntreaTraceflowIpHeader",
"description": "This property is used to set ipv4 header data.",
"title": "Ipv4 header configuration"
},
"ipv6Header": {
"$ref": "AntreaTraceflowIpv6Header",
"description": "This property is used to set ipv6 header data.",
"title": "Ipv6 header configuration"
},
"payload": {
"description": "This property is used to set payload data.",
"title": "Packet payload",
"type": "string"
},
"resourceType": {
"description": "This property is used to set resource type.",
"enum": [
"FIELDS_PACKET_DATA",
"BINARY_PACKET_DATA"
],
"title": "Packet resource type",
"type": "string"
},
"transportHeader": {
"$ref": "AntreaTraceflowTransportHeader",
"description": "This property is used to set transport header data.",
"title": "Transport header configuration"
},
"transportType": {
"description": "This property is used to set transport type.",
"enum": [
"UNICAST",
"MULTICAST",
"BROADCAST",
"UNKNOWN"
],
"title": "Transport type",
"type": "string"
}
},
"title": "Packet data for Antrea traceflow",
"type": "object"
}
AntreaTraceflowStatus (type)
{
"description": "The status value of one Antrea traceflow.",
"id": "AntreaTraceflowStatus",
"module_id": "PolicyConnectivity",
"properties": {
"phase": {
"description": "The execution phase of one traceflow.",
"enum": [
"SUCCEEDED",
"FAILED"
],
"title": "Phase",
"type": "string"
},
"reason": {
"description": "The reason for the failure.",
"title": "Reason",
"type": "string"
}
},
"title": "Status for Antrea traceflow",
"type": "object"
}
AntreaTraceflowTcpHeader (type)
{
"description": "Tcp header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowTcpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstPort": {
"description": "Destination port number in TcpHeader.",
"title": "Destination port",
"type": "integer"
},
"srcPort": {
"description": "Source port number in TcpHeader.",
"title": "Source port",
"type": "integer"
},
"tcpFlags": {
"description": "Tcp flags in TcpHeader. SYN flag must be set for traceflow.",
"title": "Tcp flags",
"type": "integer"
}
},
"title": "TcpHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowTransportHeader (type)
{
"description": "Transport header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowTransportHeader",
"module_id": "PolicyConnectivity",
"properties": {
"icmpEchoRequestHeader": {
"$ref": "AntreaTraceflowIcmpEchoRequestHeader",
"description": "IcmpEchoRequest header stuffs for Antrea traceflow.",
"title": "IcmpEchoRequestHeader for Antrea traceflow"
},
"tcpHeader": {
"$ref": "AntreaTraceflowTcpHeader",
"description": "Tcp header stuffs for Antrea traceflow.",
"title": "TcpHeader for Antrea traceflow"
},
"udpHeader": {
"$ref": "AntreaTraceflowUdpHeader",
"description": "Udp header stuffs for Antrea traceflow.",
"title": "UdpHeader for Antrea traceflow"
}
},
"title": "TransportHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowUdpHeader (type)
{
"description": "Udp header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowUdpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstPort": {
"description": "Destination port number in UdpHeader.",
"title": "Destination port",
"type": "integer"
},
"srcPort": {
"description": "Source port number in UdpHeader.",
"title": "Source port",
"type": "integer"
}
},
"title": "UdpHeader for Antrea traceflow",
"type": "object"
}
AphInfo (type)
{
"additionalProperties": false,
"description": "APH information.",
"id": "AphInfo",
"module_id": "SiteManagerModule",
"properties": {
"address": {
"required": true,
"title": "IP address of APH service",
"type": "string"
},
"certificate": {
"required": true,
"title": "PEM Certificate of APH service",
"type": "string"
},
"fqdn": {
"required": false,
"title": "FQDN, only returned by GET /sites and GET /sites/self",
"type": "string"
},
"node_id": {
"required": true,
"title": "Node ID of the APH service",
"type": "string"
},
"port": {
"required": true,
"title": "Port of APH service",
"type": "integer"
},
"use_fqdn": {
"required": false,
"title": "whether or not fqdn flag is on",
"type": "boolean"
},
"uuid": {
"required": true,
"title": "ID of the APH service",
"type": "string"
}
},
"title": "Apliance proxy hub information",
"type": "object"
}
ApiError (type)
{
"extends": {
"$ref": "RelatedApiError"
},
"id": "ApiError",
"module_id": "Common",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
},
"related_errors": {
"items": {
"$ref": "RelatedApiError"
},
"title": "Other errors related to this error",
"type": "array"
}
},
"title": "Detailed information about an API Error",
"type": "object"
}
ApiRequestBody (type)
{
"additionalProperties": false,
"description": "API Request Body is an Event Source that represents an API request body that is being reveived as part of an API. Supported Request Bodies are those received as part of a PATCH/PUT/POST request.",
"extends": {
"$ref": "Source"
},
"id": "ApiRequestBody",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "ApiRequestBody"
},
"properties": {
"resource_pointer": {
"description": "Regex path representing a regex expression on resources. This regex is used to identify the request body(ies) that is/are the source of the Event. For instance: specifying \"Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default\" as a source means that ANY resource starting with Lb or ANY resource with \"/infra/tier-0s/vmc/ipsec-vpn-services/default\" as path would be the source of the event in question.",
"required": true,
"title": "Resource Pointer",
"type": "string"
},
"resource_type": {
"description": "Event Source resource type.",
"enum": [
"ResourceOperation",
"ApiRequestBody"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "API Request Body",
"type": "object"
}
ApiServiceConfig (type)
{
"additionalProperties": false,
"description": "Properties that affect the configuration of the NSX API service.",
"extends": {
"$ref": "ManagedResource"
},
"id": "ApiServiceConfig",
"module_id": "ApiServiceConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"basic_authentication_enabled": {
"default": true,
"description": "Identifies whether basic authentication is enabled or disabled in API calls.",
"title": "Enable or disable basic authentication",
"type": "boolean"
},
"cipher_suites": {
"description": "The TLS cipher suites that the API service will negotiate.",
"items": {
"$ref": "CipherSuite"
},
"minItems": 1,
"title": "Cipher suites used to secure contents of connection",
"type": "array"
},
"client_api_concurrency_limit": {
"default": 40,
"description": "A per-client concurrency limit. This is the maximum number of outstanding requests that a client can have. For example, a client can open multiple connections to NSX and submit operations on each connection. When this limit is exceeded, the server returns a 503 Service Unavailable error to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Client API concurrency limit in calls",
"type": "integer"
},
"client_api_rate_limit": {
"default": 100,
"description": "The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.",
"minimum": 0,
"title": "Client API rate limit in calls per second",
"type": "integer"
},
"connection_timeout": {
"default": 30,
"description": "NSX connection timeout, in seconds. To disable timeout, set to 0.",
"maximum": 2147483647,
"minimum": 0,
"title": "NSX connection timeout",
"type": "integer"
},
"cookie_based_authentication_enabled": {
"default": true,
"description": "Identifies whether cookie-based authentication is enabled or disabled in API calls. When cookie-based authentication is disabled, new sessions cannot be created via /api/session/create.",
"title": "Enable or disable cookie-based authentication",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_api_concurrency_limit": {
"default": 199,
"description": "The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Global API concurrency limit in calls",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lockout_immune_addresses": {
"description": "The list of IP addresses which are not subjected to a lockout on failed login attempts.",
"items": {
"$ref": "IPAddress"
},
"title": "IP addresses which are not subject to lockout on failed login attempts",
"type": "array"
},
"protocol_versions": {
"description": "The TLS protocol versions that the API service will negotiate.",
"items": {
"$ref": "ProtocolVersion"
},
"minItems": 1,
"title": "TLS protocol versions",
"type": "array"
},
"redirect_host": {
"$ref": "HostnameOrIPv4AddressOrEmptyString",
"default": "",
"description": "Host name or IP address to use for redirect location headers, or empty string to derive from current request. To disable, set redirect_host to the empty string (\"\").",
"title": "Hostname/IP to use in redirect headers"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_timeout": {
"default": 1800,
"descriptions": "Sessions inactive for more than this value are terminated. The value is given in seconds. Set to 0 to disable timeouts.",
"maximum": 2147483647,
"minimum": 0,
"title": "NSX session inactivity timeout",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Configuration of the API service",
"type": "object"
}
ApplianceLatencyData (type)
{
"extends": {
"$ref": "Resource"
},
"id": "ApplianceLatencyData",
"module_id": "ShaApplianceMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"id": {
"description": "Display the Appliance id.",
"title": "Appliance id",
"type": "string"
},
"latency_data": {
"description": "Latency Data list.",
"items": {
"$ref": "ApplianceLatencyDataItem"
},
"title": "Latency Data List",
"type": "array"
},
"name": {
"description": "Display the appliance name.",
"title": "Appliance name",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp of last modification.",
"title": "Timestamp of last modification"
}
},
"title": "Display the latency data by given appliance node",
"type": "object"
}
ApplianceLatencyDataItem (type)
{
"description": "Describes appliance latency data in detail.",
"id": "ApplianceLatencyDataItem",
"module_id": "ShaApplianceMonitor",
"properties": {
"destination_node_id": {
"description": "Display the appliance node id.",
"title": "Node id",
"type": "string"
},
"destination_node_ip": {
"description": "Display the appliance node ip.",
"title": "Node name",
"type": "string"
},
"destination_node_name": {
"description": "Display the appliance node name.",
"title": "Node name",
"type": "string"
},
"packet_loss_percent": {
"description": "Display the percentage of lost packet.",
"title": "Display the percentage of lost packet",
"type": "string"
},
"packet_received": {
"description": "Display the received packets.",
"title": "Display the received packets",
"type": "integer"
},
"packet_transmitted": {
"description": "Display the transmitted packets in Ping",
"title": "Display the transmitted packets",
"type": "integer"
},
"rtt_avg": {
"description": "Display the average Round Trip Time in milliseconds.",
"title": "Display the average rtt of latency value",
"type": "number"
},
"rtt_max": {
"description": "Display the max Round Trip Time in milliseconds.",
"title": "Display the max rtt of latency value",
"type": "number"
},
"rtt_mdev": {
"description": "Display the mean Round Trip Time in milliseconds.",
"title": "Display the mean rtt of latency value",
"type": "number"
},
"rtt_min": {
"description": "Display the min Round Trip Time in milliseconds.",
"title": "Display the min rtt of latency value",
"type": "number"
},
"source_node_ip": {
"description": "Display the appliance node ip.",
"title": "Node name",
"type": "string"
},
"status": {
"description": "Display the connection status between source node and destination node.",
"enum": [
"UP",
"DOWN"
],
"title": "Display the connection status",
"type": "string"
},
"total_time": {
"description": "Display the total time of sending and receiving packets in milliseconds.",
"title": "Display the total time in milliseconds",
"type": "integer"
}
},
"title": "Appliance Latency data",
"type": "object"
}
ApplianceLatencyListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "ApplianceLatencyListResult",
"module_id": "ShaApplianceMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"required": true,
"title": "Total appliance latency count",
"type": "integer"
},
"results": {
"description": "Display the appliance latency data list.",
"items": {
"$ref": "ApplianceLatencyData"
},
"title": "Appliance Process List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of process data",
"type": "object"
}
ApplianceManagementSuppressRedirectQueryParameter (type)
{
"additionalProperties": false,
"id": "ApplianceManagementSuppressRedirectQueryParameter",
"properties": {
"suppress_redirect": {
"default": false,
"description": "Do not return a redirect HTTP status.",
"title": "Suppress redirect status if applicable",
"type": "boolean"
}
},
"type": "object"
}
ApplianceManagementTaskListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ApplianceManagementTaskListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ApplianceManagementTaskProperties"
},
"required": true,
"title": "Task property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Appliance management task query results",
"type": "object"
}
ApplianceManagementTaskProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "ApplianceManagementTaskProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"details": {
"readonly": true,
"title": "Details about the task if known",
"type": "object"
},
"end_time": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"id": {
"pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_is_async": {
"readonly": true,
"title": "True if request was invoked with Vmw-Async:true header; otherwise, false",
"type": "boolean"
},
"request_method": {
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "ApplianceManagementTaskStatus",
"readonly": true,
"title": "Current status of the task"
},
"user": {
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Appliance management task properties",
"type": "object"
}
ApplianceManagementTaskQueryParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResultQueryParameters"
},
"id": "ApplianceManagementTaskQueryParameters",
"properties": {
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"request_method": {
"description": "Comma-separated request methods to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request method(s) to include in query result",
"type": "string"
},
"request_path": {
"description": "Comma-separated request paths to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request URI path(s) to include in query result",
"type": "string"
},
"request_uri": {
"description": "Comma-separated request URIs to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request URI(s) to include in query result",
"type": "string"
},
"status": {
"description": "Comma-separated status values to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Status(es) to include in query result",
"type": "string"
},
"user": {
"description": "Comma-separated user names to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Names of users to include in query result",
"type": "string"
}
},
"type": "object"
}
ApplianceManagementTaskStatus (type)
{
"enum": [
"running",
"error",
"success",
"canceling",
"canceled",
"killed"
],
"id": "ApplianceManagementTaskStatus",
"title": "Current status of the appliance management task",
"type": "string"
}
ApplianceProcessData (type)
{
"extends": {
"$ref": "Resource"
},
"id": "ApplianceProcessData",
"module_id": "ShaApplianceMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"id": {
"description": "Display the Appliance id.",
"title": "Appliance id",
"type": "string"
},
"name": {
"description": "Display the appliance name.",
"title": "Appliance name",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp of last modification.",
"title": "Timestamp of last modification"
},
"top_process_by_cpu_count": {
"description": "Display the total count of process.",
"title": "Process count",
"type": "integer"
},
"top_process_by_cpu_list": {
"description": "Display the top process list by CPU.",
"items": {
"$ref": "ProcessInformation"
},
"title": "Top process list by CPU",
"type": "array"
},
"top_process_by_mem_count": {
"description": "Display the total count of process.",
"title": "Process count",
"type": "integer"
},
"top_process_by_mem_list": {
"description": "Display the top process list by memory.",
"items": {
"$ref": "ProcessInformation"
},
"title": "Top process list by memory",
"type": "array"
}
},
"title": "List of process data in given appliance node",
"type": "object"
}
ApplianceProcessListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "ApplianceProcessListResult",
"module_id": "ShaApplianceMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Display the appliance process list.",
"items": {
"$ref": "ApplianceProcessData"
},
"title": "Appliance Process List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of process data",
"type": "object"
}
ApplicationConnectivityStrategy (type)
{
"additionalProperties": false,
"description": "Allows more granular policies for application workloads",
"id": "ApplicationConnectivityStrategy",
"module_id": "Policy",
"properties": {
"application_connectivity_strategy": {
"description": "App connectivity strategies",
"enum": [
"ALLOW_INTRA",
"ALLOW_EGRESS",
"ALLOW_INGRESS",
"DROP_INGRESS",
"DROP_EGRESS"
],
"required": true,
"title": "Application connectivity strategy",
"type": "string"
},
"default_application_rule_id": {
"description": "Based on the value of the app connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule.",
"readonly": true,
"required": false,
"title": "Default rule ID associated with the application_connectivity_strategy",
"type": "integer"
},
"logging_enabled": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
}
},
"title": "Application specific connectivity strategy",
"type": "object"
}
ApplicationProfileType (type)
{
"additionalProperties": false,
"description": "An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LbFastTCPProfile, LbFastUDPProfile and LbHttpProfile. LbFastTCPProfile or LbFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LbHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LbHttpProfile is intended to simplify enabling certain common use cases.",
"enum": [
"LbHttpProfile",
"LbFastTcpProfile",
"LbFastUdpProfile"
],
"id": "ApplicationProfileType",
"module_id": "LoadBalancer",
"title": "application profile type",
"type": "string"
}
AppliedTos (type)
{
"description": "Entity lists where the profile will be enabled on.",
"id": "AppliedTos",
"module_id": "UpmCommon",
"properties": {
"logical_ports": {
"items": {
"$ref": "ResourceReference"
},
"readonly": false,
"required": false,
"title": "Logical Port List",
"type": "array"
},
"logical_switches": {
"items": {
"$ref": "ResourceReference"
},
"readonly": false,
"required": false,
"title": "Logical Switch List",
"type": "array"
},
"nsgroups": {
"items": {
"$ref": "ResourceReference"
},
"nsx_feature": "UnifiedProfileManagementSupportNSGroup",
"readonly": false,
"required": false,
"title": "NSGroup List",
"type": "array"
}
},
"title": "Entities Applied to Profile",
"type": "object"
}
ApplyCertificateParameters (type)
{
"additionalProperties": false,
"id": "ApplyCertificateParameters",
"module_id": "CertificateManager",
"properties": {
"node_id": {
"description": "Optional node-id to which to apply the certificate. The cluster_certificate field of the matching Certificate Profile must be false, as those get applied to all nodes.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Node Id",
"type": "string"
},
"service_type": {
"$ref": "ServiceType",
"description": "Service Type of the CertificateProfile to apply the certificate to.",
"required": true,
"title": "Service Type"
}
},
"type": "object"
}
ArpHeader (type)
{
"additionalProperties": false,
"id": "ArpHeader",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv4Address",
"required": true,
"title": "The destination IP address"
},
"op_code": {
"default": "ARP_REQUEST",
"description": "This field specifies the nature of the Arp message being sent.",
"enum": [
"ARP_REQUEST",
"ARP_REPLY"
],
"required": true,
"title": "Arp message type",
"type": "string"
},
"src_ip": {
"$ref": "IPv4Address",
"description": "This field specifies the IP address of the sender. If omitted, the src_ip is set to 0.0.0.0.",
"required": false,
"title": "The source IP address"
}
},
"type": "object"
}
ArpSnoopingConfig (type)
{
"additionalProperties": false,
"description": "Contains ARP snooping related configuration.",
"id": "ArpSnoopingConfig",
"module_id": "PolicyIpDiscovery",
"properties": {
"arp_binding_limit": {
"default": 1,
"description": "Number of arp snooped IP addresses Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "Maximum number of ARP bindings",
"type": "int"
},
"arp_snooping_enabled": {
"default": true,
"description": "Indicates whether ARP snooping is enabled",
"required": false,
"title": "Is ARP snooping enabled or not",
"type": "boolean"
}
},
"title": "ARP Snooping Configuration",
"type": "object"
}
ArpTableRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseEdgeStatisticsRequestParameters"
},
"id": "ArpTableRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"host_transport_node_path": {
"description": "Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager.",
"title": "Policy path of host transport node",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
AssessmentMessage (type)
{
"additionalProperties": false,
"description": "Assessment message.",
"extends": {
"$ref": "ColoredMessage"
},
"id": "AssessmentMessage",
"module_id": "OverlayAdoption",
"properties": {
"color": {
"$ref": "ColorCode",
"default": "YELLOW",
"description": "The message color that shows the message's severity or priority.",
"readonly": true,
"required": false,
"title": "The message color that shows the message's severity or priority"
},
"message": {
"description": "A string message.",
"readonly": true,
"required": false,
"title": "A string message",
"type": "string"
},
"resource_id": {
"description": "Assessment resource ID.",
"readonly": true,
"required": true,
"title": "Assessment resource ID",
"type": "string"
},
"resource_name": {
"description": "Assessment resource name.",
"readonly": true,
"required": false,
"title": "Assessment resource name",
"type": "string"
},
"resource_type": {
"$ref": "AssessmentResourceType",
"description": "Assessment resource type.",
"readonly": true,
"required": true,
"title": "Assessment resource type"
}
},
"title": "Assessment message",
"type": "object"
}
AssessmentMessageListRequestParameters (type)
{
"description": "Assessment message list request parameters.",
"id": "AssessmentMessageListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"message_severity": {
"$ref": "ColorCode",
"description": "Assessment message severity.",
"readonly": false,
"required": false,
"title": "Assessment message severity"
},
"resource_id": {
"description": "Assessment resource ID.",
"readonly": false,
"required": false,
"title": "Assessment resource ID",
"type": "string"
},
"resource_name": {
"description": "Assessment resource name.",
"readonly": false,
"required": false,
"title": "Assessment resource name",
"type": "string"
},
"resource_type": {
"$ref": "AssessmentResourceType",
"description": "Assessment resource type.",
"readonly": false,
"required": false,
"title": "Assessment resource type"
}
},
"title": "Assessment message list request parameters",
"type": "object"
}
AssessmentMessageListResult (type)
{
"additionalProperties": false,
"description": "List of assessment messages.",
"extends": {
"$ref": "ListResult"
},
"id": "AssessmentMessageListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of assessment messages.",
"items": {
"$ref": "AssessmentMessage"
},
"readonly": true,
"required": true,
"title": "Paged collection of assessment messages",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"total_number_of_errors": {
"description": "Number of errors.",
"readonly": true,
"required": false,
"title": "Number of errors",
"type": "int"
},
"total_number_of_warnings": {
"description": "Number of warnings.",
"readonly": true,
"required": false,
"title": "Number of warnings",
"type": "int"
}
},
"title": "List of assessment messages",
"type": "object"
}
AssessmentResourceType (type)
{
"description": "Assessment resource type.",
"enum": [
"VC",
"DVPG",
"VDS"
],
"id": "AssessmentResourceType",
"module_id": "OverlayAdoption",
"title": "Assessment resource type",
"type": "string"
}
AssessmentUnit (type)
{
"description": "Detailed assessment information about a resource",
"id": "AssessmentUnit",
"module_id": "OverlayAdoption",
"properties": {
"number_of_errors": {
"description": "Number of errors.",
"readonly": true,
"required": false,
"title": "Number of errors",
"type": "int"
},
"number_of_warnings": {
"description": "Number of warnings.",
"readonly": true,
"required": false,
"title": "Number of warnings",
"type": "int"
},
"resource_id": {
"description": "Assessment resource ID.",
"readonly": true,
"required": true,
"title": "Assessment resource ID",
"type": "string"
},
"resource_name": {
"description": "Assessment resource name.",
"readonly": true,
"required": false,
"title": "Assessment resource name",
"type": "string"
},
"resource_type": {
"$ref": "AssessmentResourceType",
"description": "Assessment resource type.",
"readonly": true,
"required": true,
"title": "Assessment resource type"
},
"result": {
"$ref": "ColorCode",
"description": "Assessment result for the resource.",
"readonly": true,
"required": false,
"title": "Assessment result for the resource"
}
},
"title": "Assessment unit",
"type": "object"
}
AssessmentUnitListRequestParameters (type)
{
"description": "Assessment unit list request parameters.",
"id": "AssessmentUnitListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"assessment_result": {
"$ref": "ColorCode",
"description": "Assessment result for the resource.",
"readonly": false,
"required": false,
"title": "Assessment result for the resource"
},
"resource_id": {
"description": "Assessment resource ID.",
"readonly": false,
"required": false,
"title": "Assessment resource ID",
"type": "string"
},
"resource_name": {
"description": "Assessment resource name.",
"readonly": false,
"required": false,
"title": "Assessment resource name",
"type": "string"
},
"resource_type": {
"$ref": "AssessmentResourceType",
"description": "Assessment resource type.",
"readonly": false,
"required": false,
"title": "Assessment resource type"
}
},
"title": "Assessment unit list request parameters",
"type": "object"
}
AssessmentUnitListResult (type)
{
"additionalProperties": false,
"description": "Detailed assessment information about multiple resources",
"extends": {
"$ref": "ListResult"
},
"id": "AssessmentUnitListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of assessment units.",
"items": {
"$ref": "AssessmentUnit"
},
"readonly": true,
"required": true,
"title": "Paged collection of assessment units",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Assessment unit list",
"type": "object"
}
AssignedByAutoConf (type)
{
"description": "This type can be specified in ipv6 assignment spec of host switch if auto-conf based IPv6 assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "Ipv6AssignmentSpec"
},
"id": "AssignedByAutoConf",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"type-identifier": "AssignedByAutoConf"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "Auto-conf based IPv6 assignment.",
"type": "object"
}
AssignedByDhcp (type) (Deprecated)
{
"deprecated": true,
"description": "This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "IpAssignmentSpec"
},
"id": "AssignedByDhcp",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "AssignedByDhcp"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpPoolSpec",
"StaticIpListSpec",
"AssignedByDhcp",
"StaticIpMacListSpec",
"NoIpv4",
"FromEsxiVmknic"
],
"required": true,
"type": "string"
}
},
"title": "DHCP based IP assignment.",
"type": "object"
}
AssignedByDhcpv6 (type)
{
"description": "This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "Ipv6AssignmentSpec"
},
"id": "AssignedByDhcpv6",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"type-identifier": "AssignedByDhcpv6"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "DHCP based IPv6 assignment.",
"type": "object"
}
AssociatedKubernetesClusterListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the api that get associated clusters of a given group.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "AssociatedKubernetesClusterListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Associated kubernetes clusters list request params",
"type": "object"
}
AssociationListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "AssociationListRequestParameters",
"module_id": "Association",
"properties": {
"associated_resource_type": {
"$ref": "AssociationTargetType",
"required": true,
"title": "Type of the associated resources"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"fetch_ancestors": {
"default": false,
"description": "If set to true, will fetch direct as well as indirect(considering containment as well as nesting) associated objects for the given source Id.",
"required": false,
"title": "Fetch complete list of associated resources considering\ncontainment and nesting\n",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_id": {
"required": true,
"title": "The resource for which associated resources are to be fetched",
"type": "string"
},
"resource_type": {
"$ref": "AssociationSourceType",
"required": true,
"title": "Type of the resource for which associated resources are to be fetched"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Association list request parameters",
"type": "object"
}
AssociationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "AssociationListResult",
"module_id": "Association",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ResourceReference"
},
"required": true,
"title": "Paged Collection of ResourceReference",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
AssociationSourceType (type)
{
"enum": [
"NSGroup",
"IPSet",
"MACSet",
"LogicalSwitch",
"LogicalPort",
"VirtualMachine",
"DirectoryGroup",
"VirtualNetworkInterface",
"TransportNode",
"IPAddress",
"CloudNativeServiceInstance",
"PhysicalServer"
],
"id": "AssociationSourceType",
"module_id": "Association",
"title": "Resource type valid for use as source in association API",
"type": "string"
}
AssociationTargetType (type)
{
"enum": [
"NSGroup"
],
"id": "AssociationTargetType",
"module_id": "Association",
"title": "Resource type valid for use as target in association API",
"type": "string"
}
AsyncOperationStatus (type)
{
"description": "Status of asynchronous VCF licenses query operation.",
"id": "AsyncOperationStatus",
"module_id": "VCSync",
"nsx_feature": "RejectLegacyLicenses",
"properties": {
"message": {
"description": "The detailed description of operation status. For example, for Running status, message is: Operation is running. for Failed status, message is: Failed to query the entitlement from vCenter vc_1, vc_2.",
"title": "The detailed description of operation status.",
"type": "string"
},
"operation_end_time": {
"$ref": "EpochMsTimestamp",
"description": "Operation end time.",
"title": "Operation end time"
},
"operation_start_time": {
"$ref": "EpochMsTimestamp",
"description": "Operation start time.",
"title": "Operation start time"
},
"status": {
"description": "Operation status. RUNNING means the operation is running. SUCCESS means the entitlement query from all vCenters succeeded. PARTIAL_SUCCESS means the entitlement query from some vCenters succeeded, and the entitlement query from other vCenters failed. FAILED means the entitlement query from all vCenters failed.",
"enum": [
"RUNNING",
"SUCCESS",
"PARTIAL_SUCCESS",
"FAILED"
],
"title": "Operation status",
"type": "string"
}
},
"title": "Status of asynchronous VCF licenses query operation",
"type": "object"
}
AttachedInterface (type) (Deprecated)
{
"deprecated": true,
"description": "The Attached interface is only effective for the port on Bare metal server.",
"id": "AttachedInterface",
"module_id": "LogicalPort",
"properties": {
"app_intf_name": {
"required": true,
"title": "The name of application interface",
"type": "string"
},
"default_gateway": {
"$ref": "IPAddress",
"required": false,
"title": "Gateway IP"
},
"migrate_intf": {
"description": "IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP.",
"required": false,
"title": "Interface name to migrate",
"type": "string"
},
"routing_table": {
"items": {
"type": "string"
},
"required": false,
"title": "Routing rules",
"type": "array"
}
},
"title": "Attached interface specification for Bare metal server",
"type": "object"
}
AttachmentContext (type) (Deprecated)
{
"abstract": true,
"deprecated": true,
"id": "AttachmentContext",
"module_id": "LogicalPort",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"allocate_addresses": {
"enum": [
"IpPool",
"MacPool",
"Both",
"None",
"Dhcp",
"DhcpV6",
"SLAAC"
],
"required": false,
"title": "A flag to indicate whether to allocate addresses from allocation\n pools bound to the parent logical switch.\n",
"type": "string"
},
"resource_type": {
"help_summary": "Possible values are 'VifAttachmentContext' or 'L2VpnAttachmentContext'\n",
"required": true,
"title": "Used to identify which concrete class it is",
"type": "string"
}
},
"type": "object"
}
AttachmentType (type) (Deprecated)
{
"deprecated": true,
"enum": [
"VIF",
"LOGICALROUTER",
"BRIDGEENDPOINT",
"DHCP_SERVICE",
"METADATA_PROXY",
"L2VPN_SESSION",
"L2FORWARDER"
],
"id": "AttachmentType",
"module_id": "LogicalPort",
"title": "Type of attachment for logical port.",
"type": "string"
}
AttachmentTypeQueryString (type) (Deprecated)
{
"deprecated": true,
"enum": [
"VIF",
"LOGICALROUTER",
"BRIDGEENDPOINT",
"DHCP_SERVICE",
"METADATA_PROXY",
"L2VPN_SESSION",
"NONE"
],
"id": "AttachmentTypeQueryString",
"module_id": "LogicalPort",
"title": "Type of attachment for logical port; for query only.",
"type": "string"
}
Attribute (type)
{
"description": "Attribute specific to a partner. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. The Attributes used by the partner applicance.",
"id": "Attribute",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"attribute_type": {
"description": "Attribute Type can be of any of the allowed enum type.",
"enum": [
"IP_ADDRESS",
"PORT",
"PASSWORD",
"STRING",
"LONG",
"BOOLEAN"
],
"readonly": false,
"required": false,
"title": "Attributetype.",
"type": "string"
},
"display_name": {
"description": "Attribute display name string value.",
"readonly": false,
"required": false,
"title": "Display name",
"type": "string"
},
"key": {
"description": "Attribute key string value.",
"readonly": false,
"required": true,
"title": "key",
"type": "string"
},
"read_only": {
"default": false,
"description": "Read only Attribute cannot be overdidden by service instance/deployment.",
"readonly": false,
"required": false,
"title": "read only",
"type": "boolean"
},
"value": {
"description": "Attribute value string value.",
"readonly": false,
"required": false,
"title": "value",
"type": "string"
}
},
"title": "Attributes",
"type": "object"
}
AttributeVal (type)
{
"description": "Contains type specific properties of generic realized entity",
"id": "AttributeVal",
"module_id": "PolicyRealizedState",
"properties": {
"data_type": {
"description": "Datatype of the property",
"enum": [
"STRING",
"DATE",
"INTEGER",
"BOOLEAN"
],
"readonly": true,
"required": true,
"title": "Datatype of property represented by this attribute",
"type": "string"
},
"key": {
"description": "Attribute key",
"required": false,
"title": "Key for the attribute value",
"type": "string"
},
"multivalue": {
"description": "If attribute has a single value or collection of values",
"readonly": true,
"title": "multivalue flag",
"type": "boolean"
},
"values": {
"description": "List of attribute values",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of values for the attribute",
"type": "array"
}
},
"title": "Attribute values of realized type",
"type": "object"
}
AuditLog (type)
{
"additionalProperties": false,
"id": "AuditLog",
"properties": {
"appname": {
"required": true,
"title": "Application name field of the log",
"type": "string"
},
"facility": {
"required": true,
"title": "Facility field of the log",
"type": "integer"
},
"full_log": {
"required": true,
"title": "Full log with both header and message",
"type": "string"
},
"hostname": {
"required": true,
"title": "Hostname field of the log",
"type": "string"
},
"message": {
"required": true,
"title": "Message field of the log",
"type": "string"
},
"msgid": {
"required": true,
"title": "Message ID field of the log",
"type": "string"
},
"priority": {
"required": true,
"title": "Priority field of the log",
"type": "integer"
},
"procid": {
"required": true,
"title": "Process ID field of the log",
"type": "integer"
},
"struct_data": {
"$ref": "StructuredData",
"required": true,
"title": "Structured data field of the log"
},
"timestamp": {
"required": true,
"title": "Date and time in UTC of the log",
"type": "string"
}
},
"title": "Audit log in RFC5424 format",
"type": "object"
}
AuditLogListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "AuditLogListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_full_sync_timestamp": {
"required": true,
"title": "Timestamp of the last full audit log collection",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AuditLog"
},
"required": true,
"title": "Audit log results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Audit log collection results",
"type": "object"
}
AuditLogQueryParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResultQueryParameters"
},
"id": "AuditLogQueryParameters",
"properties": {
"cursor": {
"description": "A log cursor points to a specific line number in the master audit log",
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "integer"
},
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"page_size": {
"default": 100,
"description": "The page size determines the number of logs to be returned",
"maximum": 100,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
}
},
"type": "object"
}
AuditLogRequest (type)
{
"additionalProperties": false,
"id": "AuditLogRequest",
"properties": {
"log_age_limit": {
"minimum": 0,
"title": "Include logs with timstamps not past the age limit in days",
"type": "integer"
},
"log_filter": {
"required": false,
"title": "Audit logs should meet the filter condition",
"type": "string"
},
"log_filter_type": {
"default": "TEXT",
"enum": [
"TEXT",
"REGEX"
],
"title": "Type of log filter",
"type": "string"
}
},
"type": "object"
}
AuthServiceProperties (type)
{
"id": "AuthServiceProperties",
"properties": {
"logging_level": {
"default": "INFO",
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": false,
"title": "Service logging level",
"type": "string"
}
},
"title": "Auth Service properties",
"type": "object"
}
AuthenticationPolicyProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PasswordComplexityProperties"
},
"id": "AuthenticationPolicyProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_retry_prompt": {
"default": 3,
"readonly": true,
"title": "Prompt user at most N times before returning with error.",
"type": "integer"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"api_failed_auth_lockout_period": {
"default": 900,
"description": "Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.",
"maximum": 9000,
"minimum": 0,
"title": "Lockout period in seconds",
"type": "integer"
},
"api_failed_auth_reset_period": {
"default": 900,
"description": "In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.",
"maximum": 9000,
"minimum": 0,
"title": "Period, in seconds, for authentication failures to trigger lockout",
"type": "integer"
},
"api_max_auth_failures": {
"default": 5,
"description": "Only applies to NSX Manager nodes. Ignored on other node types.",
"maximum": 50,
"minimum": 0,
"title": "Number of authentication failures that trigger API lockout",
"type": "integer"
},
"cli_failed_auth_lockout_period": {
"default": 900,
"description": "Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.",
"maximum": 604800,
"minimum": 0,
"title": "Lockout period in seconds",
"type": "integer"
},
"cli_max_auth_failures": {
"default": 5,
"maximum": 10,
"minimum": 0,
"title": "Number of authentication failures that trigger CLI lockout",
"type": "integer"
},
"digits": {
"default": -1,
"description": "Number of digits (0..9) expected in user password. <p>N < 0, to set minimum credit for having digits in the new password, i.e. this is the minimum number of digits that must be met for a new password.</p> <p>N > 0, to set maximum credit for having digits in the new password, i.e. per occurrence of digit in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> digits.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 digit is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of digits in password",
"type": "integer"
},
"hash_algorithm": {
"default": "sha512",
"description": "Sets hash/cryptographic algorithm type for new passwords.",
"enum": [
"sha512",
"sha256"
],
"title": "Hash algorithm",
"type": "string"
},
"lower_chars": {
"default": -1,
"description": "Number of lower case characters (a..z) expected in user password. <p>N < 0, to set minimum credit for having lower case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having lower case characters in the new password, i.e. per occurrence of lower case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> lower case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 lower case character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of lower-case characters in password",
"type": "integer"
},
"max_repeats": {
"default": 0,
"description": "Reject passwords which contain more than N same consecutive characters, like aaa or 7777. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Number of same consecutive characters",
"type": "integer"
},
"max_sequence": {
"default": 0,
"description": "Reject passwords which contain more than N monotonic character sequences. Monotonic sequences can be '12345' or 'fedcb'. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Length of permissible monotonic sequence in password substring",
"type": "integer"
},
"maximum_password_length": {
"default": 128,
"description": "Maximum number of characters allowed in password; user can not set their password of length greater than this parameter. By default maximum length of password is 128 characters.",
"maximum": 128,
"minimum": 8,
"title": "Maximum password length",
"type": "integer"
},
"minimum_password_length": {
"default": 12,
"description": "Minimum number of characters expected in password; user can not set their password of length less than this parameter.<br /> NOTE, for existing users upgrading to NSX-T datacenter version 4.0 or above - <p>if existing appliance is configured with <code>minimum_password_length</code> less than current default value, then upgraded appliance will reset the configured setting back to recommended default; which can be explicitly modified back to original value or any other integer greater than or equal to supported minimum value.</p> <p>VMware recommends to set strong passwords for systems and appliances, further suggests to maintain strong <code>minimum_password_length</code> value. NSX resets this value to default and recommends to maintain upgraded default value or above for password complexity requirement.</p> <p>If any existing user passwords are set with length of less than newly configured <code>minimum_password_length</code>, then its recommended to reset the user passwords as per newly configured password complexity compliance.</p> <p>If existing <code>minimum_password_length</code> is greater than or equal to default value, which shall be retained as it is in newly upgraded appliance.</p> By default minimum length of password is 12 characters and passwords less than 8 characters are never allowed.",
"maximum": 128,
"minimum": 8,
"title": "Minimum password length",
"type": "integer"
},
"minimum_unique_chars": {
"default": 0,
"description": "Number of character changes in the new password that differentiate it from the old password. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Number of unique characters from old password",
"type": "integer"
},
"password_remembrance": {
"default": 0,
"description": "Limit using a password that was used in past; users can not set the same password within the N generations. To disable the check, value should be set to 0.",
"minimum": 0,
"title": "Password remembrance from previous generations",
"type": "integer"
},
"special_chars": {
"default": -1,
"description": "Number of special characters (!@#$&*..) expected in user password. <p>N < 0, to set minimum credit for having special characters in the new password, i.e. this is the minimum number of special characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having special characters in the new password, i.e. per occurrence of special case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> special case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 special character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of special characters in password",
"type": "integer"
},
"upper_chars": {
"default": -1,
"description": "Number of upper case characters (A..Z) expected in user password. <p>N < 0, to set minimum credit for having upper case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having upper case characters in the new password, i.e. per occurrence of upper case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> upper case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 upper case character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of upper-case characters in password",
"type": "integer"
}
},
"title": "Configuration of authentication and password policies for the NSX node",
"type": "object"
}
AuthenticationScheme (type)
{
"additionalProperties": {},
"id": "AuthenticationScheme",
"properties": {
"scheme_name": {
"required": true,
"title": "Authentication scheme name",
"type": "string"
}
},
"type": "object"
}
AutoConf (type)
{
"description": "This type can be specified in ipv6 assignment spec of host switch if auto-conf based IPv6 assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "PolicyIpAssignmentSpec"
},
"id": "AutoConf",
"module_id": "PolicyEdgeTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "AutoConf"
},
"properties": {
"ip_assignment_type": {
"enum": [
"StaticIpv4",
"StaticIpv4Pool",
"StaticIpv4List",
"Dhcpv4",
"StaticIpv6",
"StaticIpv6Pool",
"StaticIpv6List",
"StaticIpv6MacList",
"StaticIpv4MacList",
"Dhcpv6",
"AutoConf",
"NoAssignment"
],
"required": true,
"type": "string"
}
},
"title": "Auto-conf based IPv6 assignment.",
"type": "object"
}
AutoEnableGatewayFirewallConfig (type)
{
"description": "Config to auto enable gateway firewall for new Tier1 and Tier0 gateway. By default gateway firewall is dsiabled for new VCF deployments.",
"id": "AutoEnableGatewayFirewallConfig",
"module_id": "PolicySystemConfig",
"nsx_feature": "AutoEnableFirewallOnNewGateway",
"properties": {
"auto_enable_firewall_on_new_gateway": {
"description": "Flag auto enables or disables if set to false, gateway firewall for new Tier1 and Tier0 gateways. Flag doesn't change gateway firewall status of existing gateways.",
"required": true,
"title": "Auto Enable Gateway Firewall",
"type": "boolean"
}
},
"title": "Auto Enable Gateway Firewall",
"type": "object"
}
AutoRds (type)
{
"description": "This object holds auto assigned route distinguishers for Layer 2 and Layer 3 configurations.",
"id": "AutoRds",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"l2_auto_rds": {
"items": {
"$ref": "L2AutoRD"
},
"title": "List of layer 2 Auto assigned Route Distinguisher",
"type": "array"
},
"l3_auto_rd": {
"description": "This field is auto assigned by the system. The auto RD seed is populated when user does not assign a route_distinguisher field in the gateway.",
"title": "Layer 3 Auto assigned Route Distinguisher",
"type": "string"
}
},
"title": "Auto assigned Route Distinguishers",
"type": "object"
}
AutomaticHealthCheck (type)
{
"description": "Health check performed by system automatically on a specific transport zone. For overlay based zone, health check is performed on corresponding N-VDS of each transport node with the VLAN and MTU specified by uplink profile of N-VDS for the node. For VLAN based zone, health check is performed on corresponding N-VDS of each transport node with MTU specified by uplink profile of N-VDS for the node and VLAN specified by all logical switches in this zone.",
"id": "AutomaticHealthCheck",
"module_id": "HealthCheck",
"properties": {
"result": {
"$ref": "HealthCheckResult",
"readonly": true
},
"transport_zone_id": {
"description": "ID of the transport zone where this automatic health check is performed.",
"readonly": true,
"title": "Transport Zone ID",
"type": "string"
}
},
"title": "Automatic Health Check",
"type": "object"
}
AutomaticHealthCheckListResult (type)
{
"description": "Automatic health check list result for query with list parameters.",
"extends": {
"$ref": "ListResult"
},
"id": "AutomaticHealthCheckListResult",
"module_id": "HealthCheck",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AutomaticHealthCheck"
},
"readonly": true,
"title": "Automatic Health Check List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Automatic Health Checks",
"type": "object"
}
AutomaticHealthCheckToggle (type)
{
"description": "Toggle to enable/disable automatic health check.",
"extends": {
"$ref": "ManagedResource"
},
"id": "AutomaticHealthCheckToggle",
"module_id": "HealthCheck",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"required": true,
"title": "Status of automatic health check",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Automatic Health Check Toggle",
"type": "object"
}
AviConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to a AVI type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo"
},
"id": "AviConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "AviConnectionInfo"
},
"properties": {
"certificate": {
"description": "Certificate used when on-borading workflow created by LCM/VCF.",
"required": false,
"title": "Certificate used when on-borading workflow created by LCM/VCF.",
"type": "string"
},
"cloud": {
"deprecated": true,
"description": "Clouds are containers for the environment that Avi Vantage is installed or operating within. During initial setup of Vantage, a default cloud, named Default-Cloud, is created. This is where the first Controller is deployed, into Default-Cloud. Additional clouds may be added, containing SEs and virtual services. This is a deprecated property. Cloud has been renamed to cloud_name and it will added from specific ALB entity.",
"required": false,
"sensitive": false,
"title": "Cloud",
"type": "string"
},
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"expires_at": {
"description": "Expiry time of the token will be set by LCM at the time of Enforcement Point Creation.",
"required": false,
"title": "Expiry time of the token",
"type": "string"
},
"is_default_cert": {
"description": "Advanced Load Balancer controller using default portal certificate.",
"required": false,
"title": "Advanced Load Balancer controller using default portal certificate.",
"type": "boolean"
},
"managed_by": {
"description": "Managed by used when on-borading workflow created by LCM/VCF.",
"required": false,
"title": "Managed by used when on-borading workflow created by LCM/VCF.",
"type": "string"
},
"password": {
"description": "Password or Token for Avi Controller.",
"required": true,
"sensitive": true,
"title": "Password or Token for Avi Controller",
"type": "secure_string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"status": {
"$ref": "ALBEnforcementPointState",
"default": "DEACTIVATE_API",
"description": "This is connection property which checks whether ALB is connected to the controller. Enum options - ACTIVATE, DEACTIVATE_PROVIDER, DEACTIVATE_API. Default value is DEACTIVATE_API.",
"required": true,
"title": "Enforcement point state for ALB"
},
"tenant": {
"description": "A tenant is an isolated instance of Avi Controller. Each Avi user account is associated with one or more tenants. The tenant associated with a user account defines the resources that user can access within Avi Vantage. When a user logs in, Avi restricts their access to only those resources that are in the same tenant",
"required": true,
"sensitive": false,
"title": "Tenant",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"required": false,
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "secure_string"
},
"version": {
"deprecated": true,
"description": "Avi supports API versioning for backward compatibility with automation scripts written for an object model older than the current one. Such scripts need not be updated to keep up with object model changes This is a deprecated property. The version is now auto populated from property file and its value can be read using APIs",
"required": false,
"sensitive": false,
"title": "Version",
"type": "string"
}
},
"title": "Avi Connection Info",
"type": "object"
}
AviEndPoint (type)
{
"additionalProperties": false,
"description": "Details about the AVI LB endpoint",
"id": "AviEndPoint",
"module_id": "Migration",
"properties": {
"avi_endpoint_ip": {
"description": "IP address of the AVI LB endpoint.",
"format": "hostname-or-ip",
"readonly": false,
"required": true,
"title": "IP address of the AVI LB endpoint",
"type": "string"
},
"avi_endpoint_password": {
"description": "Password for AVI LB endpoint.",
"readonly": false,
"required": true,
"sensitive": true,
"title": "Password for AVI LB endpoint",
"type": "secure_string"
},
"avi_endpoint_port": {
"default": 443,
"description": "AVI LB endpoint port.",
"readonly": false,
"required": false,
"title": "AVI LB endpoint port",
"type": "int"
},
"avi_endpoint_username": {
"description": "Username for AVI LB endpoint.",
"readonly": false,
"required": true,
"title": "Username for AVI LB endpoint",
"type": "string"
}
},
"title": "AVI LB endpoint details",
"type": "object"
}
Axes (type)
{
"additionalProperties": false,
"description": "Represents X and Y axes of a graph. For a multi-graph, the same axes are shared by all the graphs.",
"id": "Axes",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"x_label": {
"$ref": "Label",
"decription": "Describes the X axis of a graph. If x_label is not specified, the label will not appear for X axis. To have a support for mulitple condition use 'x-labels' property.",
"title": "Label for X axis of a graph"
},
"x_labels": {
"description": "A list of X-Axis Labels with condition support. If needed, this property can be used to provide a list of x-axis label with condition support. For a label with single condition,'x-label' property can be used.",
"items": {
"$ref": "Label"
},
"minItems": 0,
"title": "A list of X-Axis Labels with condition support.",
"type": "array"
},
"y_axis_unit_labels": {
"description": "A list of Y-Axis unit Labels with condition support. If needed, this property can be used to provide a list of y-axis unit label with condition support. This unit label can be used to display the point value along with units like percentage, milliseconds etc.",
"items": {
"$ref": "Label"
},
"minItems": 0,
"title": "A list of Y-Axis unit Labels with condition support.",
"type": "array"
},
"y_axis_units": {
"description": "A list of Y-Axis unit with condition support. If needed, this property can be used to provide a list of y-axis unit with condition support. This unit could be like percentage, seconds, milliseconds etc.",
"items": {
"$ref": "AxisUnit"
},
"minItems": 0,
"title": "A list of Y-Axis unit with condition support.",
"type": "array"
},
"y_label": {
"$ref": "Label",
"decription": "Describes the Y axis of a graph. If y_label is not specified, the label will not appear for Y axis.",
"title": "Label for Y axis of a graph"
},
"y_labels": {
"description": "A list of Y-Axis Labels with condition support. If needed, this property can be used to provide a list of y-axis label with condition support. For a label with single condition,'y-label' property can be used.",
"items": {
"$ref": "Label"
},
"minItems": 0,
"title": "A list of Y-Axis Labels with condition support.",
"type": "array"
}
},
"title": "Axes of a graph",
"type": "object"
}
AxisUnit (type)
{
"additionalProperties": false,
"description": "Represents X and Y axis unit of a graph.",
"id": "AxisUnit",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the above unit will be displayed. to UI. If no condition is provided, then the unit will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"unit": {
"description": "An Axis unit.",
"enum": [
"COUNT",
"PERCENT",
"BYTES",
"MILLISECONDS",
"SECONDS",
"MINUTE",
"HOUR",
"DAY",
"KILO_BYTES",
"MEGA_BYTES",
"GIGA_BYTES"
],
"title": "An Axis unit.",
"type": "string"
}
},
"title": "Axis unit of a graph",
"type": "object"
}
BFDDiagnosticCount (type)
{
"additionalProperties": false,
"id": "BFDDiagnosticCount",
"module_id": "Heatmap",
"properties": {
"administratively_down_count": {
"description": "Number of tunnels with administratively down diagnostic message",
"title": "Number of tunnels with administratively message",
"type": "integer"
},
"concatenated_path_down_count": {
"description": "Number of tunnels with concatenated path down diagnostic message",
"title": "Number of tunnels with concatenated message",
"type": "integer"
},
"control_detection_time_expired_count": {
"description": "Number of tunnels with control detection time expired diagnostic message",
"title": "Number of tunnels with expired message",
"type": "integer"
},
"echo_function_failed_count": {
"description": "Number of tunnels with echo function failed diagnostic message",
"title": "Number of tunnels with failed message",
"type": "integer"
},
"forwarding_plane_reset_count": {
"description": "Number of tunnels with forwarding plane reset diagnostic message",
"title": "Number of tunnels with reset message",
"type": "integer"
},
"neighbor_signaled_session_down_count": {
"title": "Number of tunnels neighbor signaled session down",
"type": "integer"
},
"no_diagnostic_count": {
"title": "Number of tunnels with no diagnostic",
"type": "integer"
},
"path_down_count": {
"description": "Number of tunnels with path down diagnostic message",
"title": "Number of tunnels with path down message",
"type": "integer"
},
"reverse_concatenated_path_down_count": {
"description": "Number of tunnels with reverse concatenated path down diagnostic message",
"title": "Number of tunnels with reverse message",
"type": "integer"
}
},
"type": "object"
}
BFDProperties (type)
{
"additionalProperties": false,
"id": "BFDProperties",
"module_id": "Tunnel",
"properties": {
"active": {
"readonly": true,
"required": false,
"title": "True if tunnel is active in a gateway HA setup",
"type": "boolean"
},
"bfd_encap": {
"description": "The encapsulation type of BFD. GENEVE - BFD with GENEVE encapsulation NONE - BFD with no encapsulation UNKNOWN_ENCAP - BFD with unknown encapsulation",
"enum": [
"GENEVE",
"NONE",
"UNKNOWN_ENCAP"
],
"title": "BFD encapsulation type",
"type": "string"
},
"diagnostic": {
"description": "A short message indicating what the BFD session thinks is wrong in case of a problem",
"readonly": true,
"required": false,
"title": "Diagnostic message of a problem",
"type": "string"
},
"forwarding": {
"readonly": true,
"required": false,
"title": "True if the BFD session believes this interface may be used to forward traffic",
"type": "boolean"
},
"remote_diagnostic": {
"description": "A short message indicating what the remote interface's BFD session thinks is wrong in case of a problem",
"readonly": true,
"required": false,
"title": "Diagnostic message of a problem",
"type": "string"
},
"remote_state": {
"enum": [
"UNKNOWN_STATE",
"ADMIN_DOWN",
"DOWN",
"INIT",
"UP"
],
"readonly": true,
"required": false,
"title": "State of the remote interface's BFD session",
"type": "string"
},
"state": {
"enum": [
"UNKNOWN_STATE",
"ADMIN_DOWN",
"DOWN",
"INIT",
"UP"
],
"readonly": true,
"required": false,
"title": "State of the BFD session",
"type": "string"
}
},
"title": "BFD information",
"type": "object"
}
BFDStatusCount (type)
{
"additionalProperties": false,
"id": "BFDStatusCount",
"module_id": "Heatmap",
"properties": {
"bfd_admin_down_count": {
"title": "Number of tunnels in BFD admin down state",
"type": "int"
},
"bfd_down_count": {
"title": "Number of tunnels in BFD down state",
"type": "int"
},
"bfd_init_count": {
"title": "Number of tunnels in BFD init state",
"type": "int"
},
"bfd_up_count": {
"title": "Number of tunnels in BFD up state",
"type": "int"
}
},
"type": "object"
}
BGPCommunityList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "BGPCommunityList",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"communities": {
"description": "Array of BGP communities",
"items": {
"type": "string"
},
"required": true,
"title": "BGP community list",
"type": "array"
},
"community_type": {
"default": "NormalBGPCommunity",
"description": "BGP community type. It has two types as NormalBGPCommunity BGP normal community which includes well-known community name as well as community value in range from [1-4294967295] or value in aa:nn format(aa/nn range from 1-65535). LargeBGPCommunity BGP large community which includes community value in aa:bb:nn format where aa, bb, nn are unsigned integers in the range [1-4294967295].",
"enum": [
"NormalBGPCommunity",
"LargeBGPCommunity"
],
"title": "BGP community type",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BGPCommunityListListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "BGPCommunityListListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paginated list of bgp community lists",
"items": {
"$ref": "BGPCommunityList"
},
"required": false,
"title": "List of bgp communities",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BMCClusterInfo (type)
{
"additionalProperties": false,
"description": "BMC cluster status info.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BMCClusterInfo",
"module_id": "PolicyBMCMonitoring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"detail": {
"description": "The detailed description of BM control cluster node status, indicating why not healthy.",
"title": "BMC status description",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "BMCStatus",
"readonly": true,
"title": "The status of BM control cluster node."
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"description": "The update timestamp of BM control cluster node status, and time unit is millisecond.",
"title": "Update timestamp"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "The version of BM control cluster node.",
"title": "BMC version",
"type": "string"
}
},
"title": "BMC cluster info",
"type": "object"
}
BMCClusterListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "BMCClusterListRequestParameters",
"module_id": "PolicyBMCMonitoring",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "BMC cluster list request parameters",
"type": "object"
}
BMCClusterListResult (type)
{
"additionalProperties": false,
"description": "Paged list of BMC Cluster list.",
"extends": {
"$ref": "ListResult"
},
"id": "BMCClusterListResult",
"module_id": "PolicyBMCMonitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BMCClusterInfo"
},
"required": true,
"title": "BMC cluster list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "BMC Cluster list",
"type": "object"
}
BMCStatus (type)
{
"additionalProperties": false,
"description": "BM cluster status enum. If lose connection, status will be UNKNOWN",
"enum": [
"HEALTHY",
"DEGRADED",
"FAILED",
"UNKNOWN"
],
"id": "BMCStatus",
"module_id": "PolicyBMCMonitoring",
"title": "BMC status",
"type": "string"
}
BackupConfiguration (type)
{
"additionalProperties": false,
"id": "BackupConfiguration",
"module_id": "BackupConfiguration",
"properties": {
"after_inventory_update_interval": {
"maximum": 86400,
"minimum": 300,
"required": false,
"title": "A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups.",
"type": "integer"
},
"backup_enabled": {
"default": false,
"title": "true if automated backup is enabled",
"type": "boolean"
},
"backup_schedule": {
"$ref": "BackupSchedule",
"title": "Set when backups should be taken - on a weekly schedule or at regular intervals."
},
"inventory_summary_interval": {
"default": 240,
"maximum": 3600,
"minimum": 30,
"title": "The minimum number of seconds between each upload of the inventory summary to backup server.",
"type": "integer"
},
"passphrase": {
"description": "Passphrase used to encrypt backup files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (any other non-space character).",
"sensitive": true,
"title": "Passphrase used to encrypt backup files.",
"type": "secure_string"
},
"remote_file_server": {
"$ref": "RemoteFileServer",
"required": false,
"title": "The server to which backups will be sent."
}
},
"title": "Configuration for taking manual/automated backup",
"type": "object"
}
BackupFrameRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameters (site_id, etc), that describes a backup/restore frame",
"id": "BackupFrameRequestParameters",
"module_id": "BackupConfiguration",
"properties": {
"frame_type": {
"default": "LOCAL_LOCAL_MANAGER",
"description": "This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site.",
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"readonly": true,
"required": false,
"title": "Frame type",
"type": "string"
},
"site_id": {
"default": "localhost",
"description": "Site ID of LM site, which will be supported in a frame",
"required": false,
"title": "Site ID",
"type": "string"
}
},
"title": "Backup Frame Request Parameters",
"type": "object"
}
BackupOperationHistory (type)
{
"additionalProperties": false,
"id": "BackupOperationHistory",
"module_id": "BackupConfiguration",
"properties": {
"cluster_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus"
},
"required": false,
"title": "Statuses of previous cluster backups",
"type": "array"
},
"inventory_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus"
},
"required": false,
"title": "Statuses of previous inventory backups",
"type": "array"
},
"node_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus"
},
"required": false,
"title": "Statuses of previous node backups",
"type": "array"
},
"overall_backup_status": {
"description": "This attribute is used to indicate the overall backup status",
"enum": [
"NOT_AVAILABLE",
"IN_PROGRESS",
"SUCCESS",
"FAILED"
],
"required": false,
"title": "Overall status of last backup",
"type": "string"
}
},
"title": "Past backup operation details",
"type": "object"
}
BackupOperationStatus (type)
{
"additionalProperties": false,
"id": "BackupOperationStatus",
"module_id": "BackupConfiguration",
"properties": {
"backup_id": {
"required": true,
"title": "Unique identifier of a backup",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp",
"required": false,
"title": "Time when operation was ended"
},
"error_code": {
"enum": [
"BACKUP_NOT_RUN_ON_MASTER",
"BACKUP_SERVER_UNREACHABLE",
"BACKUP_AUTHENTICATION_FAILURE",
"BACKUP_PERMISSION_ERROR",
"BACKUP_TIMEOUT",
"BACKUP_BAD_FINGERPRINT",
"BACKUP_GENERIC_ERROR",
"UPGRADE_IN_PROGRESS",
"CERTIFICATE_ROTATION_IN_PROGRESS"
],
"required": false,
"title": "Error code",
"type": "string"
},
"error_message": {
"required": false,
"title": "Error code details",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"required": false,
"title": "Time when operation was started"
},
"success": {
"required": true,
"title": "True if backup is successfully completed, else false",
"type": "boolean"
}
},
"readOnly": true,
"title": "Backup operation status",
"type": "object"
}
BackupOverview (type)
{
"description": "Data for a single backup/restore card",
"extends": {
"$ref": "ClusterBackupInfoListResult"
},
"id": "BackupOverview",
"module_id": "BackupConfiguration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"backup_config": {
"$ref": "BackupConfiguration",
"description": "Configuration to generate a manual/automated backup",
"required": true,
"title": "Backup configuration"
},
"backup_operation_history": {
"$ref": "BackupOperationHistory",
"description": "Status of the last backup execution per component",
"required": true,
"title": "Last backup status"
},
"current_backup_operation_status": {
"$ref": "CurrentBackupOperationStatus",
"description": "Backup status decribes type, phase, success/failure and time of a | latest backup execution",
"required": true,
"title": "Current backup status"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"restore_status": {
"$ref": "ClusterRestoreStatus",
"description": "Status of restore process executing/executed on appliance",
"required": true,
"title": "Current restore status"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterBackupInfo"
},
"readonly": true,
"required": true,
"title": "List of timestamps of backed-up cluster files",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Backup overview",
"type": "object"
}
BackupOverviewRequestParameters (type)
{
"description": "Parameters, that REST API client needs to provide, in order to get data for a backup/restore card with or without a list of generated backups.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "BackupOverviewRequestParameters",
"module_id": "BackupConfiguration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"frame_type": {
"default": "LOCAL_LOCAL_MANAGER",
"description": "This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site.",
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"readonly": true,
"required": false,
"title": "Frame type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"show_backups_list": {
"default": true,
"description": "True to request a list of backups",
"required": false,
"title": "Need a list of backups",
"type": "boolean"
},
"site_id": {
"default": "localhost",
"description": "UUID of LM site, which will be supported in a frame",
"required": false,
"title": "UUID of the site",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Backup overview request parameters",
"type": "object"
}
BackupSchedule (type)
{
"abstract": true,
"id": "BackupSchedule",
"module_id": "BackupConfiguration",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"WeeklyBackupSchedule",
"IntervalBackupSchedule"
],
"required": true,
"title": "Schedule type",
"type": "string"
}
},
"title": "Abstract base type for Weekly or Interval Backup Schedule",
"type": "object"
}
BackupUiFramesInfo (type)
{
"id": "BackupUiFramesInfo",
"properties": {
"active_gm": {
"enum": [
"ACTIVE",
"STANDBY",
"NONE",
"INVALID"
],
"readonly": true,
"required": false,
"title": "Does site have active GM",
"type": "string"
},
"api_endpoint": {
"enum": [
"global-manager",
"nsxapi",
"ica"
],
"readonly": true,
"required": true,
"title": "prefix to be used for api call",
"type": "string"
},
"frame_type": {
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"help_detail": "This attribute is used to indicate the service on current\nsite or other site for which backup is handled.\nLOCAL_LOCAL_MANAGER corresponds to local LM of the site.\nLOCAL_MANAGER cprresponds to LM of other site.\n",
"readonly": true,
"required": true,
"title": "Type of service, for which backup is handled",
"type": "string"
},
"site_id": {
"readonly": true,
"required": true,
"title": "Id of the site",
"type": "string"
},
"site_version": {
"readonly": true,
"required": true,
"title": "Version of the site",
"type": "string"
}
},
"type": "object"
}
BackupUiFramesInfoList (type)
{
"id": "BackupUiFramesInfoList",
"properties": {
"backup_frames_list": {
"items": {
"$ref": "BackupUiFramesInfo"
},
"readonly": true,
"required": true,
"title": "List of backup frames(and metadata) to be displayed in UI",
"type": "array"
}
},
"type": "object"
}
BareMetalServer (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource"
},
"id": "BareMetalServer",
"module_id": "BareMetalServerInventory",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cpu_cores": {
"description": "Number of CPU cores of the bare metal server in the NSX.",
"required": false,
"title": "CPU cores",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External id to identify the bare metal server in the NSX.",
"required": true,
"title": "External id",
"type": "string"
},
"os_info": {
"$ref": "OsInfo",
"description": "OS information of the bare metal server in the NSX.",
"required": false,
"title": "OS information"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"source_id": {
"description": "Identifier of the source from where the bare metal server is discovered, bare metal controller in this case.",
"required": false,
"title": "Source id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BareMetalServerGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing BMS external ID and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "BareMetalServerGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"bms_external_id": {
"required": true,
"title": "BMS external ID",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing BMS external ID and enforcement point path",
"type": "object"
}
BareMetalServerInterface (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource"
},
"id": "BareMetalServerInterface",
"module_id": "BareMetalServerInventory",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"bms_external_id": {
"description": "External ID of the bare metal server to which this interface belongs.",
"required": false,
"title": "BMS External ID",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External id to identify the bare metal server interface in the NSX.",
"required": true,
"title": "External id",
"type": "string"
},
"ip_addresses": {
"description": "IP Addresses of the bare metal server interface",
"items": {
"type": "string"
},
"required": false,
"title": "IP address",
"type": "array"
},
"is_mgmt_interface": {
"description": "It is a boolean flag which indicates whether the interface is management interface or not If set to true, indicates the given interface is management interface If set to false, indicates the given interface is not management interface.",
"required": false,
"title": "Flag for management interface",
"type": "boolean"
},
"mac_address": {
"description": "MAC address of the bare metal server interface.",
"required": false,
"title": "MAC address",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"source_id": {
"description": "Id of the bare metal controller (BMC) which is discovering Bare Metal Server.",
"required": false,
"title": "Source id",
"type": "string"
},
"state": {
"description": "State of the the bare metal server interface.",
"enum": [
"INVALID",
"UNKNOWN",
"UP",
"DOWN"
],
"required": false,
"title": "State",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BareMetalServerInterfaceGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing BMSI external ID and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "BareMetalServerInterfaceGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"bmsi_external_id": {
"required": true,
"title": "BMSI external ID",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing BMSI external ID and enforcement point path",
"type": "object"
}
BareMetalServerInterfaceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "BareMetalServerInterfaceListRequestParameters",
"module_id": "BareMetalServerInventory",
"properties": {
"bms_external_id": {
"description": "Optional, valid external id of the bare metal server for which interfaces are to be retrieved specified to filter bare metal server interface.",
"required": false,
"title": "Bms external id",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"description": "Optional, valid display name of bare metal server interface as request parameter specified to filter bare metal server interface.",
"required": false,
"title": "Interface name",
"type": "string"
},
"external_id": {
"description": "Optional, valid external id of bare metal server interface as request parameter specified to filter bare metal server interface.",
"required": false,
"title": "External Id",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source_id": {
"description": "Optional, valid id of the bare metal controller as request parameter specified to filter bare metal server interface.",
"required": false,
"title": "Source id",
"type": "string"
}
},
"title": "Bare metal server interface list request parameters.",
"type": "object"
}
BareMetalServerInterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "BareMetalServerInterfaceListResult",
"module_id": "BareMetalServerInventory",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BareMetalServerInterface"
},
"required": true,
"title": "bare metal interfaces details",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BareMetalServerInterfaceTagList (type)
{
"additionalProperties": false,
"id": "BareMetalServerInterfaceTagList",
"module_id": "BareMetalServerTag",
"properties": {
"bms_interface_external_id": {
"required": true,
"title": "External id of the bare metal server interface to which tags are to be applied",
"type": "string"
},
"tags": {
"help_detail": "The list includes user defined tags.",
"items": {
"$ref": "Tag"
},
"required": true,
"title": "List of tags to be applied to the bare metal server Interface",
"type": "array"
}
},
"type": "object"
}
BareMetalServerListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "BareMetalServerListRequestParameters",
"module_id": "BareMetalServerInventory",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"description": "Optional, valid display name of bare metal server specified as request parameter to filter bare metal server.",
"required": false,
"title": "Display name",
"type": "string"
},
"external_id": {
"description": "Optional, valid external id of bare metal server specified as request parameter to filter bare metal server.",
"required": false,
"title": "External id",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source_id": {
"description": "Optional, valid id of the bare metal controller discovering bare metal server specified as request parameter to filter bare metal server.",
"required": false,
"title": "Source id",
"type": "string"
}
},
"title": "Bare metal server list request parameters",
"type": "object"
}
BareMetalServerListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "BareMetalServerListResult",
"module_id": "BareMetalServerInventory",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BareMetalServer"
},
"required": true,
"title": "Bare metal server details",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BareMetalServerTagList (type)
{
"additionalProperties": false,
"id": "BareMetalServerTagList",
"module_id": "BareMetalServerTag",
"properties": {
"bms_external_id": {
"description": "External id of the bare metal server to which tags are to be applied.",
"required": true,
"title": "External id",
"type": "string"
},
"tags": {
"description": "List of tags to be applied to the bare metal server.",
"help_detail": "The list includes user defined tags.",
"items": {
"$ref": "Tag"
},
"required": true,
"title": "Tags",
"type": "array"
}
},
"type": "object"
}
BaseConsolidatedStatusPerEnforcementPoint (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Consolidated Realized Status Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP"
},
"id": "BaseConsolidatedStatusPerEnforcementPoint",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm",
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus",
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "Base class for ConsolidatedStatusPerEnforcementPoint",
"type": "object"
}
BaseCountObservation (type)
{
"description": "The count action results from aggregating checkpoints per port.",
"extends": {
"$ref": "CountObservation"
},
"id": "BaseCountObservation",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "BaseCountObservation"
},
"properties": {
"checkpoints": {
"$ref": "CheckpointCounterResult",
"description": "The count result from checkpoints associated with this port",
"readonly": true,
"required": false,
"title": "Count result from checkpoints associated with this port"
},
"port_id": {
"description": "The port identifier in UUID format. This field won't appear together with port_name.",
"readonly": true,
"required": false,
"title": "Port ID",
"type": "string"
},
"port_name": {
"description": "The port name for a port. It applies to ports like the uplink port. This field won't appear together with port_id.",
"readonly": true,
"required": false,
"title": "Port Name",
"type": "string"
},
"resource_type": {
"required": true,
"title": "Type of count observation",
"type": "string"
},
"transport_node_id": {
"description": "This field tells which transport node the checkpoints are reported from.",
"readonly": true,
"required": false,
"title": "Transport node ID",
"type": "string"
}
},
"type": "object"
}
BaseEdgeStatisticsRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseListRequestParameters"
},
"id": "BaseEdgeStatisticsRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"host_transport_node_path": {
"description": "Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager.",
"title": "Policy path of host transport node",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
BaseEndpoint (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an endpoint which will be used as subject in rule. It is a polymorphic type object which can be either of the types - 1. Virtual 2. Logical We have 2 separate objects representing these 2 types. VirtualEndPoint for Virtual type and ServiceInstanceEndpoint for Logical.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BaseEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"VirtualEndpoint",
"ServiceInstanceEndpoint"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "IPs where either inbound or outbound traffic is to be redirected.",
"items": {
"$ref": "IPInfo"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP addresses to redirect the traffic to",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An endpoint to be used in redirection rule",
"type": "object"
}
BaseFirewallProfile (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "BaseFirewallProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BaseHostSwitchProfile (type) (Deprecated)
{
"abstract": true,
"deprecated": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "BaseHostSwitchProfile",
"module_id": "BaseHostSwitchProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "HostSwitchProfileType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BaseInterfaceGroup (type)
{
"additionalProperties": false,
"description": "Tier0/Tier1 Interface group for interface grouping.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BaseInterfaceGroup",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"members": {
"description": "List of interface reference. Interface must belong to same location.",
"items": {
"$ref": "GatewayInterfaceReference"
},
"required": false,
"title": "Tier0/Tier1 interface memeber list",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base gateway Interface group",
"type": "object"
}
BaseListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "BaseListRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
BaseNodeAggregateInfo (type)
{
"additionalProperties": false,
"id": "BaseNodeAggregateInfo",
"module_id": "ClusterManagement",
"properties": {
"display_name": {
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"readonly": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"node_interface_properties": {
"items": {
"$ref": "NodeInterfaceProperties"
},
"readonly": true,
"title": "Array of Node interface statistic properties",
"type": "array"
},
"node_interface_statistics": {
"items": {
"$ref": "NodeInterfaceStatisticsProperties"
},
"readonly": true,
"title": "Array of Node network interface statistic properties",
"type": "array"
},
"node_status": {
"$ref": "ClusterNodeStatus",
"readonly": true
},
"node_status_properties": {
"items": {
"$ref": "NodeStatusProperties"
},
"title": "Time series of the node's system properties",
"type": "array"
}
},
"type": "object"
}
BasePktCapResource (type)
{
"abstract": true,
"id": "BasePktCapResource",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"required": true,
"title": "Type of packet capture resource",
"type": "string"
}
},
"type": "object"
}
BasePolicyServiceInstance (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an instance of partner Service and its configuration.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BasePolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service in the Marketplace",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"default": "L2_BRIDGE",
"description": "Transport to be used while deploying Service-VM.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED"
],
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents an instance of partner Service and its configuration",
"type": "object"
}
BaseRule (type)
{
"additionalProperties": false,
"description": "A rule indicates the action to be performed for various types of traffic flowing between workload groups.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BaseRule",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"Rule"
],
"relationshipType": "COMMUNICATION_ENTRY_L7_ACCESS_PROFILE_RELATIONSHIP",
"rightType": [
"L7AccessProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group",
"Segment"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry"
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule represent base properties for ,dfw, forwarding, redirection rule",
"type": "object"
}
BaseRuleListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "BaseRuleListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Rules",
"type": "object"
}
BaseServiceInstance (type)
{
"abstract": true,
"description": "The deployment of a registered service. service instance is instantiation of service.",
"extends": {
"$ref": "ManagedResource"
},
"id": "BaseServiceInstance",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"on_failure_policy": {
"description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.",
"enum": [
"ALLOW",
"BLOCK"
],
"required": false,
"title": "On Failure Policy",
"type": "string"
},
"resource_type": {
"$ref": "ServiceInstanceResourceType",
"required": true
},
"service_id": {
"description": "The Service to which the service instance is associated.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED",
"NSH",
"NA",
"L3_ROUTED_V6"
],
"readonly": false,
"required": true,
"title": "Transport Type",
"type": "string"
}
},
"title": "Base Instance of a service",
"type": "object"
}
BaseServiceProfile (type)
{
"description": "Base Service Profile",
"extends": {
"$ref": "ManagedResource"
},
"id": "BaseServiceProfile",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Service Profile type, for example 'GiServiceProfile', 'ServiceInsertionServiceProfile'",
"required": true,
"title": "Service Profile Resource type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base Service Profile",
"type": "object"
}
BaseSwitchingProfile (type) (Deprecated)
{
"abstract": true,
"deprecated": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "BaseSwitchingProfile",
"module_id": "BaseSwitchingProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BaseTier0Interface (type)
{
"additionalProperties": false,
"description": "Tier-0 interface configuration for external connectivity.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BaseTier0Interface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet"
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-0 interface configuration",
"type": "object"
}
BasicAuthenticationScheme (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AuthenticationScheme"
},
"id": "BasicAuthenticationScheme",
"properties": {
"password": {
"required": true,
"sensitive": true,
"title": "Password to authenticate with",
"type": "string"
},
"scheme_name": {
"enum": [
"basic"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"pattern": "^.+$",
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"type": "object"
}
BatchParameter (type)
{
"id": "BatchParameter",
"module_id": "Common",
"properties": {
"atomic": {
"default": false,
"description": "This flag is ignored. Transactional atomicity is no longer supported.",
"required": false,
"title": "Ignored (transactional atomicity flag)",
"type": "boolean"
}
},
"title": "Options that affect how batch operations are processed",
"type": "object"
}
BatchRequest (type)
{
"id": "BatchRequest",
"module_id": "Common",
"properties": {
"continue_on_error": {
"default": true,
"description": "Continue even if an error is encountered.",
"required": false,
"type": "boolean"
},
"requests": {
"items": {
"$ref": "BatchRequestItem"
},
"sensitive": true,
"type": "array"
}
},
"title": "A set of operations to be performed in a single batch",
"type": "object"
}
BatchRequestItem (type)
{
"id": "BatchRequestItem",
"module_id": "Common",
"properties": {
"body": {
"type": "object"
},
"method": {
"description": "http method type",
"enum": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
],
"required": true,
"title": "method type(POST/PUT/DELETE/UPDATE)",
"type": "string"
},
"uri": {
"description": "relative uri (path and args), of the call including resource id (if this is a POST/DELETE), exclude hostname and port and prefix, exploded form of parameters",
"required": true,
"title": "Internal uri of the call",
"type": "string"
}
},
"title": "A single request within a batch of operations",
"type": "object"
}
BatchResponse (type)
{
"additionalProperties": false,
"id": "BatchResponse",
"module_id": "Common",
"properties": {
"has_errors": {
"description": "Indicates if any of the APIs failed",
"title": "errors indicator",
"type": "boolean"
},
"results": {
"items": {
"$ref": "BatchResponseItem"
},
"required": true,
"title": "Bulk list results",
"type": "array"
},
"rolled_back": {
"description": "Optional flag indicating that all items were rolled back even if succeeded initially",
"title": "indicates if all items were rolled back.",
"type": "boolean"
}
},
"title": "The reponse to a batch operation",
"type": "object"
}
BatchResponseItem (type)
{
"id": "BatchResponseItem",
"module_id": "Common",
"properties": {
"body": {
"description": "object returned by api",
"required": false,
"title": "object returned by api",
"type": "object"
},
"code": {
"description": "http status code",
"required": true,
"title": "object returned by api",
"type": "integer"
},
"headers": {
"description": "The headers returned by the API call",
"title": "object returned by api",
"type": "object"
}
},
"title": "A single respose in a list of batched responses",
"type": "object"
}
BfdConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "BfdConfig",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"declare_dead_multiple": {
"default": 3,
"maximum": 16,
"minimum": 2,
"required": false,
"title": "Number of times a packet is missed before BFD declares the neighbor down.",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"required": false,
"title": "Flag to enable BFD for this LogicalRouter",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"receive_interval": {
"default": 500,
"description": "the time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.",
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "Receive interval for heartbeats",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transmit_interval": {
"default": 500,
"description": "the time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.",
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "Transmit interval for heartbeats",
"type": "integer"
}
},
"title": "BFD configuration for LogicalRouter",
"type": "object"
}
BfdConfigParameters (type)
{
"id": "BfdConfigParameters",
"module_id": "Routing",
"properties": {
"declare_dead_multiple": {
"default": 3,
"maximum": 16,
"minimum": 2,
"required": false,
"title": "Number of times a packet is missed before BFD declares the neighbor down.",
"type": "integer"
},
"receive_interval": {
"default": 500,
"description": "The time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.| For edge cluster type of bare metal, this value should be >= 50ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 500ms.",
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "Receive interval for heartbeats",
"type": "integer"
},
"transmit_interval": {
"default": 500,
"description": "The time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.| For edge cluster type of bare metal, this value should be >= 300ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 1000ms.",
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "Transmit interval for heartbeats",
"type": "integer"
}
},
"title": "BFD configuration for the given Peer.",
"type": "object"
}
BfdHealthMonitoringConfig (type)
{
"description": "Bfd Health Monitoring Options used specific to BFD Transport Zone profiles",
"id": "BfdHealthMonitoringConfig",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"enabled": {
"required": true,
"title": "Whether the heartbeat is enabled. A PATCH or PUT request with \"enabled\" false (with no probe intervals) will set or reset the probe_interval to their default value.",
"type": "boolean"
},
"latency_enabled": {
"description": "The flag is to turn on/off latency. A PATCH or PUT request with \"latency_enabled\" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI.",
"required": false,
"title": "Whether the latency is enabled.",
"type": "boolean"
},
"probe_interval": {
"default": 1000,
"minimum": 300,
"required": false,
"title": "The time interval (in millisec) between probe packets for tunnels between transport nodes.",
"type": "integer"
}
},
"title": "Bfd Health Monitoring Options",
"type": "object"
}
BfdHealthMonitoringProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "TransportZoneProfile"
},
"id": "BfdHealthMonitoringProfile",
"module_id": "BfdHealthMonitoringProfile",
"polymorphic-type-descriptor": {
"type-identifier": "BfdHealthMonitoringProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"required": true,
"title": "Whether the heartbeat is enabled. A POST or PUT request with \"enabled\" false (with no probe intervals) will set (POST) or reset (PUT) the probe_interval to their default value.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"latency_enabled": {
"description": "The flag is to turn on/off latency. A POST or PUT request with \"latency_enabled\" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI.",
"required": false,
"title": "Whether the latency is enabled.",
"type": "boolean"
},
"probe_interval": {
"default": 1000,
"minimum": 300,
"required": false,
"title": "The time interval (in millisec) between probe packets for tunnels between transport nodes.",
"type": "integer"
},
"resource_type": {
"enum": [
"BfdHealthMonitoringProfile"
],
"help_summary": "Possible value is 'BfdHealthMonitoringProfile'",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for BFD health monitoring",
"type": "object"
}
BfdProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BfdProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 500,
"description": "Time interval between heartbeat packets in milliseconds.",
"maximum": 60000,
"minimum": 50,
"title": "Time interval between heartbeat packets in milliseconds",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"multiple": {
"default": 3,
"description": "Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down.",
"maximum": 16,
"minimum": 2,
"title": "Declare dead multiple",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Bidirectional Forwarding Detection configuration for BGP peers",
"type": "object"
}
BfdProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of BfdProfile.",
"extends": {
"$ref": "ListResult"
},
"id": "BfdProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Bfd Profile list results.",
"items": {
"$ref": "BfdProfile"
},
"required": true,
"title": "Bfd Profile List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of BfdProfile",
"type": "object"
}
BgpAddressFamily (type)
{
"additionalProperties": false,
"id": "BgpAddressFamily",
"module_id": "AggSvcLogicalRouter",
"properties": {
"in_prefix_count": {
"description": "Count of in prefixes",
"readonly": true,
"required": false,
"title": "Count of in prefixes",
"type": "integer"
},
"out_prefix_count": {
"description": "Count of out prefixes",
"readonly": true,
"required": false,
"title": "Count of out prefixes",
"type": "integer"
},
"type": {
"description": "BGP address family type",
"enum": [
"IPV4_UNICAST",
"VPNV4_UNICAST",
"IPV6_UNICAST",
"L2VPN_EVPN",
"VPNV6_UNICAST"
],
"readonly": true,
"required": true,
"title": "BGP address family type",
"type": "string"
}
},
"type": "object"
}
BgpBfdConfig (type)
{
"additionalProperties": false,
"id": "BgpBfdConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enabled": {
"default": false,
"description": "Flag to enable BFD cofiguration.",
"title": "Flag to enable BFD cofiguration",
"type": "boolean"
},
"interval": {
"default": 500,
"description": "Time interval between heartbeat packets in milliseconds.",
"maximum": 60000,
"minimum": 50,
"title": "Time interval between heartbeat packets in milliseconds",
"type": "int"
},
"multiple": {
"default": 3,
"description": "Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down.",
"maximum": 16,
"minimum": 2,
"title": "Declare dead multiple",
"type": "int"
}
},
"title": "BFD configuration for BGP peers",
"type": "object"
}
BgpConfig (type)
{
"additionalProperties": false,
"description": "BGP configuration for Tier0 logical router. We create BGP configuration while creation of Tier0 logical router.",
"extends": {
"$ref": "ManagedResource"
},
"id": "BgpConfig",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"as_num": {
"description": "For VRF logical router, the as_num from parent logical router will be effective.",
"required": false,
"title": "4 Byte ASN in ASPLAIN/ASDOT Format",
"type": "string"
},
"as_number": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'as_num' instead. For VRF logical router, the as_number from parent logical router will be effective.",
"maximum": 4294967296,
"minimum": 1,
"required": false,
"title": "Autonomous System Number",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ecmp": {
"default": true,
"description": "While creation of BGP config this flag will be set to true User can change this value while updating BGP config. If this property is not specified in the payload, the default value will be considered as true.",
"required": false,
"title": "Flag to enable outbound ECMP",
"type": "boolean"
},
"enabled": {
"default": false,
"description": "While creation of BGP config this flag will be set to - true for Tier0 logical router with Active-Active high-availability mode - false for Tier0 logical router with Active-Standby high-availanility mode. User can change this value while updating the config. If this property is not specified in the payload, the default value will be considered as false irrespective of the high-availability mode.",
"required": false,
"title": "Flag to enable this configuration",
"type": "boolean"
},
"graceful_restart": {
"deprecated": true,
"description": "Flag to enable graceful restart. This field is deprecated, kindly use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other [i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER] then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown. For VRF logical router, the settings from parent logical router will be effective.",
"required": false,
"title": "Flag to enable graceful restart",
"type": "boolean"
},
"graceful_restart_config": {
"$ref": "GracefulRestartConfig",
"description": "Configuration parameters for BGP Graceful Restart functionality. It has graceful_restart_mode and graceful_restart_timer parameters. For VRF logical router, the settings from parent logical router will be effective.",
"required": false,
"title": "BGP Graceful Restart configuration"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inter_sr_ibgp": {
"$ref": "InterSRRoutingConfig",
"required": false,
"title": "Inter SR IBGP configuration"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"multipath_relax": {
"description": "For TIER0 logical router, default is true. For VRF logical router, the settings from parent logical router will be effective.",
"required": false,
"title": "Flag to enable BGP multipath relax option.",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_aggregation": {
"items": {
"$ref": "BgpRouteAggregation"
},
"maxItems": 1000,
"minItems": 0,
"required": false,
"title": "List of routes to be aggregated",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "BGP configuration for logical router",
"type": "object"
}
BgpGracefulRestartConfig (type)
{
"additionalProperties": false,
"description": "Configuration field to hold BGP restart mode and timer.",
"id": "BgpGracefulRestartConfig",
"module_id": "PolicyConnectivity",
"properties": {
"mode": {
"default": "HELPER_ONLY",
"description": "If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers.",
"enum": [
"DISABLE",
"GR_AND_HELPER",
"HELPER_ONLY"
],
"required": false,
"title": "BGP Graceful Restart Configuration Mode",
"type": "string"
},
"timer": {
"$ref": "BgpGracefulRestartTimer",
"description": "Configuration field to hold BGP restart timers.",
"title": "BGP Graceful Restart Timer"
}
},
"title": "BGP Graceful Restart Configuration",
"type": "object"
}
BgpGracefulRestartTimer (type)
{
"additionalProperties": false,
"description": "Configuration field to hold BGP restart timers",
"id": "BgpGracefulRestartTimer",
"module_id": "PolicyConnectivity",
"properties": {
"restart_timer": {
"default": 180,
"description": "Maximum time taken (in seconds) for a BGP session to be established after a restart. This can be used to speed up routing convergence by its peer in case the BGP speaker does not come back up after a restart. If the session is not re-established within this timer, the receiving speaker will delete all the stale routes from that peer.",
"maximum": 3600,
"minimum": 1,
"title": "BGP Graceful Restart Timer",
"type": "integer"
},
"stale_route_timer": {
"default": 600,
"description": "Maximum time (in seconds) before stale routes are removed from the RIB (Routing Information Base) when BGP restarts.",
"maximum": 3600,
"minimum": 1,
"title": "BGP Stale Route Timer",
"type": "integer"
}
},
"title": "BGP Graceful Restart Timers",
"type": "object"
}
BgpNeighbor (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "BgpNeighbor",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_families": {
"description": "User can enable the neighbor for the specific address families and also define filters per address family. When the neighbor is created, it is default enabled for IPV4_UNICAST address family for backward compatibility reasons. User can change that if required, by defining the address family configuration.",
"items": {
"$ref": "BgpNeighborAddressFamily"
},
"required": false,
"title": "AddressFamily settings for the neighbor",
"type": "array"
},
"allow_as_in": {
"default": false,
"required": false,
"title": "Flag to enable allowas_in option for BGP neighbor",
"type": "boolean"
},
"bfd_config": {
"$ref": "BfdConfigParameters",
"description": "By specifying these paramaters BFD config for this given peer can be overriden | (the globally configured values will not apply for this peer)",
"required": false,
"title": "BFD Configuration Parameters for the given peer."
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_bfd": {
"default": false,
"description": "Flag to enable BFD for this BGP Neighbor. Enable this if the neighbor supports BFD as this will lead to faster convergence.",
"required": false,
"title": "Enable BFD for this BGP Neighbor",
"type": "boolean"
},
"enabled": {
"default": true,
"required": false,
"title": "Flag to enable this BGP Neighbor",
"type": "boolean"
},
"filter_in_ipprefixlist_id": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'address_family' instead.",
"required": false,
"title": "IPPrefix List to be used for IN direction filter for IPV4_UNICAST address family",
"type": "string"
},
"filter_in_routemap_id": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'address_family' instead.",
"required": false,
"title": "RouteMap to be used for IN direction filter for IPV4_UNICAST address family",
"type": "string"
},
"filter_out_ipprefixlist_id": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'address_family' instead.",
"required": false,
"title": "IPPrefixList to be used for OUT direction filter for IPV4_UNICAST address family",
"type": "string"
},
"filter_out_routemap_id": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'address_family' instead.",
"required": false,
"title": "RouteMap to be used for OUT direction filter for IPV4_UNICAST address family",
"type": "string"
},
"graceful_restart_mode": {
"$ref": "GracefulRestartMode",
"description": "BGP Graceful Restart mode. If specified, then it will take precedence over global Graceful Restart mode configured in logical router BgpConfig otherwise BgpConfig level Graceful Restart mode will be applicable for peer.",
"required": false,
"title": "Graceful Restart Mode"
},
"hold_down_timer": {
"default": 180,
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Wait period (seconds) before declaring peer dead",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"keep_alive_timer": {
"default": 60,
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Frequency (seconds) with which keep alive messages are sent to peers",
"type": "integer"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"maximum_hop_limit": {
"default": 1,
"description": "This value is set on TTL(time to live) of BGP header. When router receives the BGP packet, it decrements the TTL. The default value of TTL is one when BPG request is initiated.So in the case of a BGP peer multiple hops away and and value of TTL is one, then next router in the path will decrement the TTL to 0, realize it cant forward the packet and will drop it. If the hop count value to reach neighbor is equal to or less than the maximum_hop_limit value then intermediate router decrements the TTL count by one and forwards the request to BGP neighour. If the hop count value is greater than the maximum_hop_limit value then intermediate router discards the request when TTL becomes 0.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "Maximum Number of hops allowed to reach BGP neighbor",
"type": "int"
},
"neighbor_address": {
"$ref": "IPAddress",
"required": true,
"title": "Neighbor IP Address"
},
"password": {
"description": "User can create (POST) the neighbor with or without the password. The view (GET) on the neighbor, would never reveal if the password is set or not. The password can be set later using edit neighbor workFlow (PUT) On the edit neighbor (PUT), if the user does not specify the password property, the older value is retained. Maximum length of this field is 32 characters.",
"maxLength": 32,
"minLength": 1,
"required": false,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"remote_as": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'remote_as_num' instead.",
"maximum": 4294967296,
"minimum": 1,
"required": false,
"title": "Autonomous System Number of the neighbor",
"type": "integer"
},
"remote_as_num": {
"required": false,
"title": "4 Byte ASN of the neighbor in ASPLAIN/ASDOT Format",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_address": {
"$ref": "IPAddress",
"deprecated": true,
"description": "Deprecated - do not provide a value for this field. Use source_addresses instead.",
"required": false,
"title": "Logical Router Uplink IP Address"
},
"source_addresses": {
"description": "BGP neighborship will be formed from all these source addresses to this neighbour.",
"items": {
"$ref": "IPAddress"
},
"maxItems": 8,
"required": false,
"title": "Array of Logical Router Uplink IP Addresses",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BgpNeighborAddressFamily (type)
{
"id": "BgpNeighborAddressFamily",
"module_id": "Routing",
"properties": {
"enabled": {
"default": true,
"required": false,
"title": "Enable this address family",
"type": "boolean"
},
"in_filter_ipprefixlist_id": {
"required": false,
"title": "Id of the IPPrefix List to be used for IN direction filter",
"type": "string"
},
"in_filter_routemap_id": {
"required": false,
"title": "Id of the RouteMap to be used for IN direction filter",
"type": "string"
},
"maximum_routes": {
"minimum": 0,
"required": false,
"title": "Maximum number of routes supported on the address family",
"type": "integer"
},
"out_filter_ipprefixlist_id": {
"required": false,
"title": "Id of the IPPrefixList to be used for OUT direction filter",
"type": "string"
},
"out_filter_routemap_id": {
"required": false,
"title": "Id of the RouteMap to be used for OUT direction filter",
"type": "string"
},
"type": {
"$ref": "AddressFamilyType",
"required": true,
"title": "Address family type"
}
},
"type": "object"
}
BgpNeighborConfig (type)
{
"additionalProperties": false,
"description": "Contains information necessary to configure a BGP neighbor.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BgpNeighborConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_as_in": {
"default": false,
"required": false,
"title": "Flag to enable allowas_in option for BGP neighbor",
"type": "boolean"
},
"bfd": {
"$ref": "BgpBfdConfig",
"description": "BFD configuration for failure detection. BFD is enabled with default values when not configured.",
"title": "BFD configuration for failure detection"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable/disable BGP peering. Disabling will stop the BGP peering. True - indicates enable BGP peering, False - indicates disable BGP peering. Default is True.",
"required": false,
"title": "Flag to enable/disable BGP peering.",
"type": "boolean"
},
"graceful_restart_mode": {
"description": "If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers.",
"enum": [
"DISABLE",
"GR_AND_HELPER",
"HELPER_ONLY"
],
"title": "BGP Graceful Restart Configuration Mode",
"type": "string"
},
"hold_down_time": {
"default": 180,
"description": "Wait time in seconds before declaring peer dead.",
"maximum": 65535,
"minimum": 1,
"title": "Wait time in seconds before declaring peer dead",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"in_route_filters": {
"deprecated": true,
"description": "Specify path of prefix-list or route map to filter routes for IN direction. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for IN direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"keep_alive_time": {
"default": 60,
"description": "Interval (in seconds) between keep alive messages sent to peer.",
"maximum": 65535,
"minimum": 1,
"title": "Interval between keep alive messages sent to peer",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"maximum_hop_limit": {
"default": 1,
"description": "Maximum number of hops allowed to reach BGP neighbor.",
"maximum": 255,
"minimum": 1,
"title": "Maximum number of hops allowed to reach BGP neighbor",
"type": "int"
},
"neighbor_address": {
"$ref": "IPAddress",
"required": true,
"title": "Neighbor IP Address"
},
"neighbor_local_as_config": {
"$ref": "BgpNeighborLocalAsConfig",
"description": "Configuration field to hold the Local AS config for BGP Neighbor",
"required": false,
"title": "Local as configuration for BGP Neighbor"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"out_route_filters": {
"deprecated": true,
"description": "Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for OUT direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"password": {
"description": "Specify password for BGP neighbor authentication. Empty string (\"\") clears existing password.",
"maxLength": 32,
"minLength": 0,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_as_num": {
"required": true,
"title": "4 Byte ASN of the neighbor in ASPLAIN Format",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_filtering": {
"description": "Enable address families and route filtering in each direction.",
"items": {
"$ref": "BgpRouteFiltering"
},
"maxItems": 2,
"required": false,
"title": "Enable address families and route filtering in each direction",
"type": "array"
},
"source_addresses": {
"description": "Source addresses should belong to Tier0 external or loopback or VTI interface IP Addresses . BGP peering is formed from all these addresses. This property is mandatory when maximum_hop_limit is greater than 1.",
"items": {
"$ref": "IPAddress"
},
"maxItems": 8,
"required": false,
"title": "Source IP Addresses for BGP peering",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_SOURCE_ADDRESS_TIER0_INTERFACE_RELATIONSHIP",
"rightType": [
"Tier0Interface"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "BGP neighbor config",
"type": "object"
}
BgpNeighborConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "BgpNeighborConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routing Config list request parameters",
"type": "object"
}
BgpNeighborConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "BgpNeighborConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BgpNeighborConfig"
},
"required": true,
"title": "BGP neighbor configs list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of BGP Neighbor Configs",
"type": "object"
}
BgpNeighborListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "BgpNeighborListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BgpNeighbor"
},
"required": true,
"title": "Paginated list of bgp neighbors",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BgpNeighborLocalAsConfig (type)
{
"additionalProperties": false,
"id": "BgpNeighborLocalAsConfig",
"module_id": "PolicyConnectivity",
"properties": {
"as_path_modifier_type": {
"description": "Optional parameter. If this property is not set, by default BGP prepends neighbor's local_as_num value to the AS_PATH for BOTH outgoing and incoming route advertisements from the peer neighbor. By setting one of the following value, user can modify the default prepend action on the AS_PATH in both inbound and outbound direction. NO_PREPEND: If type is NO_PREPEND, then the local router will NOT prepend the incoming advertisement from that peer with neighbor's local_as_num, so the AS path advertised will now prepend only the BGP local-as of the router. NO_PREPEND_REPLACE_AS - If type is \"NO_PREPEND_REPLACE_AS\", then the local routes will be advertised with the neighbor's local-as instead of the BGP's local-as to peer router.",
"enum": [
"NO_PREPEND",
"NO_PREPEND_REPLACE_AS"
],
"required": false,
"title": "AS_PATH modifier type for BGP local AS",
"type": "string"
},
"local_as_num": {
"description": "Specify local-as number for Tier-0 to advertize to BGP peer. This overrides local_as_num configured in the BgpRoutingConfig object. AS number can be specified in ASPLAIN (e.g., \"65546\") or ASDOT (e.g., \"1.10\") format. It is supported for BgpNeighborConfig under both default tier0 and vrf tier0. When this capability is configured, it enables the BGP to prepend \"local_as_num\" value to the beginning of AS_PATH for BOTH outgoing and incoming route advertisements from the configured neighbor. After prepend, AS_PATH contains both \"neighbor's <local_as_num>\" and BGP's <local_as_num>.",
"required": true,
"title": "BGP neighbor local-as number in ASPLAIN/ASDOT Format",
"type": "string"
}
},
"title": "BGP neighbor local-as configuration",
"type": "object"
}
BgpNeighborRouteDetails (type)
{
"additionalProperties": false,
"description": "BGP neighbor learned/advertised route details.",
"id": "BgpNeighborRouteDetails",
"module_id": "AggSvcLogicalRouter",
"properties": {
"logical_router_id": {
"readonly": true,
"required": true,
"title": "Logical router id",
"type": "string"
},
"neighbor_address": {
"$ref": "IPAddress",
"description": "BGP neighbor peer IP address.",
"readonly": true,
"required": true,
"title": "Neighbor IP address"
},
"neighbor_id": {
"readonly": true,
"required": true,
"title": "BGP neighbor id",
"type": "string"
},
"per_transport_node_routes": {
"description": "Array of BGP neighbor route details per transport node.",
"items": {
"$ref": "RoutesPerTransportNode"
},
"readonly": true,
"required": false,
"title": "Route details per transport node",
"type": "array"
}
},
"title": "BGP neighbor route details",
"type": "object"
}
BgpNeighborRouteDetailsCsvRecord (type)
{
"additionalProperties": false,
"description": "BGP neighbor learned/advertised route details.",
"extends": {
"$ref": "CsvRecord"
},
"id": "BgpNeighborRouteDetailsCsvRecord",
"module_id": "AggSvcLogicalRouter",
"properties": {
"as_path": {
"description": "BGP AS path attribute.",
"readonly": true,
"required": false,
"title": "AS path",
"type": "string"
},
"local_pref": {
"description": "BGP Local Preference attribute.",
"readonly": true,
"required": false,
"title": "Local preference",
"type": "integer"
},
"logical_router_id": {
"description": "Logical router id",
"readonly": true,
"required": true,
"title": "Logical router id",
"type": "string"
},
"med": {
"description": "BGP Multi Exit Discriminator attribute.",
"readonly": true,
"required": false,
"title": "Multi Exit Discriminator",
"type": "integer"
},
"neighbor_address": {
"$ref": "IPAddress",
"description": "BGP neighbor peer IP address.",
"readonly": true,
"required": true,
"title": "Neighbor IP address"
},
"neighbor_id": {
"description": "BGP neighbor id",
"readonly": true,
"required": true,
"title": "BGP neighbor id",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock",
"description": "CIDR network address.",
"readonly": true,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress",
"description": "Next hop IP address.",
"readonly": true,
"required": false,
"title": "Next hop IP address"
},
"source_address": {
"$ref": "IPAddress",
"description": "BGP neighbor source address.",
"readonly": true,
"required": false,
"title": "BGP neighbor source address"
},
"transport_node_id": {
"description": "Transport node id",
"readonly": true,
"required": true,
"title": "Transport node id",
"type": "string"
},
"weight": {
"description": "BGP Weight attribute.",
"readonly": true,
"required": false,
"title": "Weight",
"type": "integer"
}
},
"title": "BGP neighbor route details",
"type": "object"
}
BgpNeighborRouteDetailsInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult"
},
"id": "BgpNeighborRouteDetailsInCsvFormat",
"module_id": "AggSvcLogicalRouter",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "BgpNeighborRouteDetailsCsvRecord"
},
"required": false,
"type": "array"
}
},
"type": "object"
}
BgpNeighborRoutes (type)
{
"additionalProperties": false,
"description": "BGP neighbor learned/advertised route details.",
"id": "BgpNeighborRoutes",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_node_routes": {
"description": "Array of BGP neighbor route details per edge node.",
"items": {
"$ref": "RoutesPerTransportNode"
},
"readonly": true,
"required": false,
"title": "Route details per transport node",
"type": "array"
},
"enforcement_point_path": {
"readonly": true,
"required": true,
"title": "Enforcement point policy path",
"type": "string"
},
"neighbor_path": {
"readonly": true,
"required": true,
"title": "BGP neighbor policy path",
"type": "string"
}
},
"title": "BGP neighbor route details",
"type": "object"
}
BgpNeighborRoutesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "BgpNeighborRoutesListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged Collection of Bgp neighbor routes.",
"items": {
"$ref": "BgpNeighborRoutes"
},
"required": false,
"title": "Paged Collection of Bgp neighbor routes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BgpNeighborStatus (type)
{
"additionalProperties": false,
"id": "BgpNeighborStatus",
"module_id": "AggSvcLogicalRouter",
"properties": {
"address_families": {
"description": "Address families of BGP neighbor",
"items": {
"$ref": "BgpAddressFamily"
},
"readonly": true,
"required": false,
"title": "Address families of BGP neighbor",
"type": "array"
},
"announced_capabilities": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "BGP capabilities sent to BGP neighbor.",
"type": "array"
},
"connection_drop_count": {
"readonly": true,
"required": false,
"title": "Count of connection drop",
"type": "integer"
},
"connection_state": {
"enum": [
"INVALID",
"IDLE",
"CONNECT",
"ACTIVE",
"OPEN_SENT",
"OPEN_CONFIRM",
"ESTABLISHED",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Current state of the BGP session.",
"type": "string"
},
"established_connection_count": {
"readonly": true,
"required": false,
"title": "Count of connections established",
"type": "integer"
},
"graceful_restart": {
"deprecated": true,
"description": "Current state of graceful restart where graceful_restart = true indicates graceful restart is enabled and graceful_restart = false indicates graceful restart is disabled. This is deprecated field, use graceful_restart_mode instead.",
"readonly": true,
"required": false,
"title": "Graceful restart flag",
"type": "boolean"
},
"graceful_restart_mode": {
"description": "Current state of graceful restart of BGP neighbor. Possible values are - 1. GR_AND_HELPER - Graceful restart with Helper 2. HELPER_ONLY - Helper only 3. DISABLE - Disabled",
"readonly": true,
"required": false,
"title": "Graceful restart mode",
"type": "string"
},
"hold_time": {
"readonly": true,
"required": false,
"title": "Time in ms to wait for HELLO from BGP peer. If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down.",
"type": "integer"
},
"intent_path": {
"readonly": true,
"title": "policy intent path of bgp neighbor",
"type": "string"
},
"keep_alive_interval": {
"readonly": true,
"required": false,
"title": "Time in ms to wait for HELLO packet from BGP peer",
"type": "integer"
},
"local_port": {
"maximum": 65535,
"minimum": 1,
"readonly": true,
"required": false,
"title": "TCP port number of Local BGP connection",
"type": "integer"
},
"lr_component_id": {
"readonly": true,
"required": true,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"messages_received": {
"readonly": true,
"required": false,
"title": "Count of messages received from the neighbor",
"type": "integer"
},
"messages_sent": {
"readonly": true,
"required": false,
"title": "Count of messages sent to the neighbor",
"type": "integer"
},
"negotiated_capability": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "BGP capabilities negotiated with BGP neighbor.",
"type": "array"
},
"neighbor_address": {
"$ref": "IPAddress",
"readonly": true,
"required": false,
"title": "The IP of the BGP neighbor"
},
"neighbor_edge_node": {
"readonly": true,
"title": "Inter-SR bgp neighbor edge node",
"type": "string"
},
"neighbor_router_id": {
"$ref": "IPAddress",
"readonly": true,
"required": false,
"title": "Router ID of the BGP neighbor."
},
"remote_as_number": {
"readonly": true,
"required": false,
"title": "AS number of the BGP neighbor",
"type": "string"
},
"remote_port": {
"maximum": 65535,
"minimum": 1,
"readonly": true,
"required": false,
"title": "TCP port number of remote BGP Connection",
"type": "integer"
},
"remote_site": {
"$ref": "ResourceReference",
"description": "Remote site details.",
"readonly": true,
"title": "Remote site"
},
"source_address": {
"$ref": "IPAddress",
"readonly": true,
"required": false,
"title": "The Ip address of logical port"
},
"time_since_established": {
"readonly": true,
"required": false,
"title": "Time(in seconds) since connection was established.",
"type": "integer"
},
"total_in_prefix_count": {
"description": "Sum of in prefixes counts across all address families.",
"readonly": true,
"required": false,
"title": "Count of in prefixes",
"type": "integer"
},
"total_out_prefix_count": {
"description": "Sum of out prefixes counts across all address families.",
"readonly": true,
"required": false,
"title": "Count of out prefixes",
"type": "integer"
},
"transport_node": {
"$ref": "ResourceReference",
"readonly": true,
"required": false,
"title": "Transport node id and name"
},
"type": {
"description": "BGP neighbor type",
"enum": [
"INTER_SR",
"USER"
],
"readonly": true,
"title": "BGP neighbor type",
"type": "string"
}
},
"type": "object"
}
BgpNeighborStatusLiteDto (type)
{
"additionalProperties": false,
"id": "BgpNeighborStatusLiteDto",
"module_id": "AggSvcLogicalRouter",
"properties": {
"connection_state": {
"description": "Current state of the BGP session.",
"enum": [
"INVALID",
"IDLE",
"CONNECT",
"ACTIVE",
"OPEN_SENT",
"OPEN_CONFIRM",
"ESTABLISHED",
"UNKNOWN"
],
"readonly": true,
"title": "BGP session state",
"type": "string"
},
"neighbor_address": {
"$ref": "IPAddress",
"description": "Ip address of BGP neighbor.",
"readonly": true,
"title": "Neighor address"
},
"remote_site": {
"$ref": "ResourceReference",
"description": "Remote site details.",
"readonly": true,
"title": "Remote site"
},
"source_address": {
"$ref": "IPAddress",
"description": "Source Ip address.",
"readonly": true,
"title": "Source address"
}
},
"type": "object"
}
BgpNeighborsStatusListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "BgpNeighborsStatusListResult",
"module_id": "AggSvcLogicalRouter",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated, unset if data source has never updated the data.",
"readonly": true,
"title": "Timestamp indicating last update time of data"
},
"logical_router_id": {
"readonly": true,
"required": true,
"title": "Logical router id",
"type": "string"
},
"logical_router_name": {
"readonly": true,
"required": false,
"title": "Name of the logical router",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"additionalProperties": false,
"items": {
"$ref": "BgpNeighborStatus"
},
"readonly": true,
"required": false,
"title": "Status of BGP neighbors of the logical router",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BgpRouteAggregation (type)
{
"additionalProperties": false,
"id": "BgpRouteAggregation",
"module_id": "Routing",
"properties": {
"prefix": {
"$ref": "IPCIDRBlock",
"required": true,
"title": "cidr of the aggregate address"
},
"summary_only": {
"default": true,
"required": false,
"title": "Flag to send only summarized route",
"type": "boolean"
}
},
"type": "object"
}
BgpRouteFiltering (type)
{
"additionalProperties": false,
"id": "BgpRouteFiltering",
"module_id": "PolicyConnectivity",
"properties": {
"address_family": {
"description": "Address family type. If not configured, this property automatically derived for IPv4 & IPv6 peer configuration.",
"enum": [
"IPV4",
"IPV6",
"L2VPN_EVPN"
],
"title": "Address family type",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable address family.",
"title": "Enable address family",
"type": "boolean"
},
"in_route_filters": {
"description": "Specify path of prefix-list or route map to filter routes for IN direction.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for IN direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"maximum_routes": {
"description": "Maximum number of routes for the address family.",
"maximum": 1000000,
"minimum": 1,
"required": false,
"title": "Maximum number of routes for the address family",
"type": "int"
},
"out_route_filters": {
"description": "Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for OUT direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
}
},
"title": "Enable address_families and route filtering in each direction",
"type": "object"
}
BgpRouteLeaking (type)
{
"additionalProperties": false,
"id": "BgpRouteLeaking",
"module_id": "PolicyConnectivity",
"properties": {
"address_family": {
"description": "Address family type. Assumed IPv4 address family when not specified.",
"enum": [
"IPV4",
"IPV6"
],
"title": "Address family type",
"type": "string"
},
"in_filter": {
"description": "Specify path of route map to filter routes for IN direction. If not specified then all exported routes from peer attachment will be imported.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "route map path for IN direction",
"type": "array"
},
"out_filter": {
"description": "Specify path of route map to filter routes for OUT direction. If not specified then all redistribute routes will be exported.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "route map path for OUT direction",
"type": "array"
}
},
"title": "BGP route leaking in each direction",
"type": "object"
}
BgpRoutesRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseListRequestParameters"
},
"id": "BgpRoutesRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"count": {
"default": 1000,
"description": "Number of routes to return in response. Not used when routes are requested in CSV format.",
"minimum": 1,
"title": "Number of routes to retrieve",
"type": "int"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "BGP Routes request parameters",
"type": "object"
}
BgpRoutingConfig (type)
{
"additionalProperties": false,
"description": "Contains BGP routing configuration.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BgpRoutingConfig",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildBgpNeighborConfig",
"ChildBgpTroubleshootConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ebgp_admin_distance": {
"default": 20,
"description": "Administrative distance for IPv4 and IPv6 eBGP learnt routes(inbound). User is allowed to set this value only if BGP is disabled.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "eBGP route administrative distance",
"type": "int"
},
"ecmp": {
"description": "Flag to enable ECMP.",
"required": false,
"title": "Flag to enable ECMP",
"type": "boolean"
},
"enabled": {
"description": "Flag to enable BGP configuration. Disabling will stop feature and BGP peering.",
"required": false,
"title": "Flag to enable BGP configuration",
"type": "boolean"
},
"graceful_restart_config": {
"$ref": "BgpGracefulRestartConfig",
"description": "Configuration field to hold BGP Restart mode and timer.",
"title": "BGP Graceful Restart Configuration"
},
"ibgp_admin_distance": {
"default": 200,
"description": "Administrative distance for IPv4 and IPv6 iBGP learnt routes(inbound). User is allowed to set this value only if BGP is disabled.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "iBGP route administrative distance",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inter_sr_ibgp": {
"description": "Flag to enable inter SR IBGP configuration. When not specified, inter SR IBGP is automatically enabled if Tier-0 is created in ACTIVE_ACTIVE ha_mode.",
"required": false,
"title": "Enable inter SR IBGP configuration",
"type": "boolean"
},
"local_as_num": {
"description": "Specify BGP AS number for Tier-0 to advertize to BGP peers. AS number can be specified in ASPLAIN (e.g., \"65546\") or ASDOT (e.g., \"1.10\") format. Empty string disables BGP feature. It is required by normal tier0 but not required in vrf tier0.",
"required": false,
"title": "BGP AS number in ASPLAIN/ASDOT Format",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"multipath_relax": {
"description": "Flag to enable BGP multipath relax option.",
"required": false,
"title": "Flag to enable BGP multipath relax option",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_aggregations": {
"description": "List of routes to be aggregated.",
"items": {
"$ref": "RouteAggregationEntry"
},
"maxItems": 1000,
"required": false,
"title": "List of routes to be aggregated",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "BGP routing config",
"type": "object"
}
BgpTroubleshootConfig (type)
{
"description": "Configuration field to hold BGP session diagnostics, system diagnostics and bfd control packet diagnostics.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "BgpTroubleshootConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_control_pkt_diagnostics": {
"default": true,
"description": "Flag to enable/disable the collection of the timestamps of sent and received BFD control messages per BFD peer session. Enabled by default.",
"required": false,
"title": "BFD control packet diagnostics configuration for troubleshooting",
"type": "boolean"
},
"bgp_session_diagnostics": {
"default": true,
"description": "Flag to enable/disable the collection of the timestamps of sent and received Keep-Alive messages per BGP peer session, and the session states. Enabled by default.",
"required": false,
"title": "BGP session diagnostics configuration for troubleshooting",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"system_diagnostics": {
"default": true,
"description": "Flag to enable/disable the collection of system diagnostic data such as ARP, Ping, CPU stats, etc.",
"required": false,
"title": "BGP system diagnostics configuration for troubleshooting",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "BGP troubleshoot config",
"type": "object"
}
BinaryPacketData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PacketData"
},
"id": "BinaryPacketData",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "BinaryPacketData"
},
"properties": {
"frame_size": {
"default": 128,
"description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.",
"maximum": 1000,
"minimum": 60,
"required": false,
"title": "Requested total size of the (logical) packet in bytes",
"type": "integer"
},
"payload": {
"description": "Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload must contain all headers (Ethernet, IP, etc). Note that VLAN is not supported in the logical space. Hence, payload must not contain 802.1Q headers.",
"maxLength": 1336,
"required": false,
"title": "RFC3548 compatible base64 encoded full payload",
"type": "string"
},
"resource_type": {
"default": "FieldsPacketData",
"enum": [
"BinaryPacketData",
"FieldsPacketData"
],
"required": true,
"title": "Packet configuration",
"type": "string"
},
"routed": {
"description": "When this flag is set, traceflow packet will have its destination overwritten as the gateway address of the logical router to which the source logical switch is connected. More specifically: - For ARP request, the target IP will be overwritten as gateway IP if the target IP is not in the same subnet of gateway. - For ARP response, the target IP and destination MAC will be overwritten as gateway IP/MAC respectively, if the target IP is not in the same subnet of gateway. - For IP packet, the destination MAC will be overwritten as gateway MAC. However, this flag will not be effective when injecting the traceflow packet to a VLAN backed port. This is because the gateway in this case is a physical gateway that is outside the scope of NSX. Therefore, users need to manually populate the gateway MAC address. If the user still sets this flag in this case, a validation error will be thrown. The scenario where a user injects a packet with a VLAN tag into a parent port is referred to as the traceflow container case. Please note that the value of `routed` depends on the connected network of the child segment rather than the connected network of segment of the parent port in this case. Here is the explanation: The parent port in this context is the port on a segment which is referred to by a SegmentConnectionBindingMap. The bound segment of the SegmentConnectionBindingMap is the child segment. The user-crafted traceflow packet will be directly forwarded to the corresponding child segment of the parent port without interacting with any layer 2 forwarding/layer 3 routing in this scenario. The crafted packet will follow the forwarding/routing polices of the child segment's connected network. For example, if a user injects a crafted packet to port_p, and the segment (seg_p) of port_p is referred to by the binding map m1, where m1 is bound to segment seg_c, and the destination port (port_d) of the packet is the VM vNIC connected to seg_p. Although port_p and port_d are on the same segment, the 'routed' value should be set to true if the user expects the crafted packet to be correctly delivered to the destination. This is because the child segments seg_c and seg_d are on different segments and require router interaction to communicate.",
"required": false,
"title": "Awareness of logical routing",
"type": "boolean"
},
"transport_type": {
"default": "UNICAST",
"description": "This type takes effect only for IP packet.",
"enum": [
"BROADCAST",
"UNICAST",
"MULTICAST",
"UNKNOWN"
],
"required": false,
"title": "Transport type of the traceflow packet",
"type": "string"
}
},
"type": "object"
}
BingdingMapStackStatusListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters for port/group/segment binding map mirror stack status.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "BingdingMapStackStatusListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String path for the enforcement point.",
"required": false,
"title": "Binding map path enforcemnt point path to remote L3 mirror session",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Request parameters for binding map mirror stack status",
"type": "object"
}
BlackholeAction (type)
{
"additionalProperties": false,
"enum": [
"DISCARD"
],
"id": "BlackholeAction",
"module_id": "Routing",
"title": "Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded.",
"type": "string"
}
BondPnicStatus (type)
{
"additionalProperties": false,
"description": "pNIC/bond statuses",
"id": "BondPnicStatus",
"module_id": "Heatmap",
"properties": {
"name": {
"description": "Name of the pNIC/bond",
"title": "pNIC/bond name",
"type": "string"
},
"status": {
"description": "Status of pNIC/bond",
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "pNic/bond status",
"type": "string"
},
"type": {
"description": "Type, whether the object is a pNIC or a bond",
"enum": [
"UNKNOWN_TYPE",
"PNIC",
"BOND"
],
"title": "Object type",
"type": "string"
}
},
"title": "bond type pnic status",
"type": "object"
}
BpduFilter (type) (Deprecated)
{
"deprecated": true,
"id": "BpduFilter",
"module_id": "SwitchSecuritySwitchingProfile",
"properties": {
"enabled": {
"readonly": false,
"required": true,
"title": "Indicates whether BPDU filter is enabled",
"type": "boolean"
},
"white_list": {
"items": {
"type": "string"
},
"maxItems": 32,
"minItems": 0,
"readonly": false,
"required": false,
"title": "Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering",
"type": "array"
}
},
"title": "BPDU filter configuration",
"type": "object"
}
BridgeEndpoint (type)
{
"description": "A bridge endpoint can be created on a bridge cluster or on an edge cluster. Few of the properties of this class will not be used depending on the type of bridge endpoint being created. When creating a bridge endpoint on a bridge cluster, following propeties will be used: vlan, bridge_cluster_id and ha_enable. Similarly, for creating a bridge endpoint on an edge cluster following properties will be used: vlan, bridge_endpoint_profile_id and vlan_transport_zone_id.",
"extends": {
"$ref": "ManagedResource"
},
"id": "BridgeEndpoint",
"module_id": "BridgeEndpoint",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bridge_cluster_id": {
"description": "This field will not be used if an edge cluster is being used for the bridge endpoint",
"maxLength": 36,
"required": false,
"title": "UUID of the bridge cluster for this bridge endpoint",
"type": "string"
},
"bridge_endpoint_profile_id": {
"description": "This field will not be used if a bridge cluster is being used for the bridge endpoint",
"required": false,
"title": "Bridge endpoint profile used by the edge cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_enable": {
"default": true,
"description": "This field will not be used if an edge cluster is being used for the bridge endpoint",
"required": false,
"title": "Controls the enabling of HA on the VLAN for this endpoint",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"uplink_teaming_policy_name": {
"description": "This name has to be one of the switching uplink teaming policy names listed inside the TransportZone. If this field is not specified, bridge will use the first pnic in host-switch config. This field will not be used if a bridge cluster is being used for the bridge endpoint",
"required": false,
"title": "The name of the switching uplink teaming policy for the bridge endpoint",
"type": "string"
},
"vlan": {
"$ref": "VlanID",
"description": "This property is used for VLAN specification of bridge endpoint. It's mutually exclusive with 'vlan_trunk_spec', either 'vlan' or 'vlan_trunk_spec' should be specified.",
"required": false
},
"vlan_transport_zone_id": {
"description": "This field will not be used if a bridge cluster is being used for the bridge endpoint",
"required": false,
"title": "VLAN transport zone id by the edge cluster",
"type": "string"
},
"vlan_trunk_spec": {
"$ref": "VlanTrunkSpec",
"description": "This property is used for VLAN trunk specification of edge bridge endpoint. It's mutually exclusive with 'vlan', either 'vlan' or 'vlan_trunk_spec' should be specified.",
"required": false,
"title": "VLAN trunk spec of edge bridge endpoint"
}
},
"title": "Bridge Endpoint",
"type": "object"
}
BridgeEndpointListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "BridgeEndpointListResult",
"module_id": "BridgeEndpoint",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BridgeEndpoint"
},
"minItems": 0,
"readonly": true,
"required": true,
"title": "BridgeEndpoint Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Bridge Endpoint queries result",
"type": "object"
}
BridgeEndpointProfile (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "BridgeEndpointProfile",
"module_id": "BridgeEndpointProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_id": {
"maxLength": 36,
"required": true,
"title": "UUID of the edge cluster for this bridge endpoint",
"type": "string"
},
"edge_cluster_member_indexes": {
"description": "First index will be used as the preferred member",
"items": {
"type": "int"
},
"required": false,
"title": "Indexes of the member hosts of the edge bridge cluster",
"type": "array"
},
"failover_mode": {
"default": "PREEMPTIVE",
"description": "Faileover mode can be preemmptive or non-preemptive",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"required": false,
"title": "Failover mode for the edge bridge cluster",
"type": "string"
},
"high_availability_mode": {
"default": "ACTIVE_STANDBY",
"description": "High avaialability mode can be active-active or active-standby",
"enum": [
"ACTIVE_STANDBY"
],
"required": false,
"title": "High availability mode for the edge bridge cluster",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Bridge Endpoint Profile",
"type": "object"
}
BridgeEndpointProfileListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "BridgeEndpointProfileListResult",
"module_id": "BridgeEndpointProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BridgeEndpointProfile"
},
"minItems": 0,
"readonly": true,
"required": true,
"title": "BridgeEndpointProfile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Bridge Endpoint Profile queries result",
"type": "object"
}
BridgeEndpointProfileRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters"
},
"id": "BridgeEndpointProfileRequestParameters",
"module_id": "BridgeEndpointProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_cluster_id": {
"required": false,
"title": "Edge Cluster Identifier",
"type": "string"
},
"failover_mode": {
"required": false,
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Bridge Endpoint Profile request parameters",
"type": "object"
}
BridgeEndpointRequestParameters (type)
{
"description": "When querying for bridge endpoints on a bridge cluster, following parameters can be used: bridge_cluster_id and logical_switch_id. When querying for bridge endpoints on an edge cluster, following parameters can be used: bridge_endpoint_profile_id, vlan_transport_zone_id and logical_switch_id. When multiple parameters are provided they will be anded together. if bridge_cluster_id is used along with bridge_endpoint_profile_id or vlan_transport_zone_id an error will be thrown.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "BridgeEndpointRequestParameters",
"module_id": "BridgeEndpoint",
"properties": {
"bridge_cluster_id": {
"description": "If provided, only bridge endpoints associated with the given bridge cluster will be returned.",
"required": false,
"title": "Bridge Cluster Identifier",
"type": "string"
},
"bridge_endpoint_profile_id": {
"description": "If provided, only bridge endpoints associated with the given bridge endpoint profile will be returned.",
"required": false,
"title": "Bridge endpoint profile used by the edge cluster",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"logical_switch_id": {
"description": "If provided, only bridge endpoints associated with the given logical switch will be returned.",
"required": false,
"title": "Logical Switch Identifier",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"vlan_transport_zone_id": {
"description": "If provided, only bridge endpoints associated with the given transport zone will be returned.",
"required": false,
"title": "VLAN transport zone id used by the edge cluster",
"type": "string"
}
},
"title": "Bridge Endpoint request parameters",
"type": "object"
}
BridgeEndpointStatistics (type)
{
"extends": {
"$ref": "AggregatedDataCounter"
},
"id": "BridgeEndpointStatistics",
"module_id": "AggSvcBridging",
"properties": {
"endpoint_id": {
"readonly": true,
"required": true,
"title": "The id of the bridge endpoint",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"rx_bytes": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter",
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter",
"readonly": true,
"required": false
}
},
"type": "object"
}
BridgeEndpointStatus (type)
{
"id": "BridgeEndpointStatus",
"module_id": "AggSvcBridging",
"properties": {
"active_nodes": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "The Ids of the transport nodes which actively serve the endpoint.",
"type": "array"
},
"endpoint_id": {
"readonly": true,
"required": true,
"title": "The id of the bridge endpoint",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
}
},
"type": "object"
}
BridgeFirewallPolicy (type)
{
"description": "Represents the Bridge Firewall Policy, which contains the list of Bridge Firewall Rules.",
"extends": {
"$ref": "Policy"
},
"id": "BridgeFirewallPolicy",
"module_id": "PolicyBridgeFirewall",
"policy_hierarchical_children": [
"ChildRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp",
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "Rule"
},
"required": false,
"title": "Rules that are a part of this Bridge Firewall Policy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules for Bridge Firewall",
"type": "object"
}
BridgeFirewallPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult"
},
"id": "BridgeFirewallPolicyListResult",
"module_id": "PolicyBridgeFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BridgeFirewallPolicy"
},
"required": true,
"title": "Bridge Firewall policy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Bridge Firewall policies",
"type": "object"
}
BridgeHighAvailabilityClusterProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ClusterProfile"
},
"id": "BridgeHighAvailabilityClusterProfile",
"module_id": "BridgeHighAvailabilityClusterProfile",
"polymorphic-type-descriptor": {
"type-identifier": "BridgeHighAvailabilityClusterProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_probe_interval": {
"default": 1000,
"maximum": 60000,
"minimum": 300,
"required": false,
"title": "the time interval (in millisec) between probe packets for heartbeat purpose",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"required": false,
"title": "whether the heartbeat is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "ClusterProfileType",
"help_summary": "The cluster profile type.",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for BFD HA cluster setting",
"type": "object"
}
BridgeProfileConfig (type)
{
"additionalProperties": false,
"description": "configuration parameters for Bridge Profile",
"id": "BridgeProfileConfig",
"module_id": "PolicyConnectivity",
"properties": {
"bridge_profile_path": {
"description": "Same bridge profile can be configured on different segments. Each bridge profile on a segment must unique.",
"required": true,
"title": "Policy path to L2 Bridge profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_BRIDGE_PROFILE_RELATIONSHIP",
"rightType": [
"L2BridgeEndpointProfile"
]
},
{
"leftType": [
"VpcSubnetBridgeProfile"
],
"relationshipType": "VPC_SUBNET_BRIDGE_PROFILE_RELATIONSHIP",
"rightType": [
"L2BridgeEndpointProfile"
]
}
]
},
"uplink_teaming_policy_name": {
"description": "The name of the switching uplink teaming policy for the bridge endpoint. This name corresponds to one of the switching uplink teaming policy names listed in the VLAN transport zone specified by the property \"vlan_transport_zone_path\". When this property is not specified, the default teaming policy of the host-switch is assigned. Do not set a value when the 'bridge_profile_path' is the path of L2DistributedBridgeEndpointProfile.",
"title": "Uplink Teaming Policy Name",
"type": "string"
},
"vlan_ids": {
"description": "VLAN specification for bridge endpoint. Either VLAN ID or VLAN ranges can be specified. Not both.",
"items": {
"type": "string"
},
"required": true,
"title": "VLAN IDs",
"type": "array"
},
"vlan_transport_zone_path": {
"description": "The path of the VLAN transport zone that represents the underlay L2 zone in which the VLANs will be bridged to overlay segments. A unique VLAN transport zone should be assigned to each underlay L2 zone when needed for bridging. If two VLANs in two underlay L2 zones are combined together as one L2 broadcast-domain by certain L2 extension, the two underlay L2 zones still should have two different VLAN transport zones assigned to them. It is optional for distributed-bridging but required for other bridging modes. If it is not given, the distributed bridge will span all ESX transport nodes in the overlay transport zone of the segment that contains this profile.",
"required": false,
"title": "Policy path of the VLAN transport zone assigned to the underlay L2 zone for bridging.",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment",
"VpcSubnetBridgeProfile"
],
"relationshipType": "_UNOPTIMIZED_RELATIONSHIP_",
"rightType": [
"PolicyTransportZone"
]
}
]
}
},
"title": "Bridge Profile Configuration",
"type": "object"
}
BridgeProfileRequestParameters (type)
{
"additionalProperties": false,
"id": "BridgeProfileRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"bridge_profile_path": {
"description": "Policy path of Bridge profile using which a bridge end point was created.",
"required": true,
"title": "Bridge profile path",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Bridge profile request parameters",
"type": "object"
}
BridgingMode (type)
{
"description": "Bridging mode.",
"enum": [
"EDGE_BRIDGE"
],
"id": "BridgingMode",
"module_id": "OverlayAdoption",
"title": "Bridging mode",
"type": "string"
}
BrokerProperties (type)
{
"additionalProperties": false,
"id": "BrokerProperties",
"properties": {
"BrokerFqdn": {
"description": "Fully qualified domain name of the message bus broker on the management plane node.",
"required": false,
"type": "string"
},
"BrokerIpAddress": {
"$ref": "HostnameOrIPv4Address",
"description": "IP address or hostname of the message bus broker on the management plane node.",
"readonly": false,
"required": true
},
"BrokerIsMaster": {
"description": "Indicates whether this broker is the master.",
"type": "string"
},
"BrokerPort": {
"description": "Port number of the message bus broker on the management plane node.",
"type": "string"
},
"BrokerSslCertThumbprint": {
"description": "Certificate thumbprint of the message bus broker on the management plane node.",
"required": true,
"type": "string"
},
"BrokerVirtualHost": {
"description": "Type of host running the broker.",
"type": "string"
}
},
"title": "Information about a management plane node this transport node is configured to communicate with",
"type": "object"
}
BundleId (type)
{
"additionalProperties": false,
"description": "Identifier of the bundle.",
"id": "BundleId",
"module_id": "FileUploadFramework",
"properties": {
"bundle_id": {
"description": "Identifier of bundle upload",
"readonly": true,
"required": false,
"title": "Bundle Id",
"type": "string"
}
},
"title": "Id of bundle",
"type": "object"
}
BundleIds (type)
{
"additionalProperties": false,
"description": "Contains a list of bundle-ids.",
"id": "BundleIds",
"module_id": "FileUploadFramework",
"properties": {
"failed": {
"description": "Id of a bundle whose upload was failed.",
"readonly": true,
"required": false,
"title": "Failed bundle-Id",
"type": "string"
},
"in_progress": {
"description": "Id of a bundle whose upload is in-progress.",
"readonly": true,
"required": false,
"title": "In-progress bundle-Id",
"type": "string"
},
"successful": {
"description": "Id of a bundle whose upload is successful.",
"readonly": true,
"required": false,
"title": "Sucessful bundle-Id",
"type": "string"
}
},
"title": "List of bundle-ids",
"type": "object"
}
BundleUploadParameters (type)
{
"additionalProperties": false,
"description": "Parameters specified during bundle upload operations.",
"extends": {
"$ref": "ProductType"
},
"id": "BundleUploadParameters",
"module_id": "FileUploadFramework",
"properties": {
"file_type": {
"description": "Type of file which will be uploaded.",
"enum": [
"OVA"
],
"required": true,
"title": "Type of file",
"type": "string"
},
"product": {
"description": "Name of the appliance for which upload is performed.",
"enum": [
"SAMPLE",
"ALB_CONTROLLER",
"INTELLIGENCE"
],
"required": true,
"title": "Name of the appliance",
"type": "string"
}
},
"title": "Parameters for bundle upload",
"type": "object"
}
BundleUploadPermission (type)
{
"additionalProperties": false,
"description": "Describes whether bundle upload is allowed or not.",
"id": "BundleUploadPermission",
"module_id": "FileUploadFramework",
"properties": {
"reason": {
"description": "Reason for not allowing upload.",
"readonly": true,
"required": false,
"type": "string"
},
"upload_allowed": {
"description": "Flag indication whether upload is allowed or not.",
"readonly": true,
"required": true,
"title": "Bundle upload allowed flag",
"type": "boolean"
}
},
"title": "Permissions for bundle upload",
"type": "object"
}
BundleUploadStatus (type)
{
"additionalProperties": false,
"description": "Upload status of bundle uploaded from local or remote location.",
"id": "BundleUploadStatus",
"module_id": "FileUploadFramework",
"properties": {
"bundle_name": {
"description": "Name of the uploaded bundle.",
"readonly": true,
"required": false,
"title": "Name of the bundle",
"type": "string"
},
"detailed_status": {
"description": "Detailed status of bundle upload.",
"readonly": true,
"required": false,
"title": "Detailed status of bundle upload",
"type": "string"
},
"percent": {
"description": "Percent of bundle uploaded from remote location.",
"readonly": true,
"required": false,
"title": "Percent of upload completed",
"type": "number"
},
"status": {
"description": "Current status of bundle upload.",
"enum": [
"UPLOADING",
"VERIFYING",
"SUCCESS",
"FAILED"
],
"readonly": true,
"required": false,
"title": "Status of bundle upload",
"type": "string"
},
"url": {
"description": "URL for uploading bundle.",
"readonly": true,
"required": false,
"title": "URL from which the bundle was uploaded",
"type": "string"
}
},
"title": "Upload status of bundle",
"type": "object"
}
ByodPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Represents an instance of partner's service whose wiring will be done by partner itself. As partner does all the wiring, we call it as Byod - Bring your own device.",
"extends": {
"$ref": "BasePolicyServiceInstance"
},
"id": "ByodPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"policy_hierarchical_children": [
"ChildServiceInstanceEndpoint"
],
"polymorphic-type-descriptor": {
"type-identifier": "ByodPolicyServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service in the Marketplace",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"default": "L2_BRIDGE",
"description": "Transport to be used while deploying Service-VM.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED"
],
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents instance of self wiring partner's service",
"type": "object"
}
ByodPolicyServiceInstanceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ByodPolicyServiceInstanceListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ByodPolicyServiceInstance"
},
"required": true,
"title": "Byod Service instance list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of only Byod SI objects",
"type": "object"
}
ByodServiceInstance (type)
{
"description": "ByodServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s. User will manage their own appliance (BYOD) to connect with NSX.",
"extends": {
"$ref": "BaseServiceInstance"
},
"id": "ByodServiceInstance",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"type-identifier": "ByodServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": true,
"title": "Deployment Mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"on_failure_policy": {
"description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.",
"enum": [
"ALLOW",
"BLOCK"
],
"required": false,
"title": "On Failure Policy",
"type": "string"
},
"resource_type": {
"$ref": "ServiceInstanceResourceType",
"required": true
},
"service_id": {
"description": "The Service to which the service instance is associated.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED",
"NSH",
"NA",
"L3_ROUTED_V6"
],
"readonly": false,
"required": true,
"title": "Transport Type",
"type": "string"
}
},
"title": "Custom Instance of a service",
"type": "object"
}
CACertificateData (type)
{
"additionalProperties": false,
"id": "CACertificateData",
"module_id": "InventoryCmObj",
"properties": {
"issued_by": {
"description": "CommonName of issuer of CA certificate.",
"readonly": false,
"required": false,
"title": "Issuer of certificate",
"type": "string"
},
"issued_to": {
"description": "CommonName of owner of CA certificate.",
"readonly": false,
"required": false,
"title": "Subject name of certificate",
"type": "string"
},
"not_after": {
"$ref": "EpochMsTimestamp",
"description": "The time in epoch milliseconds at which the certificate becomes invalid.",
"readonly": false,
"required": false,
"title": "Certificate expiry time"
},
"type": {
"description": "Type of certificate, currently it's CA certificate.",
"enum": [
"CA_CERTIFICATE"
],
"readonly": false,
"required": false,
"title": "Type of certificate",
"type": "string"
}
},
"type": "object"
}
CCPUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus"
},
"id": "CCPUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList",
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus",
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of CCP upgrade",
"type": "object"
}
CCSnmpV3User (type)
{
"additionalProperties": false,
"description": "This object contains properties for a SNMP V3 user that can be used to receive SNMP traps/notifications from NSX and/or poll NSX nodes over SNMP.",
"id": "CCSnmpV3User",
"module_id": "CentralConfig",
"properties": {
"access": {
"default": "READ_ONLY",
"description": "Access permissions for polling NSX nodes over SNMP V3.",
"enum": [
"READ_ONLY"
],
"title": "Type of access",
"type": "string"
},
"auth_password": {
"description": "Authentication password used for SNMP V3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for authentication password.",
"required": false,
"sensitive": true,
"title": "Authentication password",
"type": "secure_string"
},
"priv_password": {
"description": "Privacy password used for SNMP V3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for privacy password.",
"required": false,
"sensitive": true,
"title": "Privacy password",
"type": "secure_string"
},
"security_level": {
"default": "AUTH_PRIV",
"description": "Security level indicates whether SNMP communication involves authentication and privacy protocols for this user. Value \"AUTH_PRIV\" indicates both authentication and privacy protocols will be used for SNMP communication.",
"enum": [
"AUTH_PRIV"
],
"title": "Security level",
"type": "string"
},
"user_id": {
"description": "Unique SNMP V3 user id.",
"maxLength": 32,
"minLength": 1,
"required": true,
"title": "User ID",
"type": "string"
}
},
"title": "SNMP V3 user",
"type": "object"
}
CNSGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing Cloud Native service external ID and enforcement point path",
"extends": {
"$ref": "RealizationListRequestParameters"
},
"id": "CNSGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cns_external_id": {
"required": true,
"title": "Cloud Native Service external ID",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing Cloud Native Service external ID and enforcement point path",
"type": "object"
}
CPUReservation (type)
{
"description": "Relative to the form factor pre-defined reservation value. We recommended that you use the predefined measures of CPU reservation shares to reduce the CPU reservation of a VM. Reservation shares are relative to the default form-factor value. Though absolute values for CPU reservation is supported, we advise to use this option with caution as incorrect or high reservation values could lead to deployment failure or lead to resource starvation for other VMs running on the same host.",
"id": "CPUReservation",
"module_id": "FabricNode",
"properties": {
"reservation_in_mhz": {
"description": "The CPU reservation in MHz is the guaranteed minimum amount of clock cycles that the vmkernel CPU scheduler will give the Edge VM in case of contention. If an Edge VM is not using its reserved resources, then other machines can use them thus preventing waste of CPU cycles on the physical host. Note: We recommend use of reservation_in_shares instead of this absolute configuration. When you specify this value, set reservation_in_shares to LOW_PRIORITY.",
"required": false,
"title": "CPU reservation in MHz.",
"type": "int"
},
"reservation_in_shares": {
"default": "HIGH_PRIORITY",
"description": "Shares specify the relative importance of a virtual machine on a given host. When you assign shares to a virtual machine, you always specify the priority for that virtual machine relative to other powered-on virtual machines on the same host. The default priority for shares is HIGH_PRIORITY.",
"enum": [
"EXTRA_HIGH_PRIORITY",
"HIGH_PRIORITY",
"NORMAL_PRIORITY",
"LOW_PRIORITY"
],
"required": false,
"title": "CPU reservation in shares.",
"type": "string"
}
},
"type": "object"
}
CaBundle (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "CaBundle",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificates": {
"description": "X509Certificates in the bundle",
"items": {
"$ref": "X509Certificate"
},
"readonly": true,
"required": false,
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"earliest_not_after": {
"$ref": "EpochMsTimestamp",
"description": "The earliest time in epoch milliseconds at which a certificate becomes invalid.",
"readonly": true,
"required": false
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"not_after_list": {
"description": "Times for each certificate in the bundle at which the certificate becomes invalid.",
"items": {
"$ref": "EpochMsTimestamp"
},
"readonly": true,
"required": false,
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "PEM-encoded CA bundle certificates.",
"readonly": false,
"required": true,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "CA certificates bundle",
"type": "object"
}
CaBundleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "CaBundleListResult",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CA bundles list.",
"items": {
"$ref": "CaBundle"
},
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CA Bundle query result",
"type": "object"
}
CallbackAuthenticationScheme (type)
{
"description": "CallbackAuthenticationScheme describes how notification requests should authenticate to the server.",
"id": "CallbackAuthenticationScheme",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"certificate_id": {
"description": "Certificate ID with a valid certificate and private key, procured from trust-management API.",
"readonly": false,
"title": "Valid certificate ID",
"type": "string"
},
"password": {
"description": "Password to use if scheme_name is BASIC_AUTH.",
"readonly": false,
"sensitive": true,
"title": "Password for authentication",
"type": "secure_string"
},
"scheme_name": {
"description": "Authentication scheme to use when making notification requests to the partner console. Specify one of BASIC_AUTH or CERTIFICATE.",
"enum": [
"BASIC_AUTH",
"CERTIFICATE"
],
"readonly": false,
"required": true,
"title": "Authentication scheme to use when making notification requests",
"type": "string"
},
"username": {
"description": "Username to use if scheme_name is BASIC_AUTH.",
"readonly": false,
"title": "Username for authentication",
"type": "string"
}
},
"type": "object"
}
CapacityDashboardUsage (type)
{
"id": "CapacityDashboardUsage",
"module_id": "CapacityDashboard",
"properties": {
"current_usage_count": {
"description": "Indicate the current usage count of object type.",
"required": true,
"title": "Current usage count of object type",
"type": "integer"
},
"current_usage_percentage": {
"description": "Current usage percentage for object type",
"required": true,
"title": "Current usage percentage",
"type": "number"
},
"display_name": {
"description": "Display name for NSX object type.",
"required": true,
"title": "User friendly name for object type",
"type": "string"
},
"max_supported_count": {
"description": "This is the maximum supported count for object type in consideration.",
"required": true,
"title": "Maximum supported count for object type",
"type": "integer"
},
"max_threshold_percentage": {
"description": "This indicates the maximum threshold percentage for object type.",
"required": true,
"title": "Max threshold percentage for object type",
"type": "number"
},
"min_threshold_percentage": {
"description": "This indicates the minimum threshold percentage for object type.",
"required": true,
"title": "Min threshold percentage for object type",
"type": "number"
},
"severity": {
"description": "Severity calculated from percentage usage",
"enum": [
"INFO",
"WARNING",
"CRITICAL",
"ERROR"
],
"required": true,
"title": "Severity calculated from percentage usage",
"type": "string"
},
"usage_type": {
"description": "Indicate the object type for which usage is calculated.",
"required": true,
"title": "Object type for which usage is fetched",
"type": "string"
}
},
"type": "object"
}
CapacityThreshold (type)
{
"id": "CapacityThreshold",
"module_id": "CapacityDashboard",
"properties": {
"max_threshold_percentage": {
"description": "Set the maximum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as critical.",
"maximum": 100,
"minimum": 0,
"required": true,
"title": "Maximum threshold percentage",
"type": "number"
},
"min_threshold_percentage": {
"description": "Set the minimum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as warning.",
"maximum": 100,
"minimum": 0,
"required": true,
"title": "Minimum threshold percentage",
"type": "number"
},
"threshold_type": {
"description": "Indicate the object type for which threshold is to be set.",
"required": true,
"title": "Object type for which threshold is to be set",
"type": "string"
}
},
"type": "object"
}
CapacityThresholdList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "CapacityThresholdList",
"module_id": "CapacityDashboard",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"capacity_thresholds": {
"items": {
"$ref": "CapacityThreshold"
},
"required": true,
"title": "List of capacity thresholds for NSX Objects",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CapacityUsage (type)
{
"description": "usage of each capacity type ex. vm, cpu",
"extends": {
"$ref": "Resource"
},
"id": "CapacityUsage",
"module_id": "License",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"capacity_type": {
"readonly": true,
"title": "type of the capacity field",
"type": "string"
},
"usage_count": {
"readonly": true,
"title": "count of number of items of capacity_type",
"type": "integer"
}
},
"type": "object"
}
CapacityUsageMetaInfo (type)
{
"additionalProperties": false,
"id": "CapacityUsageMetaInfo",
"module_id": "CapacityDashboard",
"properties": {
"last_updated_timestamp": {
"$ref": "EpochMsTimestamp",
"required": true,
"title": "Timestamp at which capacity usage was last calculated"
},
"max_global_threshold_percentage": {
"description": "Indicates the maximum global threshold percentage",
"required": true,
"title": "Maximum global threshold percentage",
"type": "number"
},
"min_global_threshold_percentage": {
"description": "Indicates the minimum global threshold percentage",
"required": true,
"title": "Minimum global threshold percentage",
"type": "number"
}
},
"type": "object"
}
CapacityUsageRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters"
},
"id": "CapacityUsageRequestParameters",
"module_id": "CapacityDashboard",
"properties": {
"category": {
"description": "Category of attributes for which capacity details need to be fetched. Supported categories are security, inventory, networking and system. User can provide comma separated list of multiple categories.",
"required": false,
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"force": {
"default": false,
"description": "Parameter to force inline calculation instead of retrieving cached results.",
"required": false,
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Parameter to force inline calculation.",
"type": "object"
}
CapacityUsageResponse (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "CapacityUsageResponse",
"module_id": "CapacityDashboard",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"capacity_usage": {
"items": {
"$ref": "CapacityDashboardUsage"
},
"required": true,
"title": "List of capacity usage for NSX Objects",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"meta_info": {
"extends": {
"$ref": "CapacityUsageMetaInfo"
},
"required": true,
"title": "Meta data for capacity usage statistics",
"type": "object"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unreported_usage_types": {
"description": "Types for which usage data was not reported",
"items": {
"type": "string"
},
"required": false,
"title": "Unreported usage types",
"type": "array"
}
},
"type": "object"
}
CbmClusterNode (type)
{
"additionalProperties": false,
"description": "This type contains attributes of a cluster node that are relevant to the Cluster Boot Manager.",
"extends": {
"$ref": "ManagedResource"
},
"id": "CbmClusterNode",
"module_id": "ClusterBootManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entities": {
"description": "Entities on the node.",
"items": {
"$ref": "CbmClusterNodeEntity"
},
"required": true,
"title": "Entities on the node",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"node_uuid": {
"description": "UUID of the node.",
"required": true,
"title": "UUID of the node",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"default": "REMOVED",
"description": "Current clustering status of the node.",
"enum": [
"JOINING",
"JOINED",
"REMOVING",
"REMOVED"
],
"title": "Current clustering status of the node",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Cluster Node Properties",
"type": "object"
}
CbmClusterNodeEntity (type)
{
"additionalProperties": false,
"description": "NSX Cluster is made up of multiple cluster nodes. Each node can perform multiple functions, commonly referred to as roles. Cluster node entities are processes running in a cluster node that assist in the performance of a role. Cluster Boot Manager is a daemon that securely bootstraps and configures the entities. This type contains attributes of a cluster node entity that are relevant to the Cluster Boot Manager.",
"id": "CbmClusterNodeEntity",
"module_id": "ClusterBootManager",
"properties": {
"certificate": {
"description": "Public certificate of the entity in PEM format.",
"required": true,
"title": "Public certificate in PEM format",
"type": "string"
},
"entity_type": {
"$ref": "EntityType",
"description": "Type of the entity.",
"required": true,
"title": "Type of the entity"
},
"entity_uuid": {
"description": "UUID of the entity.",
"required": true,
"title": "UUID of the entity",
"type": "string"
},
"fqdn": {
"description": "Domain name the entity binds to.",
"format": "hostname",
"required": false,
"title": "Domain name",
"type": "string"
},
"ip_address": {
"description": "IP address the entity binds to.",
"required": false,
"title": "IP address of entity",
"type": "string"
},
"ipv6_address": {
"description": "IPv6 address the entity binds to.",
"required": false,
"title": "IPv6 address of entity",
"type": "string"
},
"ipv6_subnet_prefix_length": {
"description": "IPv6 subnet mask prefix length of the entity binds to.",
"maximum": 128,
"minimum": 0,
"required": false,
"title": "IPv6 subnet mask prefix length",
"type": "integer"
},
"port": {
"description": "Port the entity binds to.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port number",
"type": "integer"
},
"subnet_prefix_length": {
"description": "IPv4 subnet mask prefix length of the entity binds to.",
"maximum": 32,
"minimum": 0,
"required": false,
"title": "IPv4 subnet mask prefix length",
"type": "integer"
}
},
"title": "Cluster Node Entity Properties",
"type": "object"
}
CdpStatusType (type) (Deprecated)
{
"deprecated": true,
"deprecation_advice": "Do not use. This is currently unused functionality that will be removed.",
"enum": [
"NOT_READY",
"FETCHING",
"READY",
"ERROR"
],
"id": "CdpStatusType",
"module_id": "CertificateManager",
"title": "Status types supported of the CrlDistributionPoint",
"type": "string"
}
CentralConfigProperties (type)
{
"id": "CentralConfigProperties",
"properties": {
"local_override": {
"required": true,
"title": "Override Central Config",
"type": "boolean"
}
},
"title": "Central Config properties",
"type": "object"
}
CentralNodeConfigProfile (type)
{
"additionalProperties": false,
"description": "Central Node Config profile for NSX nodes. This set of properties will be pushed to NSX Manager and Edge nodes. SNMP properties will be pushed to KVM Hypervisors in addition to Manager and Edge nodes.",
"extends": {
"$ref": "ManagedResource"
},
"id": "CentralNodeConfigProfile",
"module_id": "CentralConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ntp": {
"$ref": "NtpProperties",
"description": "NTP service properties for NSX nodes. Ntp is null by default. If the ntp property is not specified or is set to null, the ntp property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing ntp setting on each node will remain as is.",
"required": false,
"title": "NTP service properties"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"snmp": {
"$ref": "SnmpProperties",
"description": "SNMP service properties for NSX nodes. Snmp is null by default. If the snmp property is not specified or is set to null, the snmp property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing snmp setting on each node will remain as is.",
"required": false,
"title": "SNMP service properties"
},
"syslog": {
"$ref": "SyslogProperties",
"description": "Syslog service properties for NSX nodes. Syslog is null by default. If the syslog property is not specified or is set to null, the syslog property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing syslog setting on each node will remain as is.",
"required": false,
"title": "Syslog service properties"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timezone": {
"description": "Timezone to be set for NSX nodes. Only timezone strings listed in the Time Zone database (https://www.iana.org/time-zones) are allowed. Timezone is null by default. If the timezone property is not specified or is set to null, the timezone property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing timezone setting on each node will remain as is.",
"required": false,
"title": "Timezone",
"type": "string"
}
},
"title": "Central Node Config Profile",
"type": "object"
}
CentralNodeConfigProfileGetRequestParams (type)
{
"additionalProperties": false,
"description": "This object includes GET request parameter to indicate whether sensitive data should be returned for a central Central Node Config profile.",
"id": "CentralNodeConfigProfileGetRequestParams",
"module_id": "CentralConfig",
"properties": {
"show_sensitive_data": {
"default": false,
"description": "If set to true, Central Node Config profile includes sensitive data properties like SNMP community strings if any applicable. Note that passwords are never returned. Default set to false.",
"required": false,
"title": "Show sensitive data in Central Node Config profile",
"type": "boolean"
}
},
"title": "GET request parameters for Central Node Config profile",
"type": "object"
}
CentralNodeConfigProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of Central Node Config profiles.",
"extends": {
"$ref": "ListResult"
},
"id": "CentralNodeConfigProfileListResult",
"module_id": "CentralConfig",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CentralNodeConfigProfile"
},
"required": true,
"title": "Central Node Config profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Central Node Config profiles",
"type": "object"
}
Certificate (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "Certificate",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "Different categories of certificates to distinguish stored certificates. 'APPLIANCE_CERTIFICATE' are certs used by this cluster. 'PRINCIPAL_IDENTITY_CERTIFICATE' used by LM and GM for mutual auth. 'SITE_CERTIFICATE' are certificate of different sites. 'UNUSED_CERTIFICATE' are certs which are not applied yet. 'POLICY_CERTIFICATE' used for external services. 'CM_INVENTORY' is the root CA certificate of the Computer Manager. 'OTHER_CERTIFICATE' is category for any certificate which is not identified.",
"enum": [
"OTHER_CERTIFICATE",
"APPLIANCE_CERTIFICATE",
"PRINCIPAL_IDENTITY_CERTIFICATE",
"SITE_CERTIFICATE",
"UNUSED_CERTIFICATE",
"POLICY_CERTIFICATE",
"CM_INVENTORY"
],
"readonly": true,
"required": false,
"title": "Category",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"description": "List of X509Certificates.",
"items": {
"$ref": "X509Certificate"
},
"readonly": true,
"required": false,
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"has_private_key": {
"default": false,
"description": "Whether we have the private key for this certificate.",
"readonly": true,
"required": true,
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"leaf_certificate_sha_256_thumbprint": {
"description": "Unique SHA-256 thumbprint of the leaf node certificate.",
"readonly": true,
"required": false,
"title": "Certificate thumbprint",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"used_by": {
"description": "List of node IDs with services, that are using this certificate.",
"items": {
"$ref": "NodeIdServicesMap"
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
CertificateBinding (type)
{
"description": "Details on applied certificate.",
"id": "CertificateBinding",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"certificate_id": {
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Certificate Id",
"type": "string"
},
"node_id": {
"description": "Node Id to which this certificate is applied to.",
"readonly": false,
"required": false,
"title": "Node Id",
"type": "string"
},
"service_type": {
"$ref": "ServiceType",
"description": "Service Type of the CertificateProfile to which the certificate is applied to.",
"readonly": false,
"required": true,
"title": "Service Type"
}
},
"title": "Certificate binding",
"type": "object"
}
CertificateCheckingStatus (type)
{
"additionalProperties": false,
"id": "CertificateCheckingStatus",
"module_id": "CertificateManager",
"properties": {
"error_message": {
"description": "Error message when checking the certificate.",
"readonly": true,
"required": false,
"title": "Error Message",
"type": "string"
},
"status": {
"$ref": "CertificateCheckingStatusType",
"description": "Status of the checked certificate.",
"readonly": true,
"required": true,
"title": "Status"
}
},
"title": "Result of checking a certificate",
"type": "object"
}
CertificateCheckingStatusType (type)
{
"enum": [
"OK",
"CRL_NOT_READY",
"REJECTED",
"ERROR"
],
"id": "CertificateCheckingStatusType",
"module_id": "CertificateManager",
"title": "Status types returned when checking a certificate",
"type": "string"
}
CertificateClass (type)
{
"enum": [
"REST",
"RPC",
"CBM",
"FEDERATION"
],
"id": "CertificateClass",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"title": "Certificate Class",
"type": "string"
}
CertificateData (type)
{
"additionalProperties": false,
"id": "CertificateData",
"module_id": "InventoryCmObj",
"properties": {
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"title": "PEM encoded certificate data",
"type": "string"
},
"private_key": {
"description": "Private key of certificate.",
"readonly": false,
"required": true,
"sensitive": true,
"title": "Private key of certificate",
"type": "secure_string"
}
},
"type": "object"
}
CertificateId (type)
{
"additionalProperties": false,
"id": "CertificateId",
"properties": {
"certificate_id": {
"readonly": true,
"required": true,
"title": "Certificate ID",
"type": "string"
}
},
"type": "object"
}
CertificateJWTTokenResult (type)
{
"description": "JWT token generated that contains new certificate signed with old certificate private key when certificate changes.",
"id": "CertificateJWTTokenResult",
"module_id": "CertificateManager",
"properties": {
"jwt_token": {
"description": "JWT token generated that contains new certificate.",
"title": "JWT token for new certificate",
"type": "string"
}
},
"title": "JWT token with new certificate",
"type": "object"
}
CertificateKeyPair (type)
{
"additionalProperties": false,
"id": "CertificateKeyPair",
"properties": {
"certificate": {
"$ref": "SecurityCertificate",
"display": {
"order": 1
},
"readonly": false,
"required": true
},
"rsa_private_key": {
"description": "The private key must include the enclosing \"-----BEGIN RSA PRIVATE KEY-----\" and \"-----END RSA PRIVATE KEY-----\". An empty string is returned in read responses.",
"display": {
"order": 2
},
"minLength": 60,
"readonly": false,
"required": true,
"sensitive": true,
"title": "PEM encoded RSA private key",
"type": "string"
}
},
"type": "object"
}
CertificateList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "CertificateList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Certificate list.",
"items": {
"$ref": "Certificate"
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Certificate queries result",
"type": "object"
}
CertificateOperationStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CertificateBinding"
},
"id": "CertificateOperationStatus",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"affected_services": {
"description": "A comma-separated list of services that may be affected or interrupted when this certificate operation occurs.",
"readonly": true,
"required": false,
"title": "Affected services",
"type": "string"
},
"certificate_id": {
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Certificate Id",
"type": "string"
},
"certificate_name": {
"description": "Required field presenting new certificate name in certificate replacement operation, or the certificate to be deleted.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": true,
"required": true,
"title": "Name of the new certificate.",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp",
"description": "The end time of this certificate operation in epoch milliseconds",
"readonly": true,
"required": false,
"title": "End time"
},
"estimated_duration": {
"description": "Estimated time duration in seconds for this certificate operation.",
"readonly": true,
"required": false,
"title": "Estimated duration",
"type": "integer"
},
"id": {
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": true,
"required": true,
"title": "Unique ID of the operation.",
"type": "string"
},
"message": {
"description": "Localized text explaining the details of the error or deprecation warning and remedial steps to be taken.",
"readonly": true,
"required": false,
"title": "Message",
"type": "string"
},
"node_id": {
"description": "Node Id to which this certificate is applied to.",
"readonly": false,
"required": false,
"title": "Node Id",
"type": "string"
},
"old_certificate_id": {
"description": "Optional field presenting old certificate id in certificate replacement operation.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": true,
"required": false,
"title": "Id of the old certificate",
"type": "string"
},
"old_certificate_name": {
"description": "Optional field presenting old certificate name in certificate replacement operation.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": true,
"required": false,
"title": "Name of the old certificate",
"type": "string"
},
"operation_type": {
"description": "Type of operation used for the batch.",
"enum": [
"REPLACE",
"DELETE"
],
"readonly": true,
"required": true,
"title": "Operation Type",
"type": "string"
},
"service_type": {
"$ref": "ServiceType",
"description": "Service Type of the CertificateProfile to which the certificate is applied to.",
"readonly": false,
"required": true,
"title": "Service Type"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"description": "The start time of this certificate operation in epoch milliseconds",
"readonly": true,
"required": false,
"title": "Start time"
},
"status": {
"description": "Status of this certificate operation",
"enum": [
"OK",
"ERROR",
"PENDING",
"ABORTED"
],
"readonly": true,
"required": true,
"title": "Status",
"type": "string"
}
},
"title": "Status of a certificate operation",
"type": "object"
}
CertificateProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "CertificateProfile",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"abort_on_error": {
"description": "If this field is true, the certificate batch operation would be aborted if an error occurs during the replacement operation for this certificate profile.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Abort when there's an error",
"type": "boolean"
},
"affected_services": {
"description": "A comma-separated list of service names that may be affected/interrupted when replacing the certificate for this service-type.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Affected Services",
"type": "string"
},
"certificate_class": {
"$ref": "CertificateClass",
"description": "Service-types that are in a 'class'' cannot be share a certificate with a service in another 'class'.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Category"
},
"cluster_certificate": {
"description": "True if this is for a cluster certificate",
"readonly": true,
"required": true,
"title": "Cluster Certificate",
"type": "boolean"
},
"deprecated_in_version": {
"description": "Version in which this certificate profile was deprecated.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Deprecated in version",
"type": "string"
},
"description": {
"description": "A longer description what the service-type is used for.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Description",
"type": "string"
},
"extended_key_usage": {
"description": "Indicating whether this certificate is used for server-auth, client-auth or both.",
"items": {
"$ref": "CertificateUsageType"
},
"readonly": true,
"required": true,
"title": "Extended Key Usage",
"type": "array"
},
"node_type": {
"description": "List of types of node this certificate applies to.",
"items": {
"$ref": "NodeType"
},
"readonly": true,
"required": true,
"title": "Node Type",
"type": "array"
},
"processing_order": {
"description": "The order in which service-type certificates are replaced in a batch-replace.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Processing Order",
"type": "integer"
},
"profile_name": {
"readonly": true,
"required": true,
"title": "Certificate Profile Name",
"type": "string"
},
"replacement_duration": {
"description": "The estimated amount of time it takes to replace the certificate for this service-type, in seconds.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Processing Duration",
"type": "integer"
},
"requires_private_key": {
"description": "True if this certificate needs a private key.",
"readonly": true,
"required": true,
"title": "Requires Private Key",
"type": "boolean"
},
"service_type": {
"$ref": "ServiceType",
"description": "A short and unique name for the type of service this certificate is used for.",
"readonly": true,
"required": true,
"title": "Unique Service Type"
},
"summary": {
"description": "A short phrase what this service-type is for.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Summary",
"type": "string"
},
"unique_use": {
"description": "True if the certificate used for this service-type cannot be used anywhere else.",
"readonly": true,
"required": true,
"title": "Unique Use",
"type": "boolean"
}
},
"type": "object"
}
CertificateProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "CertificateProfileListResult",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CertificateProfile list.",
"items": {
"$ref": "CertificateProfile"
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CertificateProfile query result",
"type": "object"
}
CertificateRenewalParameters (type)
{
"additionalProperties": false,
"id": "CertificateRenewalParameters",
"module_id": "CertificateManager",
"properties": {
"force": {
"default": false,
"description": "If true, perform certificate renewal even if blocked.",
"title": "Force renewal of certificates\n",
"type": "boolean"
}
},
"title": "Parameters that affect how certificate renewals are processed",
"type": "object"
}
CertificateReplacementConfig (type)
{
"id": "CertificateReplacementConfig",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"new_certificate_id": {
"description": "Id of the certificate which will replace the old certificate. This is optional field. If not specified, and if the old certificate is a self-signed certificate, a fresh self-signed will be generated with identical attributes as the old certificate.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": false,
"title": "Id of the new certificate",
"type": "string"
},
"old_certificate_id": {
"description": "Id of the currently used certificate which needs to be replaced.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Id of the old certificate",
"type": "string"
}
},
"title": "Configuration for a certificate replacement operation",
"type": "object"
}
CertificateUsageType (type)
{
"enum": [
"SERVER",
"CLIENT"
],
"id": "CertificateUsageType",
"module_id": "CertificateManager",
"title": "Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER",
"type": "string"
}
CertificatesBatchOperationResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "CertificatesBatchOperationResult",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp",
"description": "The end time of this certificate batch operation in epoch milliseconds",
"readonly": true,
"required": false,
"title": "End time"
},
"pending_estimated_duration": {
"description": "Sum of estimated duration of pending certificate operations.",
"readonly": true,
"required": false,
"title": "Pending estimated duration",
"type": "integer"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of certificate operation statuses.",
"items": {
"$ref": "CertificateOperationStatus"
},
"readonly": true,
"required": true,
"title": "Batch results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"description": "The start time of this certificate batch operation in epoch milliseconds",
"readonly": true,
"required": false,
"title": "Start time"
},
"total_estimated_duration": {
"description": "Sum of estimated duration of all certificate operations.",
"readonly": true,
"required": false,
"title": "Total estimated duration",
"type": "integer"
}
},
"title": "Result of certificates batch operation",
"type": "object"
}
CertificatesBatchReplacementParameters (type)
{
"additionalProperties": false,
"id": "CertificatesBatchReplacementParameters",
"module_id": "CertificateManager",
"properties": {
"force": {
"default": false,
"description": "If true, perform the certificate batch replacement even if blocked.",
"title": "Force batch replacement\n",
"type": "boolean"
}
},
"title": "Parameters that affect how certificate batch operations are processed",
"type": "object"
}
CertificatesBatchReplacementRequest (type)
{
"additionalProperties": false,
"id": "CertificatesBatchReplacementRequest",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"certificate_replacements": {
"description": "List of certificate replacement operation configurations.",
"items": {
"$ref": "CertificateReplacementConfig"
},
"readonly": false,
"required": true,
"type": "array"
}
},
"title": "Request for batch replacement of certificates",
"type": "object"
}
CheckpointCounter (type)
{
"id": "CheckpointCounter",
"module_id": "LiveTrace",
"properties": {
"checkpoint_type": {
"description": "Type of Livetrace checkpoint. UNKNOWN - Unknown checkpoint. PORT_INPUT - Received by a port on slowpath. The first slowpath checkpoint is encountered when the packet enters a certain port. For a certain port, a series of subsequent checkpoints is usually encountered after the packet traverses through PORT_INPUT. PORT_OUTPUT - Forwarded to a port on slowpath. The last slowpath checkpoint is encountered when the packet left a certain port. For a certain port, a series of checkpoints is usually encountered before the packet traverses through PORT_OUTPUT. SPOOFGUARD_INPUT - Received by slowpath Spoofguard service. This checkpoint should be encountered either after the packet encounters PORT_INPUT or before the packet encounters PORT_OUTPUT. SPOOFGUARD_OUTPUT - Forwarded from slowpath Spoofguard service. This checkpoint should be encountered after SPOOFGUARD_INPUT. SPOOFUGARD_DROP - Dropped by slowpath Spoofguard service. This checkpoint should be encountered after SPOOFGUARD_INPUT. DFW_INPUT - Received by slowpath DFW service. This checkpoint should be encountered encountered either after the packet encounters PORT_INPUT or before the packet encounters PORT_OUTPUT. This checkpoint should after SPOOFGUARD related checkpoints, if they exist. DFW_OUTPUT - Forwarded from slowpath DFW service. This checkpoint should be encountered after DFW_INPUT. DFW_DROP - Dropped by slowpath DFW service.This checkpoint should be encountered after DFW_INPUT. UPLINK_INPUT - Ingressed via an uplink port on slowpath. The first slowpath checkpoint is encountered when the packet ingress from external network via an uplink. UPLINK_OUTPUT - Egressed via an uplink port on slowpath. The last slowpath checkpoint is encountered when the packet egress to external network via an uplink. ENS_PORT_INPUT - Received by a port on ENS fastpath. The first ENS fastpath checkpoint is encountered when the packet enters a certain port. ENS_PORT_OUTPUT - Forwarded to a port on ENS fastpath. The last ENS fastpath checkpoint is encountered when the packet left a certain port. ENS_UPLINK_INPUT - Ingressed via an uplink port on ENS fastpath. The first ENS fastpath checkpoint is encountered when the packet ingress from external network via an uplink. ENS_UPLINK_OUTPUT - Egressed via an uplink port on ENS fastpath. The last ENS fastpath checkpoint is encountered when the packet egress to external network via an uplink. ENS_DFW_INPUT - Received by ENS fastpath DFW service. This checkpoint should be encountered after ENS_PORT_INPUT. ENS_DFW_OUTPUT - Forwarded from ENS fastpath DFW service. This checkpoint should be encountered after ENS_DFW_INPUT. ENS_DFW_DROP - Dropped by ENS fastpath DFW service. This checkpoint should be encountered after ENS_DFW_INPUT. ROUTER_DROP - Dropped by slowpath router service. This checkpoint should be encountered after PORT_INPUT.",
"enum": [
"UNKNOWN",
"PORT_INPUT",
"PORT_OUTPUT",
"SPOOFGUARD_INPUT",
"SPOOFGUARD_OUTPUT",
"SPOOFGUARD_DROP",
"DFW_INPUT",
"DFW_OUTPUT",
"DFW_DROP",
"UPLINK_INPUT",
"UPLINK_OUTPUT",
"ENS_PORT_INPUT",
"ENS_PORT_OUTPUT",
"ENS_UPLINK_INPUT",
"ENS_UPLINK_OUTPUT",
"ENS_DFW_INPUT",
"ENS_DFW_OUTPUT",
"ENS_DFW_DROP",
"ROUTER_DROP"
],
"readonly": true,
"required": true,
"title": "Type of checkpoint",
"type": "string"
},
"count": {
"description": "The number of packets traversed by this checkpoint. The packet connectivity issue can be discovered by comparing the count value of different checkpoints.",
"readonly": true,
"required": true,
"title": "Packet count",
"type": "integer"
}
},
"type": "object"
}
CheckpointCounterResult (type)
{
"description": "The packets that only have the count action (other permutations such as trace + pktcap or count + trace/pktcap cannot) can traverse through the ENS fastpath. Therefore, two checkpoint results from ENS fastpath and slowpath are listed below.",
"id": "CheckpointCounterResult",
"module_id": "LiveTrace",
"properties": {
"ens_checkpoints_result": {
"description": "The counter result from ENS checkpoints",
"items": {
"$ref": "CheckpointCounter"
},
"readonly": true,
"required": false,
"title": "Counter result from ENS checkpoints",
"type": "array"
},
"non_ens_checkpoints_result": {
"description": "The counter result from non ENS checkpoints",
"items": {
"$ref": "CheckpointCounter"
},
"readonly": true,
"required": false,
"title": "Counter result from non ENS checkpoints",
"type": "array"
}
},
"title": "Checkpoint counter result",
"type": "object"
}
ChildAntreaTraceflowConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for AntreaTraceflowConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildAntreaTraceflowConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildAntreaTraceflowConfig"
},
"properties": {
"TraceflowConfig": {
"$ref": "AntreaTraceflowConfig",
"description": "Contains the actual AntreaTraceflowConfig object.",
"required": true,
"title": "AntreaTraceflowConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for AnteaTraceflowConfig",
"type": "object"
}
ChildBfdProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for BfdProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildBfdProfile",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBfdProfile"
},
"properties": {
"BfdProfile": {
"$ref": "BfdProfile",
"description": "Contains the actual BfdProfile object.",
"required": true,
"title": "Bfd Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BfdProfile",
"type": "object"
}
ChildBgpNeighborConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for BgpNeighborConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildBgpNeighborConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBgpNeighborConfig"
},
"properties": {
"BgpNeighborConfig": {
"$ref": "BgpNeighborConfig",
"description": "Contains the actual BgpNeighborConfig object.",
"required": true,
"title": "BgpNeighborConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BgpNeighborConfig",
"type": "object"
}
ChildBgpRoutingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for BgpRoutingConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildBgpRoutingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBgpRoutingConfig"
},
"properties": {
"BgpRoutingConfig": {
"$ref": "BgpRoutingConfig",
"description": "Contains the actual BgpRoutingConfig object.",
"required": true,
"title": "BgpRoutingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BgpRoutingConfig",
"type": "object"
}
ChildBridgeFirewallPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for BridgeFirewallPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildBridgeFirewallPolicy",
"module_id": "PolicyBridgeFirewall",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBridgeFirewallPolicy"
},
"properties": {
"BridgeFirewallPolicy": {
"$ref": "BridgeFirewallPolicy",
"description": "Contains the BridgeFirewallPolicy object",
"required": true,
"title": "BridgeFirewallPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BridgeFirewallPolicy",
"type": "object"
}
ChildByodPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ByodPolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildByodPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildByodPolicyServiceInstance"
},
"properties": {
"ByodPolicyServiceInstance": {
"$ref": "ByodPolicyServiceInstance",
"description": "Contains actual ByodPolicyServiceInstance.",
"required": true,
"title": "ByodPolicyServiceInstance"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ByodPolicyServiceInstance",
"type": "object"
}
ChildCaBundle (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildCaBundle",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCaBundle"
},
"properties": {
"CaBundle": {
"$ref": "CaBundle",
"description": "Contains the actual CaBundle object.",
"required": true,
"title": "CaBundle"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Child wrapper for CA certificates bundle, used in hierarchical API.",
"type": "object"
}
ChildCommunicationEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildCommunicationEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunicationEntry"
},
"properties": {
"CommunicationEntry": {
"$ref": "CommunicationEntry",
"description": "Contains the actual CommunicationEntry object.",
"required": true,
"title": "CommunicationEntry"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunicationEntry",
"type": "object"
}
ChildCommunicationMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildCommunicationMap",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunicationMap"
},
"properties": {
"CommunicationMap": {
"$ref": "CommunicationMap",
"description": "Contains the actual CommunicationMap object.",
"required": true,
"title": "CommunicationMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunicationMap",
"type": "object"
}
ChildCommunityList (type)
{
"additionalProperties": false,
"description": "Child wrapper object for CommunityList, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildCommunityList",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunityList"
},
"properties": {
"CommunityList": {
"$ref": "CommunityList",
"description": "Contains the actual CommunityList object",
"required": true,
"title": "CommunityList"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunityList",
"type": "object"
}
ChildComputeClusterIdfwConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildComputeClusterIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildComputeClusterIdfwConfiguration"
},
"properties": {
"ComputeClusterIdfwConfiguration": {
"$ref": "ComputeClusterIdfwConfiguration",
"description": "Contains the actual compute cluster idfw configuration object.",
"required": true,
"title": "ComputeClusterIdfwConfiguration"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ComputeClusterIdfwConfiguration",
"type": "object"
}
ChildConstraint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Constraint, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildConstraint",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "ChildConstraint"
},
"properties": {
"Constraint": {
"$ref": "Constraint",
"description": "Contains the actual Constraint object",
"required": true,
"title": "Constraint"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Constraint",
"type": "object"
}
ChildConstraintGlobalConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ConstraintGlobalConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildConstraintGlobalConfig",
"module_id": "Policy",
"properties": {
"GlobalConfig": {
"$ref": "ConstraintGlobalConfig",
"description": "Settings to Constraint global configs in NSX/NSX+ application platform.",
"required": true,
"title": "ConstraintGlobalConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ConstraintGlobalConfig",
"type": "object"
}
ChildDeploymentZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for DeploymentZone, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDeploymentZone",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDeploymentZone"
},
"properties": {
"DeploymentZone": {
"$ref": "DeploymentZone",
"description": "Contains the actual DeploymentZone object",
"required": true,
"title": "DeploymentZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DeploymentZone",
"type": "object"
}
ChildDfwFirewallConfiguration (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDfwFirewallConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDfwFirewallConfiguration"
},
"properties": {
"DfwFirewallConfiguration": {
"$ref": "DfwFirewallConfiguration",
"description": "Contains the actual dfw firewall configuration list object.",
"required": true,
"title": "Dfw Firewall Configuration"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FirewallConfiguration",
"type": "object"
}
ChildDhcpRelayConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DhcpRelayConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDhcpRelayConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpRelayConfig"
},
"properties": {
"DhcpRelayConfig": {
"$ref": "DhcpRelayConfig",
"description": "Contains the actual DhcpRelayConfig object",
"required": true,
"title": "DhcpRelayConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpRelayConfig",
"type": "object"
}
ChildDhcpServerConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DhcpServerConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDhcpServerConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpServerConfig"
},
"properties": {
"DhcpServerConfig": {
"$ref": "DhcpServerConfig",
"description": "Contains the actual DhcpServerConfig object",
"required": true,
"title": "DhcpServerConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpServerConfig",
"type": "object"
}
ChildDhcpStaticBindingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for DhcpStaticBindingConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDhcpStaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpStaticBindingConfig"
},
"properties": {
"DhcpStaticBindingConfig": {
"$ref": "DhcpStaticBindingConfig",
"description": "Contains the actual DhcpStaticBindingConfig object.",
"required": true,
"title": "DhcpStaticBindingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpStaticBindingConfig",
"type": "object"
}
ChildDistributedVlanConnection (type)
{
"additionalProperties": false,
"description": "Child wrapper object for distributed vlan connection, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDistributedVlanConnection",
"module_id": "PolicyGatewayConnection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDistributedVlanConnection"
},
"properties": {
"DistributedVlanConnection": {
"$ref": "DistributedVlanConnection",
"description": "Contains the actual distributed vlan connection object.",
"required": true,
"title": "Policy distributed vlan connection"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for distributed vlan connection",
"type": "object"
}
ChildDnsSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DnsSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDnsSecurityProfile",
"module_id": "PolicyProfile",
"properties": {
"DnsSecurityProfile": {
"$ref": "DnsSecurityProfile",
"description": "Contains the actual DnsSecurityProfile object",
"required": true,
"title": "DnsSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DnsSecurityProfile",
"type": "object"
}
ChildDnsSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper obejct for DnsSecurityProfileBindingMap used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDnsSecurityProfileBindingMap",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"DnsSecurityProfileBindingMap": {
"$ref": "DnsSecurityProfileBindingMap",
"description": "Contains the actual DnsSecurityProfileBindingMap object",
"required": true,
"title": "DnsSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DnsSecurityProfileBindingMap",
"type": "object"
}
ChildDomain (type)
{
"additionalProperties": false,
"description": "Child wrapper object for domain, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDomain",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDomain"
},
"properties": {
"Domain": {
"$ref": "Domain",
"description": "Contains the actual domain object.",
"required": true,
"title": "Domain"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Domain",
"type": "object"
}
ChildDomainDeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DomainDeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildDomainDeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDomainDeploymentMap"
},
"properties": {
"DomainDeploymentMap": {
"$ref": "DomainDeploymentMap",
"description": "Contains the actual DomainDeploymentMap object.",
"required": true,
"title": "DomainDeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DomainDeploymentMap",
"type": "object"
}
ChildEndpointPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EndpointPolicy used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildEndpointPolicy",
"module_id": "PolicyGuestIntrospection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEndpointPolicy"
},
"properties": {
"EndpointPolicy": {
"$ref": "EndpointPolicy",
"description": "Contains actual EndpointPolicy.",
"required": true,
"title": "EndpointPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Endpoint Policy",
"type": "object"
}
ChildEndpointRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EndpointRule used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildEndpointRule",
"module_id": "PolicyGuestIntrospection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEndpointRule"
},
"properties": {
"EndpointRule": {
"$ref": "EndpointRule",
"description": "Contains actual EndpointRule.",
"required": true,
"title": "EndpointRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Endpoint Rule",
"type": "object"
}
ChildEnforcementPoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EnforcementPoint, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildEnforcementPoint",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEnforcementPoint"
},
"properties": {
"EnforcementPoint": {
"$ref": "EnforcementPoint",
"description": "Contains the actual Enforcement point object.",
"required": true,
"title": "EnforcementPoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EnforcementPoint",
"type": "object"
}
ChildEvpnConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EvpnConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildEvpnConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEvpnConfig"
},
"properties": {
"EvpnConfig": {
"$ref": "EvpnConfig",
"description": "Contains the actual EvpnConfig object.",
"required": true,
"title": "EvpnConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EvpnConfig",
"type": "object"
}
ChildEvpnTunnelEndpointConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EvpnTunnelEndpointConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildEvpnTunnelEndpointConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEvpnTunnelEndpointConfig"
},
"properties": {
"EvpnTunnelEndpointConfig": {
"$ref": "EvpnTunnelEndpointConfig",
"description": "Contains the actual EvpnTunnelEndpointConfig object.",
"required": true,
"title": "EvpnTunnelEndpointConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EvpnTunnelEndpointConfig",
"type": "object"
}
ChildFloodProtectionProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FloodProtectionProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFloodProtectionProfile"
},
"properties": {
"FloodProtectionProfile": {
"$ref": "FloodProtectionProfile",
"description": "Contains the actual FloodProtectionProfile object",
"required": true,
"title": "FloodProtectionProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FloodProtectionProfile",
"type": "object"
}
ChildFloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FloodProtectionProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildFloodProtectionProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFloodProtectionProfileBindingMap"
},
"properties": {
"FloodProtectionProfileBindingMap": {
"$ref": "FloodProtectionProfileBindingMap",
"description": "Contains the actual FloodProtectionProfileBindingMap object",
"required": true,
"title": "FloodProtectionProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FloodProtectionProfileBindingMap",
"type": "object"
}
ChildFqdnAnalysisConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FqdnAnalysisConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildFqdnAnalysisConfig",
"module_id": "PolicyUrlCategorization",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFqdnAnalysisConfig"
},
"properties": {
"FqdnAnalysisConfig": {
"$ref": "FqdnAnalysisConfig",
"description": "Contains the actual FqdnAnalysisConfig object",
"required": true,
"title": "FQDN Analysis Config"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FqdnAnalysisConfig",
"type": "object"
}
ChildGatewayConnection (type)
{
"additionalProperties": false,
"description": "Child wrapper object for gateway connection, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGatewayConnection",
"module_id": "PolicyGatewayConnection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGatewayConnection"
},
"properties": {
"GatewayConnection": {
"$ref": "GatewayConnection",
"description": "Contains the actual gateway connection object.",
"required": true,
"title": "Policy gateway connection"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for gateway connection",
"type": "object"
}
ChildGatewayPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GatewayPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGatewayPolicy",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGatewayPolicy"
},
"properties": {
"GatewayPolicy": {
"$ref": "GatewayPolicy",
"description": "Contains the actual GatewayPolicy object",
"required": true,
"title": "GatewayPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GatewayPolicy",
"type": "object"
}
ChildGatewayQosProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for GatewayQosProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGatewayQosProfile",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGatewayQosProfile"
},
"properties": {
"GatewayQosProfile": {
"$ref": "GatewayQosProfile",
"description": "Contains the actual GatewayQosProfile object.",
"required": true,
"title": "GatewayQosProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GatewayQosProfile",
"type": "object"
}
ChildGeneralSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GeneralSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGeneralSecurityProfile"
},
"properties": {
"GeneralSecurityProfile": {
"$ref": "GeneralSecurityProfile",
"description": "Contains the actual GeneralSecurityProfile object",
"required": true,
"title": "GeneralSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GeneralSecurityProfile",
"type": "object"
}
ChildGeneralSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GeneralSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGeneralSecurityProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGeneralSecurityProfileBindingMap"
},
"properties": {
"GeneralSecurityProfileBindingMap": {
"$ref": "GeneralSecurityProfileBindingMap",
"description": "Contains the actual GeneralSecurityProfileBindingMap object",
"required": true,
"title": "GeneralSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GeneralSecurityProfileBindingMap",
"type": "object"
}
ChildGeoIpSetting (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GeoIpSetting, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGeoIpSetting",
"module_id": "PolicyGeoIp",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGeoIpSetting"
},
"properties": {
"GeoIpSetting": {
"$ref": "GeoIpSetting",
"description": "Contains the actual GeoIpSetting object.",
"required": true,
"title": "Geo IP Setting"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GeoIpSetting",
"type": "object"
}
ChildGlobalConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GlobalConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGlobalConfig",
"module_id": "Policy",
"properties": {
"GlobalConfig": {
"$ref": "GlobalConfig",
"description": "Contains the actual GlobalConfig object.",
"required": true,
"title": "GlobalConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalConfig",
"type": "object"
}
ChildGlobalDfwConfiguration (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGlobalDfwConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalDfwConfiguration"
},
"properties": {
"GlobalDfwConfiguration": {
"$ref": "GlobalDfwConfiguration",
"description": "Contains the actual global distributed firewall configuration object.",
"required": true,
"title": "Global distributed firewall configuration"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalDfwConfiguration",
"type": "object"
}
ChildGlobalIdsSettings (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GlobalIdsSettings, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGlobalIdsSettings",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalIdsSettings"
},
"properties": {
"GlobalIdsSettings": {
"$ref": "GlobalIdsSettings",
"description": "Contains the GlobalIdsSettings object",
"required": true,
"title": "GlobalIdsSettings"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalIdsSettings",
"type": "object"
}
ChildGlobalIdsSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GlobalIdsSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGlobalIdsSignature",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalIdsSignature"
},
"properties": {
"GlobalIdsSignature": {
"$ref": "GlobalIdsSignature",
"description": "Contains the GlobalIdsSignature object",
"required": true,
"title": "GlobalIdsSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalIdsSignature",
"type": "object"
}
ChildGlobalManager (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Global Manager, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGlobalManager",
"module_id": "PolicySiteGM",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalManager"
},
"properties": {
"GlobalManager": {
"$ref": "GlobalManager",
"description": "Contains the actual Global Manager object.",
"required": true,
"title": "GlobalManager"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Global Manager",
"type": "object"
}
ChildGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper object for group, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGroup",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGroup"
},
"properties": {
"Group": {
"$ref": "Group",
"description": "Contains the actual group objects.",
"required": true,
"title": "Group"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Group",
"type": "object"
}
ChildGroupDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper obejct for GroupDiscoveryProfileBindingMap used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGroupDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"GroupDiscoveryProfileBindingMap": {
"$ref": "GroupDiscoveryProfileBindingMap",
"description": "Contains the actual GroupDiscoveryProfileBindingMap object",
"required": true,
"title": "GroupDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GroupDiscoveryProfileBindingMap",
"type": "object"
}
ChildGroupMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GroupMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildGroupMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGroupMonitoringProfileBindingMap"
},
"properties": {
"GroupMonitoringProfileBindingMap": {
"$ref": "GroupMonitoringProfileBindingMap",
"description": "Contains the actual GroupMonitoringProfileBindingMap object",
"required": true,
"title": "GroupMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GroupMonitoringProfileBindingMap",
"type": "object"
}
ChildHostTransportNode (type)
{
"additionalProperties": false,
"description": "Child wrapper for Host Transport Node, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildHostTransportNode",
"module_id": "PolicyHostTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "ChildHostTransportNode"
},
"properties": {
"HostTransportNode": {
"$ref": "HostTransportNode",
"description": "Contains the actual Host Transport Node object.",
"required": true,
"title": "Host Transport Node"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Host Transport Node",
"type": "object"
}
ChildHostTransportNodeCollection (type)
{
"additionalProperties": false,
"description": "Child wrapper for Transport Collection, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildHostTransportNodeCollection",
"module_id": "HostTransportNodeCollection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildHostTransportNodeCollection"
},
"properties": {
"HostTransportNodeCollection": {
"$ref": "HostTransportNodeCollection",
"description": "Contains the actual Transport Node Collection object.",
"required": true,
"title": "Transport Node Collection"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Transport Node Collection",
"type": "object"
}
ChildIPDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPDiscoveryProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPDiscoveryProfile",
"module_id": "PolicyIpDiscovery",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPDiscoveryProfile"
},
"properties": {
"IPDiscoveryProfile": {
"$ref": "IPDiscoveryProfile",
"description": "Contains the actual IPDiscoveryProfile object",
"required": true,
"title": "IPDiscoveryProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPDiscoveryProfile",
"type": "object"
}
ChildIPFIXDFWCollectorProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXDFWCollectorProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPFIXDFWCollectorProfile",
"module_id": "PolicyIPFIXDFW",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXDFWCollectorProfile"
},
"properties": {
"IPFIXDFWCollectorProfile": {
"$ref": "IPFIXDFWCollectorProfile",
"description": "Contains the actual IPFIXDFWCollectorProfile object",
"required": true,
"title": "IPFIXDFWCollectorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXDFWCollectorProfile",
"type": "object"
}
ChildIPFIXDFWProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXDFWProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPFIXDFWProfile",
"module_id": "PolicyIPFIXDFW",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXDFWProfile"
},
"properties": {
"IPFIXDFWProfile": {
"$ref": "IPFIXDFWProfile",
"description": "Contains the actual IPFIXDFWProfile object",
"required": true,
"title": "IPFIXDFWProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXDFWProfile",
"type": "object"
}
ChildIPFIXL2CollectorProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXL2CollectorProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPFIXL2CollectorProfile",
"module_id": "PolicyIPFIXSwitch",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXL2CollectorProfile"
},
"properties": {
"IPFIXL2CollectorProfile": {
"$ref": "IPFIXL2CollectorProfile",
"description": "Contains the actual IPFIXL2CollectorProfile object",
"required": true,
"title": "IPFIXL2CollectorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXL2CollectorProfile",
"type": "object"
}
ChildIPFIXL2Profile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXL2Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPFIXL2Profile",
"module_id": "PolicyIPFIXSwitch",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXL2Profile"
},
"properties": {
"IPFIXL2Profile": {
"$ref": "IPFIXL2Profile",
"description": "Contains the actual IPFIXL2Profile object",
"required": true,
"title": "IPFIXL2Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXL2Profile",
"type": "object"
}
ChildIPReputationSiteMapping (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IP ReputationSiteMapping, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPReputationSiteMapping",
"module_id": "DFWIPReputationSecurityConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPReputationSiteMapping"
},
"properties": {
"IPReputationSiteMapping": {
"$ref": "IPReputationSiteMapping",
"description": "Contains the actual IP ReputationSiteMapping objects.",
"required": true,
"title": "IPReputationSiteMapping"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IP ReputationSiteMapping",
"type": "object"
}
ChildIPSecVpnDpdProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnDpdProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPSecVpnDpdProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnDpdProfile"
},
"properties": {
"IPSecVpnDpdProfile": {
"$ref": "IPSecVpnDpdProfile",
"description": "Contains the actual IPSecVpnDpdProfile object.",
"required": true,
"title": "IPSecVpnDpdProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnDpdProfile",
"type": "object"
}
ChildIPSecVpnIkeProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnIkeProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPSecVpnIkeProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnIkeProfile"
},
"properties": {
"IPSecVpnIkeProfile": {
"$ref": "IPSecVpnIkeProfile",
"description": "Contains the actual IPSecVpnIkeProfile object.",
"required": true,
"title": "IPSecVpnIkeProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnIkeProfile",
"type": "object"
}
ChildIPSecVpnLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnLocalEndpoint, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPSecVpnLocalEndpoint",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnLocalEndpoint"
},
"properties": {
"IPSecVpnLocalEndpoint": {
"$ref": "IPSecVpnLocalEndpoint",
"description": "Contains the actual IPSecVpnLocalEndpoint object.",
"required": true,
"title": "IPSecVpnLocalEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnLocalEndpoint",
"type": "object"
}
ChildIPSecVpnService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPSecVpnService",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnService"
},
"properties": {
"IPSecVpnService": {
"$ref": "IPSecVpnService",
"description": "Contains the actual IPSecVpnService object.",
"required": true,
"title": "IPSecVpnService"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnService",
"type": "object"
}
ChildIPSecVpnSession (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnSession, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnSession"
},
"properties": {
"IPSecVpnSession": {
"$ref": "IPSecVpnSession",
"description": "Contains the actual IPSecVpnSession object.",
"required": true,
"title": "IPSecVpnSession"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnSession",
"type": "object"
}
ChildIPSecVpnTunnelProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnTunnelProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIPSecVpnTunnelProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnTunnelProfile"
},
"properties": {
"IPSecVpnTunnelProfile": {
"$ref": "IPSecVpnTunnelProfile",
"description": "Contains the actual IPSecVpnTunnelProfile object",
"required": true,
"title": "IPSecVpnTunnelProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnTunnelProfile",
"type": "object"
}
ChildIdentityFirewallStore (type)
{
"additionalProperties": false,
"description": "Child wrapper for IdentityFirewallStore, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdentityFirewallStore",
"module_id": "PolicyIdentity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdentityFirewallStore"
},
"properties": {
"IdentityFirewallStore": {
"$ref": "IdentityFirewallStore",
"description": "Contains the actual IdentityFirewallStore object.",
"required": true,
"title": "IdentityFirewallStore"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdentityFirewallStore",
"type": "object"
}
ChildIdsClusterConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsClusterConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsClusterConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsClusterConfig"
},
"properties": {
"IdsClusterConfig": {
"$ref": "IdsClusterConfig",
"description": "Contains the IdsClusterConfig object",
"required": true,
"title": "IdsClusterConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsClusterConfig",
"type": "object"
}
ChildIdsCustomSignatureSettings (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsCustomSignatureSettings, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsCustomSignatureSettings",
"module_id": "PolicyIDSCustomSignature",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsCustomSignatureSettings"
},
"properties": {
"IdsCustomSignatureSettings": {
"$ref": "IdsCustomSignatureSettings",
"description": "Contains the IdsCustomSignatureSettings object",
"required": true,
"title": "IdsCustomSignatureSettings"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsCustomSignatureSettings",
"type": "object"
}
ChildIdsGatewayPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsGatewayPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsGatewayPolicy",
"module_id": "PolicyIDSGateway",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsGatewayPolicy"
},
"properties": {
"IdsGatewayPolicy": {
"$ref": "IdsGatewayPolicy",
"description": "Contains the IdsGatewayPolicy object",
"required": true,
"title": "IdsGatewayPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsGatewayPolicy",
"type": "object"
}
ChildIdsGlobalEventConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsGlobalEventConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsGlobalEventConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsGlobalEventConfig"
},
"properties": {
"IdsGlobalEventConfig": {
"$ref": "IdsGlobalEventConfig",
"description": "Contains the IdsGlobalEventConfig object",
"required": true,
"title": "IdsGlobalEventConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsGlobalEventConfig",
"type": "object"
}
ChildIdsPcapFileMetadata (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsPcapFileMetadata, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsPcapFileMetadata",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsPcapFileMetadata"
},
"properties": {
"IdsPcapFileMetadata": {
"$ref": "IdsPcapFileMetadata",
"description": "Contains the IdsPcapFileMetadata object",
"required": true,
"title": "IdsPcapFileMetadata"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsPcapFileMetadata",
"type": "object"
}
ChildIdsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsProfile",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsProfile"
},
"properties": {
"IdsProfile": {
"$ref": "IdsProfile",
"description": "Contains the IdsProfile object",
"required": true,
"title": "IdsProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsProfile",
"type": "object"
}
ChildIdsRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsRule",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsRule"
},
"properties": {
"IdsRule": {
"$ref": "IdsRule",
"description": "Contains the IdsRule object",
"required": true,
"title": "IdsRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsRule",
"type": "object"
}
ChildIdsSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSecurityPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsSecurityPolicy",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSecurityPolicy"
},
"properties": {
"IdsSecurityPolicy": {
"$ref": "IdsSecurityPolicy",
"description": "Contains the IdsSecurityPolicy object",
"required": true,
"title": "IdsSecurityPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSecurityPolicy",
"type": "object"
}
ChildIdsSettings (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSettings, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsSettings",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSettings"
},
"properties": {
"IdsSettings": {
"$ref": "IdsSettings",
"description": "Contains the IdsSettings object",
"required": true,
"title": "IdsSettings"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSettings",
"type": "object"
}
ChildIdsSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsSignature",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSignature"
},
"properties": {
"IdsSignature": {
"$ref": "IdsSignature",
"description": "Contains the IdsSignature object",
"required": true,
"title": "IdsSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSignature",
"type": "object"
}
ChildIdsSignatureStatus (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSignatureStatus, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsSignatureStatus",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSignatureStatus"
},
"properties": {
"IdsSignatureStatus": {
"$ref": "IdsSignatureStatus",
"description": "Contains the IdsSignatureStatus object",
"required": true,
"title": "IdsSignatureStatus"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSignatureStatus",
"type": "object"
}
ChildIdsSignatureVersion (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSignatureVersion, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsSignatureVersion",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSignatureVersion"
},
"properties": {
"IdsSignatureVersion": {
"$ref": "IdsSignatureVersion",
"description": "Contains the IdsSignatureVersion object",
"required": true,
"title": "IdsSignatureVersion"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSignatureVersion",
"type": "object"
}
ChildIdsSiteVersionMapping (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSiteVersionMapping, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsSiteVersionMapping",
"module_id": "IDSSiteVersionMapping",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSiteVersionMapping"
},
"properties": {
"IdsSiteVersionMapping": {
"$ref": "IdsSiteVersionMapping",
"description": "Contains the actual IdsSiteVersionMapping objects.",
"required": true,
"title": "IdsSiteVersionMapping"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSiteVersionMapping",
"type": "object"
}
ChildIdsStandaloneHostConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsStandaloneHostConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsStandaloneHostConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsStandaloneHostConfig"
},
"properties": {
"IdsStandaloneHostConfig": {
"$ref": "IdsStandaloneHostConfig",
"description": "Contains the IdsStandaloneHostConfig object",
"required": true,
"title": "IdsStandaloneHostConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsStandaloneHostConfig",
"type": "object"
}
ChildIdsThresholdConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsThresholdConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIdsThresholdConfig",
"module_id": "PolicyIDS",
"nsx_feature": "IdsThreshold",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsThresholdConfig"
},
"properties": {
"IdsThresholdConfig": {
"$ref": "IdsThresholdConfig",
"description": "Contains the IdsThresholdConfig object.",
"required": true,
"title": "IdsThresholdConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsThresholdConfig",
"type": "object"
}
ChildInfra (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Infra, used in multi-tenancy hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildInfra",
"module_id": "Policy",
"properties": {
"Infra": {
"$ref": "Infra",
"description": "Contains the actual Infra object",
"required": true,
"title": "Infra"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Infra",
"type": "object"
}
ChildIpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressAllocation, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIpAddressAllocation",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressAllocation"
},
"properties": {
"IpAddressAllocation": {
"$ref": "IpAddressAllocation",
"description": "Contains the actual IpAddressAllocation object",
"required": true,
"title": "IpAddressAllocation"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressAllocation",
"type": "object"
}
ChildIpAddressBlock (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressBlock, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIpAddressBlock",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressBlock"
},
"properties": {
"IpAddressBlock": {
"$ref": "IpAddressBlock",
"description": "Contains the actual IpAddressBlock object",
"required": true,
"title": "IpAddressBlock"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressBlock",
"type": "object"
}
ChildIpAddressPool (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressPool, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIpAddressPool",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressPool"
},
"properties": {
"IpAddressPool": {
"$ref": "IpAddressPool",
"description": "Contains the actual IpAddressPool object",
"required": true,
"title": "IpAddressPool"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressPool",
"type": "object"
}
ChildIpAddressPoolSubnet (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressPoolSubnet, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIpAddressPoolSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressPoolSubnet"
},
"properties": {
"IpAddressPoolSubnet": {
"$ref": "IpAddressPoolSubnet",
"description": "Contains the actual IpAddressPoolSubnet object",
"required": true,
"title": "IpAddressPoolSubnet"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressPoolSubnet",
"type": "object"
}
ChildIpv6DadProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Ipv6DadProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIpv6DadProfile",
"module_id": "PolicyConnectivity",
"properties": {
"Ipv6DadProfile": {
"$ref": "Ipv6DadProfile",
"description": "Contains the actual Ipv6DadProfile objects",
"required": true,
"title": "Ipv6DadProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Ipv6DadProfile",
"type": "object"
}
ChildIpv6NdraProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Ipv6NdraProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildIpv6NdraProfile",
"module_id": "PolicyConnectivity",
"properties": {
"Ipv6NdraProfile": {
"$ref": "Ipv6NdraProfile",
"description": "Contains the actual Ipv6NdraProfile objects",
"required": true,
"title": "Ipv6NdraProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Ipv6NdraProfile",
"type": "object"
}
ChildL2BridgeEndpointProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2BridgeEndpointProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL2BridgeEndpointProfile",
"module_id": "PolicyConnectivity",
"properties": {
"L2BridgeEndpointProfile": {
"$ref": "L2BridgeEndpointProfile",
"description": "Contains the actual L2BridgeEndpointProfile object",
"required": true,
"title": "L2BridgeEndpointProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2BridgeEndpointProfile",
"type": "object"
}
ChildL2VPNService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2VPNService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL2VPNService",
"module_id": "PolicyVpnLayer2VPN",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VPNService"
},
"properties": {
"L2VPNService": {
"$ref": "L2VPNService",
"description": "Contains the actual L2VPNService object.",
"required": true,
"title": "L2VPNService"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VPNService",
"type": "object"
}
ChildL2VPNSession (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2VPNSession, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL2VPNSession",
"module_id": "PolicyVpnLayer2VPN",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VPNSession"
},
"properties": {
"L2VPNSession": {
"$ref": "L2VPNSession",
"description": "Contains the actual L2VPNSession object.",
"required": true,
"title": "L2VPNSession"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VPNSession",
"type": "object"
}
ChildL2Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L2Vpn, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL2Vpn",
"module_id": "PolicyL2Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2Vpn"
},
"properties": {
"L2Vpn": {
"$ref": "L2Vpn",
"description": "Contains the actual L2Vpn object.",
"required": true,
"title": "L2Vpn"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2Vpn",
"type": "object"
}
ChildL2VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L2VpnContext, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL2VpnContext",
"module_id": "PolicyL2Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VpnContext"
},
"properties": {
"L2VpnContext": {
"$ref": "L2VpnContext",
"description": "Contains the actual L2VpnContext object.",
"required": true,
"title": "L2VpnContext"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VpnContext",
"type": "object"
}
ChildL3Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L3Vpn, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL3Vpn",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL3Vpn"
},
"properties": {
"L3Vpn": {
"$ref": "L3Vpn",
"description": "Contains the actual L3Vpn object.",
"required": true,
"title": "L3Vpn"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L3Vpn",
"type": "object"
}
ChildL3VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L3VpnContext, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL3VpnContext",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL3VpnContext"
},
"properties": {
"L3VpnContext": {
"$ref": "L3VpnContext",
"description": "Contains the actual L3VpnContext object.",
"required": true,
"title": "L3VpnContext"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L3VpnContext",
"type": "object"
}
ChildL7AccessEntry (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L7 Access Entry, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL7AccessEntry",
"module_id": "L7AccessProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL7AccessEntry"
},
"properties": {
"L7AccessEntry": {
"$ref": "L7AccessEntry",
"description": "Contains the actual L7 access entry object",
"required": true,
"title": "L7 Access Entry"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L7 Access Entry",
"type": "object"
}
ChildL7AccessProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L7 Access Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildL7AccessProfile",
"module_id": "L7AccessProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL7AccessProfile"
},
"properties": {
"L7AccessProfile": {
"$ref": "L7AccessProfile",
"description": "Contains the actual L7 access profile object",
"required": true,
"title": "L7 access profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L7 Access Profile",
"type": "object"
}
ChildLBAppProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBAppProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLBAppProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBAppProfile"
},
"properties": {
"LBAppProfile": {
"$ref": "LBAppProfile",
"description": "Contains the actual LBAppProfile object.",
"required": true,
"title": "LBAppProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBAppProfile",
"type": "object"
}
ChildLBClientSslProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBClientSslProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLBClientSslProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBClientSslProfile"
},
"properties": {
"LBClientSslProfile": {
"$ref": "LBClientSslProfile",
"description": "Contains the actual LBClientSslProfile object.",
"required": true,
"title": "LBClientSslProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBClientSslProfile",
"type": "object"
}
ChildLBMonitorProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBMonitorProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLBMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBMonitorProfile"
},
"properties": {
"LBMonitorProfile": {
"$ref": "LBMonitorProfile",
"description": "Contains the actual LBMonitorProfile object.",
"required": true,
"title": "LBMonitorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBMonitorProfile",
"type": "object"
}
ChildLBPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBPersistenceProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLBPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBPersistenceProfile"
},
"properties": {
"LBPersistenceProfile": {
"$ref": "LBPersistenceProfile",
"description": "Contains the actual LBPersistenceProfile object.",
"required": true,
"title": "LBPersistenceProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBPersistenceProfile",
"type": "object"
}
ChildLBPool (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBPool, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLBPool",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBPool"
},
"properties": {
"LBPool": {
"$ref": "LBPool",
"description": "Contains the actual LBPool object.",
"required": true,
"title": "LBPool"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBPool",
"type": "object"
}
ChildLBServerSslProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBServerSslProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLBServerSslProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBServerSslProfile"
},
"properties": {
"LBServerSslProfile": {
"$ref": "LBServerSslProfile",
"description": "Contains the actual LBServerSslProfile object.",
"required": true,
"title": "LBServerSslProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBServerSslProfile",
"type": "object"
}
ChildLBService (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLBService",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBService"
},
"properties": {
"LBService": {
"$ref": "LBService",
"description": "Contains the actual LBService object.",
"required": true,
"title": "LBService"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBService",
"type": "object"
}
ChildLBVirtualServer (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBVirtualServer, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLBVirtualServer",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBVirtualServer"
},
"properties": {
"LBVirtualServer": {
"$ref": "LBVirtualServer",
"description": "Contains the actual LBVirtualServer object.",
"required": true,
"title": "LBVirtualServer"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBVirtualServer",
"type": "object"
}
ChildLimit (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Limit, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLimit",
"module_id": "PolicyLimit",
"nsx_feature": "IpBlockQuota",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLimit"
},
"properties": {
"Limit": {
"$ref": "Limit",
"description": "Contains Limit definitions.",
"required": true,
"title": "Policy Limit Definition"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Child wrapper for Limit",
"type": "object"
}
ChildLiveTraceConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for LiveTraceConfig for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLiveTraceConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLiveTraceConfig"
},
"properties": {
"LiveTraceConfig": {
"$ref": "LiveTraceConfig",
"description": "The actual LiveTraceConfig object.",
"required": true,
"title": "LiveTraceConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LiveTraceConfig",
"type": "object"
}
ChildLocaleServices (type)
{
"additionalProperties": false,
"description": "Child wrapper object for LocaleServices, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildLocaleServices",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLocaleServices"
},
"properties": {
"LocaleServices": {
"$ref": "LocaleServices",
"description": "Contains the actual LocaleServices object",
"required": true,
"title": "LocaleServices"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LocaleServices",
"type": "object"
}
ChildMacDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MacDiscoveryProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildMacDiscoveryProfile",
"module_id": "PolicyMacDiscovery",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMacDiscoveryProfile"
},
"properties": {
"MacDiscoveryProfile": {
"$ref": "MacDiscoveryProfile",
"description": "Contains the actual MacDiscoveryProfile object",
"required": true,
"title": "MacDiscoveryProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MacDiscoveryProfile",
"type": "object"
}
ChildMalwarePreventionProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MalwarePreventionProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildMalwarePreventionProfile",
"module_id": "PolicyAntiMalware",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMalwarePreventionProfile"
},
"properties": {
"MalwarePreventionProfile": {
"$ref": "MalwarePreventionProfile",
"description": "Contains the MalwarePreventionProfile object",
"required": true,
"title": "MalwarePreventionProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MalwarePreventionProfile",
"type": "object"
}
ChildMalwarePreventionSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MalwarePreventionSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildMalwarePreventionSignature",
"module_id": "PolicyAntiMalware",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMalwarePreventionSignature"
},
"properties": {
"MalwarePreventionSignature": {
"$ref": "MalwarePreventionSignature",
"description": "Contains the MalwarePreventionSignature object",
"required": true,
"title": "MalwarePreventionSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MalwarePreventionSignature",
"type": "object"
}
ChildMetadataProxyConfig (type)
{
"additionalProperties": false,
"descritpion": "Child wrapper object for MetadataProxyConfig, used in hierarchical APIs",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildMetadataProxyConfig",
"module_id": "PolicyMetadataProxy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMetadataProxyConfig"
},
"properties": {
"MetadataProxyConfig": {
"$ref": "MetadataProxyConfig",
"description": "Contains the actual MetadataProxyConfig object.",
"required": true,
"title": "MetadataProxyConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MetadataProxyConfig",
"type": "object"
}
ChildOdsDynamicRunbookInstance (type)
{
"additionalProperties": false,
"description": "Child wrapper for OdsDynamicRunbookInstance for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildOdsDynamicRunbookInstance",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "ChildOdsDynamicRunbookInstance"
},
"properties": {
"OdsDynamicRunbookInstance": {
"$ref": "OdsDynamicRunbookInstance",
"description": "The actual OdsDynamicRunbookInstance object.",
"required": true,
"title": "OdsDynamicRunbookInstance"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OdsDynamicRunbookInstance",
"type": "object"
}
ChildOdsRunbookInvocation (type)
{
"additionalProperties": false,
"description": "Child wrapper for OdsRunbookInvocation for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildOdsRunbookInvocation",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "ChildOdsRunbookInvocation"
},
"properties": {
"OdsRunbookInvocation": {
"$ref": "OdsRunbookInvocation",
"description": "The actual OdsRunbookInvocation object.",
"required": true,
"title": "OdsRunbookInvocation"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OdsRunbookInvocation",
"type": "object"
}
ChildOdsRunbookInvocationArtifactBatchRequest (type)
{
"additionalProperties": false,
"description": "Child wrapper for OdsRunbookInvocationArtifactBatchRequest for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildOdsRunbookInvocationArtifactBatchRequest",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "ChildOdsRunbookInvocationArtifactBatchRequest"
},
"properties": {
"OdsRunbookInvocation": {
"$ref": "OdsRunbookInvocationArtifactBatchRequest",
"description": "The actual OdsRunbookInvocationArtifactBatchRequest object.",
"required": true,
"title": "OdsRunbookInvocationArtifactBatchRequest"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OdsRunbookInvocationArtifactBatchRequest",
"type": "object"
}
ChildOpsGlobalConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OpsGlobalConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildOpsGlobalConfig",
"module_id": "Policy",
"properties": {
"GlobalConfig": {
"$ref": "OpsGlobalConfig",
"description": "Contains the actual OpsGlobalConfig object.",
"required": true,
"title": "OpsGlobalConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OpsGlobalConfig",
"type": "object"
}
ChildOrg (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Org, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildOrg",
"module_id": "PolicyOrg",
"properties": {
"Org": {
"$ref": "Org",
"description": "Contains the actual Org object",
"required": true,
"title": "Org"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Org",
"type": "object"
}
ChildOrgRoot (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OrgRoot, used in multi-tenancy hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildOrgRoot",
"module_id": "PolicyOrgRoot",
"properties": {
"OrgRoot": {
"$ref": "OrgRoot",
"description": "Contains the actual OrgRoot object",
"required": true,
"title": "OrgRoot"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OrgRoot",
"type": "object"
}
ChildOspfAreaConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OspfAreaConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildOspfAreaConfig",
"module_id": "PolicyOspf",
"properties": {
"OspfAreaConfig": {
"$ref": "OspfAreaConfig",
"description": "Contains actual OspfAreaConfig.",
"required": true,
"title": "OspfAreaConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OSPF routing config",
"type": "object"
}
ChildOspfRoutingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OspfRoutingConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildOspfRoutingConfig",
"module_id": "PolicyOspf",
"properties": {
"OspfRoutingConfig": {
"$ref": "OspfRoutingConfig",
"description": "Contains actual OspfRoutingConfig.",
"required": true,
"title": "OspfRoutingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OSPF routing config",
"type": "object"
}
ChildPolicyConfigResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an object on the desired state",
"extends": {
"$ref": "ManagedResource"
},
"id": "ChildPolicyConfigResource",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the desired state object as child resource",
"type": "object"
}
ChildPolicyContextProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyContextProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyContextProfile",
"module_id": "PolicyContextProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyContextProfile"
},
"properties": {
"PolicyContextProfile": {
"$ref": "PolicyContextProfile",
"description": "Contains the actual PolicyContextProfile objects",
"required": true,
"title": "PolicyContextProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyContextProfile",
"type": "object"
}
ChildPolicyCustomAttributes (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyCustomAttributes, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyCustomAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"PolicyCustomAttributes": {
"$ref": "PolicyCustomAttributes",
"description": "Contains the actual PolicyCustomAttributes objects",
"required": true,
"title": "PolicyCustomAttributes"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyCustomAttributes",
"type": "object"
}
ChildPolicyDnsForwarder (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyDnsForwarder, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyDnsForwarder",
"module_id": "PolicyDnsForwarder",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyDnsForwarder"
},
"properties": {
"PolicyDnsForwarder": {
"$ref": "PolicyDnsForwarder",
"description": "Contains the actual PolicyDnsForwarder object",
"required": true,
"title": "PolicyDnsForwarder"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyDnsForwarder",
"type": "object"
}
ChildPolicyDnsForwarderZone (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyDnsForwarderZone, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyDnsForwarderZone",
"module_id": "PolicyDnsForwarder",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyDnsForwarderZone"
},
"properties": {
"PolicyDnsForwarderZone": {
"$ref": "PolicyDnsForwarderZone",
"description": "Contains the actual PolicyDnsForwarderZone object",
"required": true,
"title": "PolicyDnsForwarderZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyDnsForwarderZone",
"type": "object"
}
ChildPolicyEdgeCluster (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyEdgeCluster, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyEdgeCluster",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyEdgeCluster"
},
"properties": {
"PolicyEdgeCluster": {
"$ref": "PolicyEdgeCluster",
"description": "Contains the actual PolicyEdgeCluster object.",
"required": true,
"title": "PolicyEdgeCluster"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyEdgeCluster",
"type": "object"
}
ChildPolicyEdgeHighAvailabilityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyEdgeHighAvailabilityProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyEdgeHighAvailabilityProfile",
"module_id": "PolicyEdgeClusterProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyEdgeHighAvailabilityProfile"
},
"properties": {
"PolicyEdgeHighAvailabilityProfile": {
"$ref": "PolicyEdgeHighAvailabilityProfile",
"description": "Contains the actual PolicyEdgeHighAvailabilityProfile object.",
"required": true,
"title": "Policy EdgeCluster High Availability Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyEdgeHighAvailabilityProfile",
"type": "object"
}
ChildPolicyEdgeNode (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyEdgeNode, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyEdgeNode",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyEdgeNode"
},
"properties": {
"PolicyEdgeNode": {
"$ref": "PolicyEdgeNode",
"description": "Contains the actual PolicyEdgeNode object.",
"required": true,
"title": "PolicyEdgeNode"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyEdgeNode",
"type": "object"
}
ChildPolicyEdgeTransportNode (type)
{
"additionalProperties": false,
"description": "Child Wrapper object for PolicyEdgeTransportNode, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyEdgeTransportNode",
"module_id": "PolicyEdgeTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyEdgeTransportNode"
},
"properties": {
"PolicyEdgeTransportNode": {
"$ref": "PolicyEdgeTransportNode",
"description": "Contains the actual EdgeTransportNode object.",
"required": true,
"title": "PolicyEdgeTransportNode"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EdgeTransportNode",
"type": "object"
}
ChildPolicyExcludeList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyExcludeList",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyExcludeList"
},
"properties": {
"PolicyExcludeList": {
"$ref": "PolicyExcludeList",
"description": "Contains the actual policy exclude list object.",
"required": true,
"title": "PolicyExcludeList"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyExcludeList",
"type": "object"
}
ChildPolicyFailureDomain (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFailureDomain, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyFailureDomain",
"module_id": "PolicyFailureDomain",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFailureDomain"
},
"properties": {
"PolicyFailureDomain": {
"$ref": "PolicyFailureDomain",
"description": "Contains the actual PolicyFailureDomain object.",
"required": true,
"title": "Policy Failure Domain"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyPolicyFailureDomain",
"type": "object"
}
ChildPolicyFirewallCPUMemThresholdsProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyFirewallCPUMemThresholdsProfileBindingMap",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"PolicyFirewallCPUMemThresholdsProfileBindingMap": {
"$ref": "PolicyFirewallCPUMemThresholdsProfileBindingMap",
"description": "Contains the actual PolicyFirewallCPUMemThresholdsProfileBindingMap object.",
"required": true,
"title": "PolicyFirewallCPUMemThresholdsProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap",
"type": "object"
}
ChildPolicyFirewallCpuMemThresholdsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallCpuMemThresholdsProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyFirewallCpuMemThresholdsProfile",
"module_id": "PolicyProfile",
"properties": {
"PolicyFirewallCpuMemThresholdsProfile": {
"$ref": "PolicyFirewallCpuMemThresholdsProfile",
"description": "Contains the actual PolicyFirewallCpuMemThresholdsProfile object",
"required": true,
"title": "PolicyFirewallCpuMemThresholdsProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallCpuMemThresholdsProfile",
"type": "object"
}
ChildPolicyFirewallFloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallFloodProtectionProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyFirewallFloodProtectionProfileBindingMap",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"PolicyFirewallFloodProtectionProfileBindingMap": {
"$ref": "PolicyFirewallFloodProtectionProfileBindingMap",
"description": "Contains the actual PolicyFirewallFloodProtectionProfileBindingMap object",
"required": true,
"title": "PolicyFirewallFloodProtectionProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallFloodProtectionProfileBindingMap",
"type": "object"
}
ChildPolicyFirewallIpReputationConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallIpReputationConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyFirewallIpReputationConfig",
"module_id": "PolicyFirewallIpReputation",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFirewallIpReputationConfig"
},
"properties": {
"PolicyFirewallIpReputationConfig": {
"$ref": "PolicyFirewallIpReputationConfig",
"description": "Contains the actual PolicyFirewallIpReputationConfig object.",
"required": true,
"title": "IP reputation config"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallIpReputationConfig",
"type": "object"
}
ChildPolicyFirewallScheduler (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallScheduler, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyFirewallScheduler",
"module_id": "PolicyFirewallScheduler",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFirewallScheduler"
},
"properties": {
"PolicyFirewallScheduler": {
"$ref": "PolicyFirewallScheduler",
"description": "Contains the actual PolicyFirewallScheduler objects",
"required": true,
"title": "PolicyFirewallScheduler"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallScheduler",
"type": "object"
}
ChildPolicyFirewallSessionTimerProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallSessionTimerProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyFirewallSessionTimerProfile",
"module_id": "PolicyFirewallSessionTimerProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFirewallSessionTimerProfile"
},
"properties": {
"PolicyFirewallSessionTimerProfile": {
"$ref": "PolicyFirewallSessionTimerProfile",
"description": "Contains the actual PolicyFirewallSessionTimerProfile object",
"required": true,
"title": "PolicyFirewallSessionTimerProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallSessionTimerProfile",
"type": "object"
}
ChildPolicyFirewallSessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallSessionTimerProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyFirewallSessionTimerProfileBindingMap",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"PolicyFirewallSessionTimerProfileBindingMap": {
"$ref": "PolicyFirewallSessionTimerProfileBindingMap",
"description": "Contains the actual PolicyFirewallSessionTimerProfileBindingMap object",
"required": true,
"title": "PolicyFirewallSessionTimerProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallSessionTimerProfileBindingMap",
"type": "object"
}
ChildPolicyIgmpProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyIgmpProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyIgmpProfile",
"module_id": "PolicyMulticast",
"properties": {
"PolicyIgmpProfile": {
"$ref": "PolicyIgmpProfile",
"description": "Contains actual PolicyIgmpProfile.",
"required": true,
"title": "PolicyIgmpProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyIgmpProfile",
"type": "object"
}
ChildPolicyInterVrfRoutingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyInterVrfRoutingConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyInterVrfRoutingConfig",
"module_id": "PolicyConnectivity",
"properties": {
"PolicyInterVrfRoutingConfig": {
"$ref": "PolicyInterVrfRoutingConfig",
"description": "Contains actual PolicyInterVrfRoutingConfig.",
"required": true,
"title": "PolicyInterVrfRoutingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for inter-vrf routing config",
"type": "object"
}
ChildPolicyLabel (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyLabel, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyLabel",
"module_id": "PolicyLabel",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyLabel"
},
"properties": {
"PolicyLabel": {
"$ref": "PolicyLabel",
"description": "Contains the actual PolicyLabel object",
"required": true,
"title": "PolicyLabel"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyLabel",
"type": "object"
}
ChildPolicyLatencyStatProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyLatencyStatProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyLatencyStatProfile",
"module_id": "PolicyLatency",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyLatencyStatProfile"
},
"properties": {
"PolicyLatencyStatProfile": {
"$ref": "PolicyLatencyStatProfile",
"description": "Contains the actual PolicyLatencyStatProfile object",
"required": true,
"title": "PolicyLatencyStatProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyLatencyStatProfile",
"type": "object"
}
ChildPolicyMulticastConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyMulticastConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyMulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"PolicyMulticastConfig": {
"$ref": "PolicyMulticastConfig",
"description": "Contains actual PolicyMulticastConfig.",
"required": true,
"title": "PolicyMulticastConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyMulticastConfig",
"type": "object"
}
ChildPolicyNat (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyNat, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyNat",
"module_id": "PolicyNAT",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyNat"
},
"properties": {
"PolicyNat": {
"$ref": "PolicyNat",
"description": "Contains the actual PolicyNAT object",
"required": true,
"title": "PolicyNat"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyNat",
"type": "object"
}
ChildPolicyNatRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyNatRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyNatRule",
"module_id": "PolicyNAT",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyNatRule"
},
"properties": {
"PolicyNatRule": {
"$ref": "PolicyNatRule",
"description": "Contains the actual PolicyNatRule object",
"required": true,
"title": "PolicyNatRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyNatRule",
"type": "object"
}
ChildPolicyPimProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyPimProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyPimProfile",
"module_id": "PolicyMulticast",
"properties": {
"PolicyPimProfile": {
"$ref": "PolicyPimProfile",
"description": "Contains actual PolicyPimProfile.",
"required": true,
"title": "PolicyPimProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyPimProfile",
"type": "object"
}
ChildPolicySIExcludeList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicySIExcludeList",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicySIExcludeList"
},
"properties": {
"PolicySIExcludeList": {
"$ref": "PolicySIExcludeList",
"description": "Contains the actual policy exclude list object.",
"required": true,
"title": "PolicySIExcludeList"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicySIExcludeList",
"type": "object"
}
ChildPolicyServiceChain (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyServiceChain",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceChain"
},
"properties": {
"PolicyServiceChain": {
"$ref": "PolicyServiceChain",
"description": "Contains actual PolicyServiceChain.",
"required": true,
"title": "PolicyServiceChain"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceChain",
"type": "object"
}
ChildPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceInstance"
},
"properties": {
"PolicyServiceInstance": {
"$ref": "PolicyServiceInstance",
"description": "Contains actual PolicyServiceInstance.",
"required": true,
"title": "PolicyServiceInstance"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceInstance",
"type": "object"
}
ChildPolicyServiceProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyServiceProfile",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceProfile"
},
"properties": {
"PolicyServiceProfile": {
"$ref": "PolicyServiceProfile",
"description": "Contains actual PolicyServiceProfile.",
"required": true,
"title": "PolicyServiceProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceProfile",
"type": "object"
}
ChildPolicyTier1MulticastConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyTier1MulticastConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyTier1MulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"PolicyTier1MulticastConfig": {
"$ref": "PolicyTier1MulticastConfig",
"description": "Contains actual PolicyTier1MulticastConfig.",
"required": true,
"title": "PolicyTier1MulticastConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTier1MulticastConfig",
"type": "object"
}
ChildPolicyTransportZone (type)
{
"description": "Child wrapper object for PolicyTransportZone, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyTransportZone",
"module_id": "PolicyTransportZone",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyTransportZone"
},
"properties": {
"PolicyTransportZone": {
"$ref": "PolicyTransportZone",
"additionalProperties": false,
"description": "Contains the actual PolicyTransportZone object.",
"required": true,
"title": "PolicyTransportZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTransportZone",
"type": "object"
}
ChildPolicyTransportZoneProfile (type)
{
"description": "Child wrapper object for PolicyTransportZoneProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyTransportZoneProfile",
"module_id": "PolicyTransportZoneProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyTransportZoneProfile"
},
"properties": {
"PolicyTransportZoneProfile": {
"$ref": "PolicyTransportZoneProfile",
"additionalProperties": false,
"description": "Contains the actual PolicyTransportZoneProfile object.",
"required": true,
"title": "PolicyTransportZoneProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTransportZoneProfile",
"type": "object"
}
ChildPolicyUrlCategorizationConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyUrlCategorizationConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyUrlCategorizationConfig",
"module_id": "PolicyUrlCategorization",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyUrlCategorizationConfig"
},
"properties": {
"PolicyUrlCategorizationConfig": {
"$ref": "PolicyUrlCategorizationConfig",
"description": "Contains the actual PolicyUrlCategorizationConfig object",
"required": true,
"title": "URL Categorization Config"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyUrlCategorizationConfig",
"type": "object"
}
ChildPolicyVpcNatRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyVpcNatRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPolicyVpcNatRule",
"module_id": "PolicyVpcNat",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyVpcNatRule"
},
"properties": {
"PolicyVpcNatRule": {
"$ref": "PolicyVpcNatRule",
"description": "Contains the actual Policy VPC Nat Rule object",
"required": true,
"title": "Policy VPC Nat Rule"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyVpcNatRule",
"type": "object"
}
ChildPortDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortDiscoveryProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPortDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortDiscoveryProfileBindingMap"
},
"properties": {
"PortDiscoveryProfileBindingMap": {
"$ref": "PortDiscoveryProfileBindingMap",
"description": "Contains the actual PortDiscoveryProfileBindingMap object",
"required": true,
"title": "PortDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortDiscoveryProfileBindingMap",
"type": "object"
}
ChildPortMirroringProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortMirroringProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPortMirroringProfile",
"module_id": "PolicyPortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortMirroringProfile"
},
"properties": {
"PortMirroringProfile": {
"$ref": "PortMirroringProfile",
"description": "Contains the actual PortMirroringProfile object",
"required": true,
"title": "PortMirroringProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortMirroringProfile",
"type": "object"
}
ChildPortMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPortMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortMonitoringProfileBindingMap"
},
"properties": {
"PortMonitoringProfileBindingMap": {
"$ref": "PortMonitoringProfileBindingMap",
"description": "Contains the actual PortMonitoringProfileBindingMap object",
"required": true,
"title": "PortMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortMonitoringProfileBindingMap",
"type": "object"
}
ChildPortQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortQoSProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPortQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortQoSProfileBindingMap"
},
"properties": {
"PortQoSProfileBindingMap": {
"$ref": "PortQoSProfileBindingMap",
"description": "Contains the actual PortQoSProfileBindingMap object",
"required": true,
"title": "PortQoSProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortQoSProfileBindingMap",
"type": "object"
}
ChildPortRealTimeEthProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortRealTimeEthProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPortRealTimeEthProfileBindingMap",
"module_id": "PolicyRealTimeEthProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortRealTimeEthProfileBindingMap"
},
"properties": {
"PortRealTimeEthProfileBindingMap": {
"$ref": "PortRealTimeEthProfileBindingMap",
"description": "Contains the actual PortRealTimeEthProfileBindingMap object",
"required": true,
"title": "PortRealTimeEthProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortRealTimeEthProfileBindingMap",
"type": "object"
}
ChildPortSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPortSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortSecurityProfileBindingMap"
},
"properties": {
"PortSecurityProfileBindingMap": {
"$ref": "PortSecurityProfileBindingMap",
"description": "Contains the actual PortSecurityProfileBindingMap object",
"required": true,
"title": "PortSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortSecurityProfileBindingMap",
"type": "object"
}
ChildPrefixList (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PrefixList, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildPrefixList",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPrefixList"
},
"properties": {
"PrefixList": {
"$ref": "PrefixList",
"description": "Contains the actual PrefixList object.",
"required": true,
"title": "PrefixList"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PrefixList",
"type": "object"
}
ChildProject (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Project, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildProject",
"module_id": "PolicyProject",
"properties": {
"Project": {
"$ref": "Project",
"description": "Contains the actual Project object",
"required": true,
"title": "PROJECT"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PROJECT",
"type": "object"
}
ChildProjectIpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ProjectIpAddressAllocation, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildProjectIpAddressAllocation",
"module_id": "PolicyProject",
"polymorphic-type-descriptor": {
"type-identifier": "ChildProjectIpAddressAllocation"
},
"properties": {
"ProjectIpAddressAllocation": {
"$ref": "ProjectIpAddressAllocation",
"description": "Contains the actual ProjectIpAddressAllocation object",
"required": true,
"title": "ProjectIpAddressAllocation"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ProjectIpAddressAllocation",
"type": "object"
}
ChildProjectRouteFilter (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ProjectRouteFilter used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildProjectRouteFilter",
"module_id": "PolicyConnectivity",
"properties": {
"ProjectRouteFilter": {
"$ref": "ProjectRouteFilter",
"description": "Contains actual ProjectRouteFilter.",
"required": true,
"title": "ProjectRouteFilter"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for project route filter",
"type": "object"
}
ChildQoSProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for QoSProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildQoSProfile",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildQoSProfile"
},
"properties": {
"QoSProfile": {
"$ref": "QoSProfile",
"description": "Contains the actual QoSProfile object",
"required": true,
"title": "QoSProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for QoSProfile",
"type": "object"
}
ChildReaction (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Reaction used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildReaction",
"module_id": "PolicyReaction",
"properties": {
"Reaction": {
"$ref": "Reaction",
"description": "Contains the actual Reaction object.",
"required": true,
"title": "Reaction"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Reaction",
"type": "object"
}
ChildRealTimeEthProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for RealTimeEthProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildRealTimeEthProfile",
"module_id": "PolicyRealTimeEth",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRealTimeEthProfile"
},
"properties": {
"RealTimeEthProfile": {
"$ref": "RealTimeEthProfile",
"description": "Contains the actual RealTimeEthProfile object",
"required": true,
"title": "RealTimeEthProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for RealTimeEthProfile",
"type": "object"
}
ChildRedirectionPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for RedirectionPolicy used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildRedirectionPolicy",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRedirectionPolicy"
},
"properties": {
"RedirectionPolicy": {
"$ref": "RedirectionPolicy",
"description": "Contains actual RedirectionPolicy.",
"required": true,
"title": "RedirectionPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for RedirectionPolicy\n",
"type": "object"
}
ChildRedirectionRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ChildRedirectionRule used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildRedirectionRule",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRedirectionRule"
},
"properties": {
"RedirectionRule": {
"$ref": "RedirectionRule",
"description": "Contains actual RedirectionRule.",
"required": true,
"title": "RedirectionRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for RedirectionRule\n",
"type": "object"
}
ChildResourceReference (type)
{
"additionalProperties": false,
"description": "Represents a reference to ChildPolicyConfigResource in the hierarchical API. resource_type, id and target_type are mandatory fields.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildResourceReference",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_type": {
"required": true,
"title": "The target type of this reference",
"type": "string"
}
},
"title": "Represents the reference to ChildPolicyConfigResource",
"type": "object"
}
ChildRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Rule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildRule",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRule"
},
"properties": {
"Rule": {
"$ref": "Rule",
"description": "Contains the actual Rule object",
"required": true,
"title": "Rule"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Rule",
"type": "object"
}
ChildSIStatusConfiguration (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSIStatusConfiguration",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicySIStatusConfiguration"
},
"properties": {
"PolicySIStatusConfiguration": {
"$ref": "PolicySIStatusConfiguration",
"description": "Contains the actual service insertion status configuration list object.",
"required": true
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicySIStatusConfiguration",
"type": "object"
}
ChildSecurityFeatures (type)
{
"additionalProperties": false,
"description": "Child wrapper object for T1 Security Feature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSecurityFeatures"
},
"properties": {
"SecurityFeatures": {
"$ref": "SecurityFeatures",
"description": "Contains the actual SecurityFeatures object",
"required": true,
"title": "Security configs"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Security Feature",
"type": "object"
}
ChildSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SecurityPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSecurityPolicy",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSecurityPolicy"
},
"properties": {
"SecurityPolicy": {
"$ref": "SecurityPolicy",
"description": "Contains the actual SecurityPolicy object",
"required": true,
"title": "SecurityPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SecurityPolicy",
"type": "object"
}
ChildSegment (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Segment, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegment",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegment"
},
"properties": {
"Segment": {
"$ref": "Segment",
"description": "Contains the actual Segment object.",
"required": true,
"title": "Segment"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Segment",
"type": "object"
}
ChildSegmentConnectionBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper for SegmentConnectionBindingMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentConnectionBindingMap",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentConnectionBindingMap"
},
"properties": {
"SegmentConnectionBindingMap": {
"$ref": "SegmentConnectionBindingMap",
"description": "Contains the actual SegmentConnectionBindingMap object.",
"required": true,
"title": "Segment Connection Binding Map"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentConnectionBindingMap",
"type": "object"
}
ChildSegmentDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentDiscoveryProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentDiscoveryProfileBindingMap"
},
"properties": {
"SegmentDiscoveryProfileBindingMap": {
"$ref": "SegmentDiscoveryProfileBindingMap",
"description": "Contains the actual SegmentDiscoveryProfileBindingMap object",
"required": true,
"title": "SegmentDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentDiscoveryProfileBindingMap",
"type": "object"
}
ChildSegmentMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentMonitoringProfileBindingMap"
},
"properties": {
"SegmentMonitoringProfileBindingMap": {
"$ref": "SegmentMonitoringProfileBindingMap",
"description": "Contains the actual SegmentMonitoringProfileBindingMap object",
"required": true,
"title": "SegmentMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentMonitoringProfileBindingMap",
"type": "object"
}
ChildSegmentPort (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentPort, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentPort",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentPort"
},
"properties": {
"SegmentPort": {
"$ref": "SegmentPort",
"description": "Contains the actual SegmentPort object",
"required": true,
"title": "SegmentPort"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentPort",
"type": "object"
}
ChildSegmentQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentQoSProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentQoSProfileBindingMap"
},
"properties": {
"SegmentQoSProfileBindingMap": {
"$ref": "SegmentQoSProfileBindingMap",
"description": "Contains the actual SegmentQoSProfileBindingMap object",
"required": true,
"title": "SegmentQoSProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentQoSProfileBindingMap",
"type": "object"
}
ChildSegmentRealTimeEthProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentRealTimeEthProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentRealTimeEthProfileBindingMap",
"module_id": "PolicyRealTimeEthProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentRealTimeEthProfileBindingMap"
},
"properties": {
"SegmentRealTimeEthProfileBindingMap": {
"$ref": "SegmentRealTimeEthProfileBindingMap",
"description": "Contains the actual SegmentRealTimeEthProfileBindingMap object",
"required": true,
"title": "SegmentRealTimeEthProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentRealTimeEthProfileBindingMap",
"type": "object"
}
ChildSegmentSecurityFeatures (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Segment Security Feature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentSecurityFeatures",
"module_id": "PolicySegmentSecurityFeature",
"nsx_feature": "PolicyBridgeFirewall",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentSecurityFeatures"
},
"properties": {
"SegmentSecurityFeatures": {
"$ref": "SegmentSecurityFeatures",
"description": "Contains the actual Segment SecurityFeatures object",
"required": true,
"title": "Segment Security configs"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Segment Security Feature",
"type": "object"
}
ChildSegmentSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentSecurityProfile",
"module_id": "PolicySegmentSecurity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentSecurityProfile"
},
"properties": {
"SegmentSecurityProfile": {
"$ref": "SegmentSecurityProfile",
"description": "Contains the actual SegmentSecurityProfile object",
"required": true,
"title": "SegmentSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentSecurityProfile",
"type": "object"
}
ChildSegmentSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSegmentSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentSecurityProfileBindingMap"
},
"properties": {
"SegmentSecurityProfileBindingMap": {
"$ref": "SegmentSecurityProfileBindingMap",
"description": "Contains the actual SegmentSecurityProfileBindingMap object",
"required": true,
"title": "SegmentSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentSecurityProfileBindingMap",
"type": "object"
}
ChildService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Service, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildService",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildService"
},
"properties": {
"Service": {
"$ref": "Service",
"description": "Contains the actual Service object.",
"required": true,
"title": "Service"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Service",
"type": "object"
}
ChildServiceEntry (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceEntry, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceEntry"
},
"properties": {
"Service": {
"$ref": "ServiceEntry",
"deprecated": true,
"description": "This is a deprecated property, Please use 'ServiceEntry' instead.",
"title": "ServiceEntry"
},
"ServiceEntry": {
"$ref": "ServiceEntry",
"description": "Contains the actual ServiceEntry object.",
"required": true,
"title": "ServiceEntry"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceEntry",
"type": "object"
}
ChildServiceInstanceEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceInstanceEndpoint used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildServiceInstanceEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceInstanceEndpoint"
},
"properties": {
"ServiceInstanceEndpoint": {
"$ref": "ServiceInstanceEndpoint",
"description": "Contains actual ServiceInstanceEndpoint.",
"required": true,
"title": "ServiceInstanceEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceInstanceEndpoint",
"type": "object"
}
ChildServiceInterface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceInterface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildServiceInterface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceInterface"
},
"properties": {
"ServiceInterface": {
"$ref": "ServiceInterface",
"description": "Contains the actual ServiceInterface object.",
"required": true,
"title": "ServiceInterface"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceInterface",
"type": "object"
}
ChildServiceReference (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceReference used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildServiceReference",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceReference"
},
"properties": {
"ServiceReference": {
"$ref": "ServiceReference",
"description": "Contains actual ServiceReference.",
"required": true,
"title": "ServiceReference"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceReference",
"type": "object"
}
ChildServiceSegment (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceSegment, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildServiceSegment",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceSegment"
},
"properties": {
"ServiceSegment": {
"$ref": "ServiceSegment",
"description": "Contains the actual ServiceSegment objects",
"required": true,
"title": "ServiceSegments"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SerivceSegment",
"type": "object"
}
ChildSessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SessionTimerProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSessionTimerProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSessionTimerProfileBindingMap"
},
"properties": {
"SessionTimerProfileBindingMap": {
"$ref": "SessionTimerProfileBindingMap",
"description": "Contains the actual SessionTimerProfileBindingMap object",
"required": true,
"title": "SessionTimerProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SessionTimerProfileBindingMap",
"type": "object"
}
ChildShaDynamicPlugin (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaDynamicPlugin, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildShaDynamicPlugin",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaDynamicPlugin"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaDynamicPlugin",
"description": "Contains the actual ShaDynamicPlugin object",
"required": true,
"title": "ShaDynamicPlugin"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaDynamicPlugin",
"type": "object"
}
ChildShaPluginProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaPluginProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildShaPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaPluginProfile"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaPluginProfile",
"description": "Contains the actual ShaPluginProfile object",
"required": true,
"title": "ShaPluginProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaPluginProfile",
"type": "object"
}
ChildShaPredefinedPlugin (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaPredefinedPlugin, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildShaPredefinedPlugin",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaPredefinedPlugin"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaPredefinedPlugin",
"description": "Contains the actual ShaPredefinedPlugin object",
"required": true,
"title": "ShaPredefinedPlugin"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaDynamicPlugin",
"type": "object"
}
ChildShare (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Share, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildShare",
"module_id": "PolicyShare",
"properties": {
"Share": {
"$ref": "Share",
"description": "Contains the actual Share object",
"required": true,
"title": "Share"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Share",
"type": "object"
}
ChildSharedResource (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SharedResource, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSharedResource",
"module_id": "PolicyShare",
"properties": {
"SharedResource": {
"$ref": "SharedResource",
"description": "Contains the actual SharedResource object",
"required": true,
"title": "SharedResource"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SharedResource",
"type": "object"
}
ChildSite (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Site, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSite",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSite"
},
"properties": {
"Site": {
"$ref": "Site",
"description": "Contains the actual Site object.",
"required": true,
"title": "Site"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Site",
"type": "object"
}
ChildSiteSecuritySetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSiteSecuritySetting",
"module_id": "PolicySiteSecuritySettings",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSiteSecuritySetting"
},
"properties": {
"SiteSecuritySetting": {
"$ref": "SiteSecuritySetting",
"description": "Site specific security configuration.",
"required": true,
"title": "Site Security configuration"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SiteSecuritySetting",
"type": "object"
}
ChildSpoofGuardProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SpoofGuardProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSpoofGuardProfile",
"module_id": "PolicySpoofGuard",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSpoofGuardProfile"
},
"properties": {
"SpoofGuardProfile": {
"$ref": "SpoofGuardProfile",
"description": "Contains the actual SpoofGuardProfile object",
"required": true,
"title": "SpoofGuardProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SpoofGuardProfile",
"type": "object"
}
ChildStandaloneHostIdfwConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildStandaloneHostIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStandaloneHostIdfwConfiguration"
},
"properties": {
"StandaloneHostIdfwConfiguration": {
"$ref": "StandaloneHostIdfwConfiguration",
"description": "Contains the actual standalone host idfw configuration object.",
"required": true,
"title": "StandaloneHostIdfwConfiguration"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StandaloneHostIdfwConfiguration",
"type": "object"
}
ChildStaticARPConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for StaticARPConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildStaticARPConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticARPConfig"
},
"properties": {
"StaticARPConfig": {
"$ref": "StaticARPConfig",
"description": "Contains the actual StaticARPConfig object.",
"required": true,
"title": "StaticARPConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticARPConfig",
"type": "object"
}
ChildStaticMimeContent (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Static MIME content, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildStaticMimeContent",
"module_id": "PolicyStaticMimeContent",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticMimeContent"
},
"properties": {
"TlsProfile": {
"$ref": "StaticMimeContent",
"description": "Contains the actual Static MIME content object.",
"required": true,
"title": "Static Mime Content"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Child Static MIME content",
"type": "object"
}
ChildStaticRouteBfdPeer (type)
{
"additionalProperties": false,
"description": "Child wrapper for StaticRouteBfdPeer, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildStaticRouteBfdPeer",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticRouteBfdPeer"
},
"properties": {
"BfdPeer": {
"$ref": "StaticRouteBfdPeer",
"description": "Contains the actual StaticRouteBfdPeer object.",
"required": true,
"title": "Static Route BFD Peer"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticRouteBfdPeer",
"type": "object"
}
ChildStaticRoutes (type)
{
"additionalProperties": false,
"description": "Child wrapper object for StaticRoutes, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildStaticRoutes",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticRoutes"
},
"properties": {
"StaticRoutes": {
"$ref": "StaticRoutes",
"description": "Contains the actual StaticRoutes object.",
"required": true,
"title": "StaticRoutes"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticRoutes",
"type": "object"
}
ChildSubnetConnectionBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper for SubnetConnectionBindingMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildSubnetConnectionBindingMap",
"module_id": "PolicyVpcSubnet",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSubnetConnectionBindingMap"
},
"properties": {
"SubnetConnectionBindingMap": {
"$ref": "SubnetConnectionBindingMap",
"description": "Contains the actual SubnetConnectionBindingMap object.",
"required": true,
"title": "Subnet Connection Binding Map"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SubnetConnectionBindingMap",
"type": "object"
}
ChildTagBulkOperation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TagBulkOperation, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTagBulkOperation",
"module_id": "PolicyTag",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTagBulkOperation"
},
"properties": {
"TagBulkOperation": {
"$ref": "TagBulkOperation",
"description": "Contains actual TagBulkOperation object.",
"required": true,
"title": "TagBulkOperation"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Child wrapper object for TagBulkOperation",
"type": "object"
}
ChildTier0 (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier-0, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier0",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0"
},
"properties": {
"Tier0": {
"$ref": "Tier0",
"description": "Contains the actual Tier-0 object.",
"required": true,
"title": "Tier-0"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier-0",
"type": "object"
}
ChildTier0DeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0DeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier0DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0DeploymentMap"
},
"properties": {
"Tier0DeploymentMap": {
"$ref": "Tier0DeploymentMap",
"description": "Contains the actual Tier0DeploymentMap object.",
"required": true,
"title": "Tier0DeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0DeploymentMap",
"type": "object"
}
ChildTier0Interface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0Interface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier0Interface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0Interface"
},
"properties": {
"Tier0Interface": {
"$ref": "Tier0Interface",
"description": "Contains the actual Tier0Interface object.",
"required": true,
"title": "Tier0Interface"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0Interface",
"type": "object"
}
ChildTier0InterfaceGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0InterfaceGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier0InterfaceGroup",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0InterfaceGroup"
},
"properties": {
"Tier0InterfaceGroup": {
"$ref": "Tier0InterfaceGroup",
"description": "Contains the actual Tier0InterfaceGroup object.",
"required": true,
"title": "Tier0InterfaceGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0InterfaceGroup",
"type": "object"
}
ChildTier0RouteMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0RouteMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier0RouteMap",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0RouteMap"
},
"properties": {
"Tier0RouteMap": {
"$ref": "Tier0RouteMap",
"description": "Contains the actual Tier0RouteMap object",
"required": true,
"title": "Tier0RouteMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0RouteMap",
"type": "object"
}
ChildTier0SecurityFeatures (type)
{
"additionalProperties": false,
"description": "Child wrapper object for T0 Security Feature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier0SecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0SecurityFeatures"
},
"properties": {
"Tier0SecurityFeatures": {
"$ref": "Tier0SecurityFeatures",
"description": "Contains the actual TO SecurityFeatures object",
"required": true,
"title": "T0 Security configs"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for T0 Security Feature",
"type": "object"
}
ChildTier1 (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier-1 , used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier1",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1"
},
"properties": {
"Tier1": {
"$ref": "Tier1",
"description": "Contains the actual Tier-1 object.",
"required": true,
"title": "Tier-1"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier-1",
"type": "object"
}
ChildTier1DeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier1DeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier1DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1DeploymentMap"
},
"properties": {
"Tier1DeploymentMap": {
"$ref": "Tier1DeploymentMap",
"description": "Contains the actual Tier1DeploymentMap object.",
"required": true,
"title": "Tier1DeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier1DeploymentMap",
"type": "object"
}
ChildTier1Interface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier1Interface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier1Interface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1Interface"
},
"properties": {
"Tier1Interface": {
"$ref": "Tier1Interface",
"description": "Contains the actual Tier1Interface object.",
"required": true,
"title": "Tier1Interface"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier1Interface",
"type": "object"
}
ChildTier1InterfaceGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier1InterfaceGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTier1InterfaceGroup",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1InterfaceGroup"
},
"properties": {
"Tier1InterfaceGroup": {
"$ref": "Tier1InterfaceGroup",
"description": "Contains the actual Tier1InterfaceGroup object.",
"required": true,
"title": "Tier1InterfaceGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier1InterfaceGroup",
"type": "object"
}
ChildTlsCertificate (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsCertificate, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTlsCertificate",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsCertificate"
},
"properties": {
"TlsCertificate": {
"$ref": "TlsCertificate",
"description": "Contains the actual TlsCertificate object.",
"required": true,
"title": "TlsCertificate"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsCertificate",
"type": "object"
}
ChildTlsCrl (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsCrl, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTlsCrl",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsCrl"
},
"properties": {
"TlsCrl": {
"$ref": "TlsCrl",
"description": "Contains the actual TlsCrl object.",
"required": true,
"title": "TlsCrl"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsCrl",
"type": "object"
}
ChildTlsPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TLSPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTlsPolicy",
"module_id": "PolicyTls",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsPolicy"
},
"properties": {
"TlsPolicy": {
"$ref": "TlsPolicy",
"description": "Contains the actual TLSPolicy object",
"required": true,
"title": "TlsPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsPolicy",
"type": "object"
}
ChildTlsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TLS Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTlsProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsProfile"
},
"properties": {
"TlsProfile": {
"$ref": "TlsProfile",
"description": "Contains the actual TLS profile object.",
"required": true,
"title": "TLS Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Child TLS Profile",
"type": "object"
}
ChildTlsRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Rule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTlsRule",
"module_id": "PolicyTls",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsRule"
},
"properties": {
"TlsRule": {
"$ref": "TlsRule",
"description": "Contains the actual TLS Rule object",
"required": true,
"title": "TLS Rule"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Rule",
"type": "object"
}
ChildTlsTrustData (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsTrustData, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTlsTrustData",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsTrustData"
},
"properties": {
"TlsTrustData": {
"$ref": "TlsTrustData",
"description": "Contains the actual TlsTrustData object.",
"required": true,
"title": "TlsTrustData"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsTrustData",
"type": "object"
}
ChildTraceflowConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for TraceflowConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTraceflowConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTraceflowConfig"
},
"properties": {
"TraceflowConfig": {
"$ref": "TraceflowConfig",
"description": "Contains the actual TraceflowConfig object.",
"required": true,
"title": "TraceflowConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TraceflowConfig",
"type": "object"
}
ChildTransitGateway (type)
{
"additionalProperties": false,
"description": "Child wrapper object for transit gateway, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTransitGateway",
"module_id": "PolicyTransitGateway",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTransitGateway"
},
"properties": {
"TransitGateway": {
"$ref": "TransitGateway",
"description": "Contains the actual transit gateway object.",
"required": true,
"title": "Policy VPC transit gateway"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for transit gateway",
"type": "object"
}
ChildTransitGatewayAttachment (type)
{
"additionalProperties": false,
"description": "Child wrapper object for transit gateway attachment, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTransitGatewayAttachment",
"module_id": "PolicyTransitGateway",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTransitGatewayAttachment"
},
"properties": {
"TransitGatewayAttachment": {
"$ref": "TransitGatewayAttachment",
"description": "Contains the actual Transit Gateway Attachment object.",
"required": true,
"title": "Policy VPC Transit Gateway Attachment"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for transit gateway attachment",
"type": "object"
}
ChildTransitGatewayNat (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TransitGatewayNat, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTransitGatewayNat",
"module_id": "PolicyTransitGatewayNat",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTransitGatewayNat"
},
"properties": {
"TransitGatewayNat": {
"$ref": "TransitGatewayNat",
"description": "Contains the actual TransitGatewayNAT object",
"required": true,
"title": "TransitGatewayNat"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TransitGatewayNat",
"type": "object"
}
ChildTransitGatewayNatRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TransitGatewayNatRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTransitGatewayNatRule",
"module_id": "PolicyTransitGatewayNat",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTransitGatewayNatRule"
},
"properties": {
"TransitGatewayNatRule": {
"$ref": "TransitGatewayNatRule",
"description": "Contains the actual TransitGatewayNatRule object",
"required": true,
"title": "TransitGatewayNatRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TransitGatewayNatRule",
"type": "object"
}
ChildTunnel (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tunnel, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildTunnel",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTunnel"
},
"properties": {
"Tunnel": {
"$ref": "Tunnel",
"description": "Contains the actual Tunnel object.",
"required": true,
"title": "Tunnel"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tunnel",
"type": "object"
}
ChildTypesRequestParameter (type)
{
"description": "Specified child resource types will be populated in the response body",
"id": "ChildTypesRequestParameter",
"module_id": "Policy",
"properties": {
"base_path": {
"description": "Base path of the resource for which user wants to retrieve the hierarchy. This should be the fully qualified path for the resource. - Sample examples - base_path=/infra/domains/default/groups/Group1 base_path=/infra/domains/default/security-policies/SecurityPolicy1/rules/Rule1",
"required": false,
"title": "Base Path for retrieving hierarchical intent",
"type": "string"
},
"filter": {
"description": "Filter string, can contain multiple or single java regular expressions separated by ';'. By default populates immediate child resources of the resource indicated by the URL. These child resources will be filtered by the type provided in the filter. It is recommended to use type_filter parameter instead of filter parameter. - Sample query string to prevent loading services and deployment zones: filter=Type-^(?!.*?(?:Service|DeploymentZone)).*$ - Sample query string to populate all the Group objects under Infra & Domain: filter=Type-Domain%7CGroup - Sample query string to load every policy object under Infra: filter=Type-.*",
"required": false,
"title": "Filter string as java regex",
"type": "string"
},
"type_filter": {
"description": "Advanced filter string in which user can directly specify the resourceTypes to be filtered. Can be used in conjunction with base_path. - Sample example of type_filter to load all groups - type_filter=Group - Sample example of multiple type_filter - type_filter=Group;SercurityPolicy;RedirectionPolicy - Sample example to load all groups in default domain using base_path in conjunction with type_filter - base_path=/infra/domains/default&type_filter=Group",
"required": false,
"title": "Filter string to retrieve hierarchy.",
"type": "string"
}
},
"title": "Filter to populate child types of the policyConfigResource",
"type": "object"
}
ChildVMTagReplicationPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VMTagReplicationPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVMTagReplicationPolicy",
"module_id": "VMTagReplicationPolicy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVMTagReplicationPolicy"
},
"properties": {
"VMTagReplicationPolicy": {
"$ref": "VMTagReplicationPolicy",
"description": "Contains the actual VMTagReplicationPolicy object",
"required": true,
"title": "VMTagReplicationPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VMTagReplicationPolicy",
"type": "object"
}
ChildVirtualEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VirtualEndpoint used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVirtualEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVirtualEndpoint"
},
"properties": {
"VirtualEndpoint": {
"$ref": "VirtualEndpoint",
"description": "Contains reference to actual VirtualEndpoint.",
"required": true,
"title": "VirtualEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VirtualEndpoint",
"type": "object"
}
ChildVniPoolConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VniPoolConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVniPoolConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVniPoolConfig"
},
"properties": {
"VniPoolConfig": {
"$ref": "VniPoolConfig",
"description": "Contains the actual VniPoolConfig object.",
"required": true,
"title": "VniPoolConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VniPoolConfig",
"type": "object"
}
ChildVpc (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VPC, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpc",
"module_id": "PolicyVpc",
"properties": {
"Vpc": {
"$ref": "Vpc",
"description": "Contains the actual VPC object",
"required": true,
"title": "VPC"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VPC",
"type": "object"
}
ChildVpcAttachment (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VpcAttachment, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcAttachment",
"module_id": "PolicyVpc",
"properties": {
"VpcAttachment": {
"$ref": "VpcAttachment",
"description": "Contains the actual VpcAttachment object",
"required": true,
"title": "VpcAttachment"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VpcAttachment",
"type": "object"
}
ChildVpcConnectivityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VPC Connectivity Profile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcConnectivityProfile",
"module_id": "PolicyVpcProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVpcConnectivityProfile"
},
"properties": {
"VpcConnectivityProfile": {
"$ref": "VpcConnectivityProfile",
"description": "Contains the actual VPC connectivity profile object.",
"required": true,
"title": "VPC Connectivity Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VPC Connectivity Profile",
"type": "object"
}
ChildVpcIpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressAllocation, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcIpAddressAllocation",
"module_id": "PolicyVpcSubnetIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVpcIpAddressAllocation"
},
"properties": {
"VpcIpAddressAllocation": {
"$ref": "VpcIpAddressAllocation",
"description": "Contains the actual VpcIpAddressAllocation object",
"required": true,
"title": "VpcIpAddressAllocation"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VpcIpAddressAllocation",
"type": "object"
}
ChildVpcSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Security Profile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcSecurityProfile",
"module_id": "PolicyVpcSecurityProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVpcSecurityProfile"
},
"properties": {
"VpcSecurityProfile": {
"$ref": "VpcSecurityProfile",
"description": "Contains the actual Security Profile object.",
"required": true,
"title": "Security Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Security Profile",
"type": "object"
}
ChildVpcServiceProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VPC Service Profile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcServiceProfile",
"module_id": "PolicyVpcProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVpcServiceProfile"
},
"properties": {
"VpcServiceProfile": {
"$ref": "VpcServiceProfile",
"description": "Contains the actual VPC service profile object.",
"required": true,
"title": "VPC Service Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VPC Service Profile",
"type": "object"
}
ChildVpcSubnet (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VPC Subnet, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcSubnet",
"module_id": "PolicyVpcSubnet",
"properties": {
"VpcSubnet": {
"$ref": "VpcSubnet",
"description": "Contains the actual VPC Subnet object",
"required": true,
"title": "VPC Subnet"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VPC Subnet",
"type": "object"
}
ChildVpcSubnetBridgeProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for VpcSubnetBridgeProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcSubnetBridgeProfile",
"module_id": "PolicyVpcSubnet",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVpcSubnetBridgeProfile"
},
"properties": {
"VpcSubnetBridgeProfile": {
"$ref": "VpcSubnetBridgeProfile",
"description": "Contains the actual VpcSubnetBridgeProfile object.",
"required": true,
"title": "Vpc Subnet Bridge Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VpcSubnetBridgeProfile",
"type": "object"
}
ChildVpcSubnetPort (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VPC Subnet Port, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcSubnetPort",
"module_id": "PolicyVpcSubnet",
"properties": {
"VpcSubnetPort": {
"$ref": "VpcSubnetPort",
"description": "Contains the actual VPC Subnet Port object",
"required": true,
"title": "VPC Subnet Port"
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VPC Subnet Port",
"type": "object"
}
ChildVpcSubnetPortProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VpcSubnetPortProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource"
},
"id": "ChildVpcSubnetPortProfileBindingMap",
"module_id": "PolicyVpcSubnet",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVpcSubnetPortProfileBindingMap"
},
"properties": {
"VpcSubnetPortProfileBindingMap": {
"$ref": "VpcSubnetPortProfileBindingMap",
"description": "Contains the actual VpcSubnetPortProfileBindingMap object",
"required": true
},
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter",
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VpcSubnetPortProfileBindingMap",
"type": "object"
}
CidrArrayConstraintValue (type)
{
"additionalProperties": false,
"description": "List of CIDR values",
"extends": {
"$ref": "ConstraintValue"
},
"id": "CidrArrayConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "CidrArrayConstraintValue"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
},
"values": {
"description": "This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\".",
"items": {
"$ref": "IPElement"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
}
},
"title": "Array of CIDR Values to perform operation",
"type": "object"
}
CipherSuite (type)
{
"additionalProperties": false,
"id": "CipherSuite",
"module_id": "ApiServiceConfig",
"properties": {
"enabled": {
"required": true,
"title": "Enable status for this cipher suite",
"type": "boolean"
},
"name": {
"required": true,
"title": "Name of the TLS cipher suite",
"type": "string"
}
},
"title": "HTTP cipher suite",
"type": "object"
}
ClaimMap (type)
{
"description": "Information about how to map a single OIDC ID token claim to one or more NSX roles.",
"id": "ClaimMap",
"module_id": "CertificateManager",
"properties": {
"claim_name": {
"type": "string"
},
"value_to_role_map": {
"items": {
"$ref": "ClaimValueToRoleMap"
},
"type": "array"
}
},
"title": "Claim map",
"type": "object"
}
ClaimValueToRoleMap (type)
{
"descrption": "Information about how to map one value of an OIDC ID token claim to one or more NSX roles.",
"id": "ClaimValueToRoleMap",
"module_id": "CertificateManager",
"properties": {
"claim_value": {
"description": "The value of the claim to map.",
"title": "Claim value",
"type": "string"
},
"roles": {
"description": "The NSX roles that this particular claim value should map to.",
"items": {
"type": "string"
},
"title": "Mapped roles",
"type": "array"
}
},
"title": "Claim value map",
"type": "object"
}
ClasslessStaticRoute (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP classless static route option.",
"id": "ClasslessStaticRoute",
"module_id": "Dhcp",
"properties": {
"network": {
"$ref": "IPElement",
"description": "Destination network in CIDR format.",
"required": true,
"title": "Destination in CIDR"
},
"next_hop": {
"$ref": "IPAddress",
"description": "IP address of next hop of the route.",
"required": true,
"title": "Router"
}
},
"title": "DHCP classless static route option",
"type": "object"
}
ClearPasswordActionParameters (type)
{
"id": "ClearPasswordActionParameters",
"module_id": "Routing",
"properties": {
"action": {
"enum": [
"clear_password"
],
"type": "string"
}
},
"type": "object"
}
ClientAuthType (type)
{
"additionalProperties": false,
"description": "Client authentication could be REQUIRED or IGNORE. REQUIRED means that client is required to present its certificate to the server for authentication. To be accepted, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified in the same client SSL profile binding. IGNORE means that client certificate would be ignored.",
"enum": [
"REQUIRED",
"IGNORE"
],
"id": "ClientAuthType",
"module_id": "LoadBalancer",
"title": "client authentication mode",
"type": "string"
}
ClientSslProfileBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "ClientSslProfileBinding",
"module_id": "LoadBalancer",
"properties": {
"certificate_chain_depth": {
"default": 3,
"description": "authentication depth is used to set the verification depth in the client certificates chain.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the maximum traversal depth of client certificate chain",
"type": "integer"
},
"client_auth": {
"$ref": "ClientAuthType",
"default": "IGNORE",
"required": false,
"title": "client authentication mode"
},
"client_auth_ca_ids": {
"description": "If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.",
"items": {
"type": "string"
},
"required": false,
"title": "CA identifier list to verify client certificate",
"type": "array"
},
"client_auth_crl_ids": {
"description": "A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "CRL identifier list to verify client certificate",
"type": "array"
},
"default_certificate_id": {
"description": "A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.",
"required": true,
"title": "default service certificate identifier",
"type": "string"
},
"sni_certificate_ids": {
"description": "Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server.",
"items": {
"type": "string"
},
"required": false,
"title": "SNI certificate identifier list",
"type": "array"
},
"ssl_profile_id": {
"description": "Client SSL profile defines reusable, application-independent client side SSL properties.",
"required": false,
"title": "client SSL profile identifier",
"type": "string"
}
},
"type": "object"
}
ClientTypeCollectionConfiguration (type)
{
"id": "ClientTypeCollectionConfiguration",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"client_type": {
"description": "The client type for which this data collection frequency setting applies",
"enum": [
"HYPERVISOR",
"EDGE",
"CONTROL_PLANE",
"CONTROL_PLANE_PLATFORM",
"MANAGEMENT_PLANE",
"MANAGEMENT_PLANE_PLATFORM"
],
"required": true,
"title": "Client Type",
"type": "string"
},
"data_type_configurations": {
"description": "The set of data collection type configurations, one for each data collection type",
"items": {
"$ref": "DataTypeCollectionConfiguration"
},
"required": true,
"title": "Data type configurations",
"type": "array"
}
},
"title": "HPM client data collection configuration",
"type": "object"
}
CloudNativeDeploymentAction (type)
{
"additionalProperties": false,
"description": "Action to be perform on deployment.",
"id": "CloudNativeDeploymentAction",
"module_id": "PolicyCloudNative",
"properties": {
"action": {
"description": "Action can be deploy or undeploy. DEPLOY - Deploy NSX Application Platform charts. UNDEPLOY - Undeploy NSX Application Platform charts. REDEPLOY - Redeploy NSX Application Platform charts. UPDATE_FORMFACTOR - Upgrade NSX Application Platform charts. REDEPLOY_UPDATE_FORMFACTOR - Retry update NSX Application Platform charts. FORCE_UNDEPLOY - Undeploy forcefully. RESTART - Restart deployment. RESET - Reset deployment. RESET_BR_VERSION - Reset version during Backup/Restore.",
"enum": [
"DEPLOY",
"UNDEPLOY",
"REDEPLOY",
"UPDATE_FORMFACTOR",
"REDEPLOY_UPDATE_FORMFACTOR",
"FORCE_UNDEPLOY",
"RESTART",
"RESET",
"RESET_BR_VERSION"
],
"required": true,
"title": "Deployment action",
"type": "string"
}
},
"title": "Action",
"type": "object"
}
CloudNativeDeploymentConfig (type)
{
"additionalProperties": false,
"description": "Configuration for NSX Application Platform deployment.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "CloudNativeDeploymentConfig",
"module_id": "PolicyCloudNative",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster_id": {
"description": "Unique id to identify kubernetes guest cluster.",
"required": false,
"title": "Kubernetes cluster id",
"type": "string"
},
"deployment_action": {
"$ref": "CloudNativeDeploymentAction",
"title": "Deployment action"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"kubeconf_info": {
"$ref": "KubeconfigInfo",
"description": "Information about kubeconfig file.",
"title": "Kubeconfig info"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"storage_class": {
"description": "Kubernetes cluster storage class",
"title": "Storage class",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "Deployment version in use.",
"title": "Deployment version",
"type": "string"
}
},
"title": "Common configuration for NSX Application Platform deployments",
"type": "object"
}
CloudNativeServiceInstance (type)
{
"additionalProperties": false,
"description": "Stores the information about cloud native service instance.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "CloudNativeServiceInstance",
"module_id": "InventoryCloudObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Id of service instance fetched from public cloud.",
"readonly": true,
"required": true,
"title": "External id of cloud native service instance in the system.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"service_type": {
"description": "Type of cloud native service.",
"readonly": true,
"required": true,
"title": "Type of cloud native service; possible values are ELB, RDS",
"type": "string"
},
"source": {
"$ref": "ResourceReference",
"description": "Reference of the public cloud gateway that reported the service instance.",
"readonly": true,
"required": true,
"title": "Reference of the public cloud gateway"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CloudNativeServiceInstanceListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get list of cloud native service instances.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "CloudNativeServiceInstanceListRequestParameters",
"module_id": "InventoryCloudObj",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"description": "Name of cloud native service instance.",
"required": false,
"title": "Display Name of the cloud native service instance",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"service_type": {
"description": "Type of cloud native service.",
"required": false,
"title": "Type of cloud native service; possible values are ELB, RDS",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"description": "NSX node id of the public cloud gateway that reported the service instance.",
"required": false,
"title": "NSX node id of the public cloud gateway that reported the service instance",
"type": "string"
}
},
"type": "object"
}
CloudNativeServiceInstanceListResult (type)
{
"additionalProperties": false,
"description": "Stores a list of cloud native service instances and information about them. NSX supported service instances are currently limited to Relational Database Service (RDS),Elastic Load Balancing (ELB).",
"extends": {
"$ref": "ListResult"
},
"id": "CloudNativeServiceInstanceListResult",
"module_id": "InventoryCloudObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of cloud native service instances",
"items": {
"$ref": "CloudNativeServiceInstance"
},
"required": true,
"title": "CloudNativeServiceInstance list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ClusterBackupInfo (type)
{
"additionalProperties": false,
"id": "ClusterBackupInfo",
"module_id": "ClusterRestore",
"properties": {
"ip_address": {
"description": "IP address or FQDN of the node which would be used for the restoration. This should be same as the one on which backup was taken",
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IP address or FQDN of the node from which the backup was taken",
"type": "string"
},
"ipv6_address": {
"description": "IPv6 address or FQDN v6 of the node which would be used for the restoration. This should be same as the one on which backup was taken",
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IPv6 address or FQDN v6 of the node from which the backup was taken",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "ID of the node from which the backup was taken",
"type": "string"
},
"restore_type": {
"default": [],
"items": {
"enum": [
"REGULAR_RESTORE",
"POLICY_ONLY_RESTORE"
],
"type": "string"
},
"readonly": true,
"required": false,
"title": "Type of restore allowed",
"type": "array",
"uniqueItems": true
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": true,
"title": "timestamp of the cluster backup file"
}
},
"title": "Cluster backup details",
"type": "object"
}
ClusterBackupInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ClusterBackupInfoListResult",
"module_id": "ClusterRestore",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterBackupInfo"
},
"readonly": true,
"required": true,
"title": "List of timestamps of backed-up cluster files",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ClusterCertificateId (type)
{
"additionalProperties": false,
"id": "ClusterCertificateId",
"properties": {
"certificate_id": {
"required": true,
"title": "Certificate ID",
"type": "string"
}
},
"title": "Cluster Certificate ID",
"type": "object"
}
ClusterConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RevisionedResource"
},
"id": "ClusterConfig",
"module_id": "ClusterManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cluster_id": {
"readonly": true,
"required": true,
"title": "Unique identifier of this cluster",
"type": "string"
},
"control_cluster_changes_allowed": {
"title": "True if control cluster nodes may be added or removed",
"type": "boolean"
},
"mgmt_cluster_changes_allowed": {
"title": "True if management cluster nodes may be added or removed",
"type": "boolean"
},
"nodes": {
"items": {
"$ref": "ClusterNodeInfo"
},
"title": "Configuration of each node in cluster",
"type": "array"
}
},
"type": "object"
}
ClusterConfiguration (type)
{
"additionalProperties": false,
"description": "The configuration of the NSX cluster. The cluster configuration consists of a list of cluster node attributes.",
"extends": {
"$ref": "ManagedResource"
},
"id": "ClusterConfiguration",
"module_id": "ClusterBootManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cluster_id": {
"description": "UUID of the cluster",
"readonly": true,
"title": "UUID of the cluster",
"type": "string"
},
"config_version": {
"description": "Cluster configuration version.",
"readonly": true,
"title": "Cluster configuration version",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip6_address": {
"title": "Virtual IPv6 address, :: if not configured",
"type": "string"
},
"ip_address": {
"description": "Virtual IP address, 0.0.0.0 if not configured.",
"title": "Virtual IP address",
"type": "string"
},
"nodes": {
"description": "Nodes in the cluster configuration.",
"items": {
"$ref": "CbmClusterNode"
},
"readonly": true,
"title": "Nodes in the cluster configuration",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Cluster configuration",
"type": "object"
}
ClusterControlPlane (type)
{
"description": "Cluster control plane is a hierarchical extension of the NSX-T control plane. It allows NSX to manage multiple clusters. There is an instance of cluster control plane in each managed cluster. The cluster control plane is responsible for the traffic management, span calculation and it can work on its own. NSX-T central control plane distributes high-level network configurations like security policies and groups to cluster control planes, and each cluster control plane computes and realizes the configurations on the managed cluster.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "ClusterControlPlane",
"module_id": "ClusterControlPlane",
"policy_hierarchical_children": [
"ChildAntreaClusterInfo",
"ChildAntreaHeartbeatConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate": {
"description": "This property should be afford in create process.",
"required": false,
"title": "certificate for this cluster control plane",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"node_id": {
"description": "This property is used to identify the cluster control plane in NSX-T. This id should assigned by NSX-T in create process.",
"required": false,
"title": "Unique Id of the cluster control plane",
"type": "string"
},
"node_type": {
"default": "ANTREA_NODE",
"description": "Indicates node type for ClusterControlPlane. ANTREA_NODE - Default node type. It indicates that the consumer is Antrea Controller. BM_NODE - It indicates that the consumer is Bare Metal Controller.",
"enum": [
"ANTREA_NODE",
"BM_NODE"
],
"required": false,
"title": "Indicates node type for ClusterControlPlane",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vhc_path": {
"description": "This property should be afford in create process for VHC module requirement.",
"required": false,
"title": "vhc path for this cluster control plane",
"type": "string"
}
},
"title": "Cluster Control Plane",
"type": "object"
}
ClusterControlPlaneDeleteRequestParameters (type)
{
"description": "Cluster Control Plane delete request parameters.",
"id": "ClusterControlPlaneDeleteRequestParameters",
"module_id": "ClusterControlPlane",
"properties": {
"cascade": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate if force delete cluster references from the firewall security policies.",
"type": "boolean"
}
},
"title": "Cluster Control Plane Delete Request Parameters",
"type": "object"
}
ClusterControlPlaneListRequestParameters (type)
{
"additionalProperties": false,
"description": "Cluster Control Plane list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "ClusterControlPlaneListRequestParameters",
"module_id": "ClusterControlPlane",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Cluster Control Plane List Request Parameters",
"type": "object"
}
ClusterControlPlaneListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "ClusterControlPlaneListResult",
"module_id": "ClusterControlPlane",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "This property include all cluster control Plane in NSX-T.",
"items": {
"$ref": "ClusterControlPlane"
},
"readonly": true,
"required": false,
"title": "Cluster Control Plane Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Cluster Control Plane queries result",
"type": "object"
}
ClusterDpuConfig (type)
{
"description": "Specifies configuration of a homogeneous cluster. If this property is set for a cluster, which indicate that this is a homogenous cluster consisting of hosts running ESXio on data processing unit (DPU) from a certain vendor.",
"id": "ClusterDpuConfig",
"module_id": "InventoryCmObj",
"properties": {
"vendor": {
"description": "Specifies the vendor of the data processing unit.",
"readonly": true,
"required": false,
"title": "Vendor of DPU",
"type": "string"
}
},
"title": "Configuration of homogeneous cluster",
"type": "object"
}
ClusterGroupMemberStatus (type)
{
"additionalProperties": false,
"description": "This type contains the attributes and status of a group member.",
"id": "ClusterGroupMemberStatus",
"module_id": "Cluster",
"properties": {
"member_fqdn": {
"format": "hostname",
"readonly": true,
"title": "FQDN of the group member",
"type": "string"
},
"member_ip": {
"format": "ip",
"readonly": true,
"title": "IP of the group member",
"type": "string"
},
"member_ipv6": {
"format": "ip",
"readonly": true,
"title": "IPv6 of the group member",
"type": "string"
},
"member_status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"readonly": true,
"title": "Status of the group member",
"type": "string"
},
"member_uuid": {
"readonly": true,
"title": "UUID of the group member",
"type": "string"
}
},
"title": "Status of a group member",
"type": "object"
}
ClusterGroupServiceLeader (type)
{
"additionalProperties": false,
"description": "Each cluster node entity provides multiple services. When working in a group, each service can elect a cluster node entity to be the leader of the service. Leader election helps in coordination of the service. The leader holds a renewable lease on the leadership for a fixed period of time. The lease version is incremented every time the leadership lease is renewed. This type contains the attributes of a leader.",
"id": "ClusterGroupServiceLeader",
"module_id": "Cluster",
"properties": {
"leader_uuid": {
"readonly": true,
"title": "Member UUID of the leader",
"type": "string"
},
"lease_version": {
"readonly": true,
"title": "Number of times the lease has been renewed",
"type": "integer"
},
"service_name": {
"readonly": true,
"title": "Name of the service",
"type": "string"
}
},
"title": "Leader for a service of the group",
"type": "object"
}
ClusterGroupStatus (type)
{
"additionalProperties": false,
"description": "This type contains the attributes and status of a group.",
"id": "ClusterGroupStatus",
"module_id": "Cluster",
"properties": {
"group_id": {
"readonly": true,
"title": "UUID of the group",
"type": "string"
},
"group_status": {
"enum": [
"STABLE",
"DEGRADED",
"UNSTABLE",
"UNAVAILABLE"
],
"readonly": true,
"title": "Group status",
"type": "string"
},
"group_type": {
"enum": [
"MANAGER",
"CONTROLLER",
"POLICY",
"HTTPS",
"DATASTORE",
"CLUSTER_BOOT_MANAGER",
"GLOBAL_MANAGER",
"ASYNC_REPLICATOR",
"MONITORING",
"IDPS_REPORTING",
"CORFU_NONCONFIG",
"CM-INVENTORY",
"MESSAGING-MANAGER"
],
"readonly": true,
"title": "Type of the group",
"type": "string"
},
"leaders": {
"items": {
"$ref": "ClusterGroupServiceLeader"
},
"readonly": true,
"title": "Array of group leaders and their attributes",
"type": "array"
},
"members": {
"items": {
"$ref": "ClusterGroupMemberStatus"
},
"readonly": true,
"title": "Array of group members and their statuses",
"type": "array"
}
},
"title": "Status of a group",
"type": "object"
}
ClusterHostGroup (type)
{
"id": "ClusterHostGroup",
"module_id": "InventoryCmInvComm",
"properties": {
"host_group_name": {
"readonly": true,
"required": false,
"title": "Name of a host group",
"type": "string"
},
"hosts": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Hosts of a group",
"type": "array"
}
},
"title": "Cluster host group",
"type": "object"
}
ClusterInitializationNodeInfo (type)
{
"additionalProperties": false,
"description": "The type provides the information of a non-running cluster node required for the initialization of a management cluster. The administrator needs to start this node for management cluster to initialize properly (or decommission it explicitly).",
"id": "ClusterInitializationNodeInfo",
"module_id": "ClusterManagement",
"properties": {
"disk_store_id": {
"readonly": true,
"required": false,
"title": "The (internal) disk-store ID of the member",
"type": "string"
},
"host_address": {
"readonly": true,
"title": "The IP address (or domain name) of the cluster node",
"type": "string"
}
},
"type": "object"
}
ClusterMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "ClusterMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster_id": {
"readonly": true,
"required": true,
"title": "The Antrea cluster id of the pod",
"type": "string"
},
"cluster_name": {
"readonly": true,
"required": true,
"title": "The Antrea cluster name of the pod",
"type": "string"
},
"namespaces": {
"items": {
"$ref": "NamespaceMemberDetails"
},
"required": true,
"type": "array"
}
},
"title": "Group member details",
"type": "object"
}
ClusterNodeConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "ClusterNodeConfig",
"module_id": "ClusterManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"appliance_mgmt_ipv6_listen_addr": {
"readonly": true,
"title": "The IPv6 address for the appliance management API service on this node",
"type": "string"
},
"appliance_mgmt_listen_addr": {
"readonly": true,
"title": "The IP and port for the appliance management API service on this node",
"type": "string"
},
"controller_role": {
"$ref": "ControllerClusterRoleConfig",
"required": false
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"title": "Internal identifier provided by the node",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"manager_role": {
"$ref": "ManagementClusterRoleConfig",
"required": false
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ClusterNodeConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ClusterNodeConfigListResult",
"module_id": "ClusterManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterNodeConfig"
},
"required": true,
"title": "Cluster node configuration results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ClusterNodeInfo (type)
{
"id": "ClusterNodeInfo",
"module_id": "ClusterManagement",
"properties": {
"api_listen_addr": {
"$ref": "ServiceEndpoint",
"readonly": true,
"title": "The IP and port for the public API service on this node"
},
"appliance_connection_info": {
"$ref": "ServiceEndpoint",
"readonly": true,
"title": "The IP, port and certificate for connecting to appliance."
},
"certificates": {
"items": {
"$ref": "NodeCertificateInfo"
},
"title": "Certificate and thumbprint of all entities",
"type": "array"
},
"control_plane_listen_addr": {
"$ref": "ServiceEndpoint",
"readonly": true,
"title": "The IP and port for the control plane service on this node"
},
"display_name": {
"title": "The display name of this node",
"type": "string"
},
"entities": {
"items": {
"$ref": "NodeEntityInfo"
},
"title": "Service endpoint of all entities",
"type": "array"
},
"fqdn": {
"title": "The fqdn of this node",
"type": "string"
},
"msg_clients": {
"items": {
"$ref": "NodeMessagingClientInfo"
},
"title": "Messaging client of all entities",
"type": "array"
},
"node_uuid": {
"readonly": true,
"required": true,
"title": "Unique identifier of this node",
"type": "string"
},
"status": {
"enum": [
"JOINING",
"JOINED",
"REMOVING",
"REMOVED"
],
"readonly": true,
"required": true,
"title": "Node clustering status",
"type": "string"
}
},
"type": "object"
}
ClusterNodeRole (type)
{
"description": "Enumerates the roles that can be specified in VM auto-deployment.",
"enum": [
"CONTROLLER",
"MANAGER"
],
"id": "ClusterNodeRole",
"module_id": "ClusterNodeVMDeployment",
"title": "Cluster node role",
"type": "string"
}
ClusterNodeStatus (type)
{
"additionalProperties": false,
"id": "ClusterNodeStatus",
"module_id": "ClusterManagement",
"properties": {
"control_cluster_status": {
"$ref": "ControlClusterNodeStatus",
"readonly": true,
"title": "Clustering status for control plane functions on this node"
},
"mgmt_cluster_status": {
"$ref": "ManagementClusterNodeStatus",
"readonly": true,
"title": "Clustering status for management plane functions on this node"
},
"system_status": {
"$ref": "NodeStatusProperties",
"readonly": true,
"title": "Node status properties"
},
"version": {
"readonly": true,
"title": "Software version running on node",
"type": "string"
}
},
"type": "object"
}
ClusterNodeVMDeletionParameters (type)
{
"description": "Parameters for deletion of a cluster node VM.",
"id": "ClusterNodeVMDeletionParameters",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"force_delete": {
"description": "If true, the VM will be undeployed even if it cannot be removed from its cluster.",
"title": "Delete by force",
"type": "boolean"
}
},
"title": "Parameters for DeleteAutoDeployedClusterNodeVM",
"type": "object"
}
ClusterNodeVMDeploymentConfig (type)
{
"description": "Contains info used to configure the VM on deployment",
"id": "ClusterNodeVMDeploymentConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "placement_type"
},
"properties": {
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the VM",
"enum": [
"VsphereClusterNodeVMDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
}
},
"title": "Configuration for deploying cluster node VM",
"type": "object"
}
ClusterNodeVMDeploymentRequest (type)
{
"additionalProperties": false,
"description": "Contains the deployment information for a cluster node VM soon to be deployed or already deployed by the Manager",
"id": "ClusterNodeVMDeploymentRequest",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"deployment_config": {
"$ref": "ClusterNodeVMDeploymentConfig",
"description": "Info needed to configure a cluster node VM at deployment for a specific platform. May require different parameters depending on the method used to deploy the VM.",
"required": true,
"title": "Deployment config for cluster node VM"
},
"form_factor": {
"$ref": "ClusterNodeVMFormFactor",
"default": "MEDIUM",
"description": "Specifies the desired \"size\" of the VM",
"required": false,
"title": "Form factor for cluster node VMs"
},
"roles": {
"description": "List of cluster node role (or roles) which the VM should take on. They specify what type (or types) of cluster node which the new VM should act as. Currently both CONTROLLER and MANAGER must be provided, since this permutation is the only one supported now.",
"items": {
"$ref": "ClusterNodeRole"
},
"required": true,
"title": "Cluster node roles of the VM",
"type": "array"
},
"user_settings": {
"$ref": "NodeUserSettings",
"description": "Username and password settings for the cluster node VM. Passwords must be at least 12 characters in length and contain at least one lowercase, one uppercase, one numerical, and one special character. Note: These settings will be honored only during VM deployment. Post-deployment, CLI must be used for changing the user settings and changes to these parameters will not have any effect.",
"required": true,
"sensitive": true,
"title": "User settings for the VM"
},
"vm_id": {
"description": "ID of the VM maintained internally and used to recognize it. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"required": false,
"title": "ID of VM used to recognize it",
"type": "string"
}
},
"title": "Info for an auto-deployment request",
"type": "object"
}
ClusterNodeVMDeploymentRequestList (type)
{
"additionalProperties": false,
"description": "List of ClusterNodeVMDeploymentRequests",
"extends": {
"$ref": "ListResult"
},
"id": "ClusterNodeVMDeploymentRequestList",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of existing ClusterNodeVMDeploymentRequests",
"items": {
"$ref": "ClusterNodeVMDeploymentRequest"
},
"required": true,
"title": "Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ClusterNodeVMDeploymentRequest list",
"type": "object"
}
ClusterNodeVMDeploymentStatusReport (type)
{
"description": "Contains up-to-date information relating to an auto-deployed VM, including its status and (potentially) an error message.",
"id": "ClusterNodeVMDeploymentStatusReport",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"deployment_progress_state": {
"$ref": "VMDeploymentProgressState",
"description": "Detailed progress state of node VM deployment realization",
"readonly": true,
"required": false,
"title": "Deployment progress state of node VM"
},
"failure_code": {
"description": "In case of auto-deployment-related failure, the code for the error will be stored here.",
"required": false,
"title": "Error code for failure",
"type": "integer"
},
"failure_message": {
"description": "In case of auto-deployment-related failure, an error message will be stored here.",
"required": false,
"title": "Error message for failure",
"type": "string"
},
"status": {
"description": "Status of the addition or deletion of an auto-deployed cluster node VM.",
"enum": [
"UNKNOWN_STATE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"WAITING_TO_REGISTER_VM",
"VM_REGISTRATION_FAILED",
"VM_WAITING_TO_CLUSTER",
"VM_WAITING_TO_COME_ONLINE",
"VM_ONLINE_FAILED",
"VM_CLUSTERING_IN_PROGRESS",
"VM_CLUSTERING_FAILED",
"VM_CLUSTERING_SUCCESSFUL",
"WAITING_TO_UNDEPLOY_VM",
"VM_DECLUSTER_IN_PROGRESS",
"VM_DECLUSTER_FAILED",
"VM_DECLUSTER_SUCCESSFUL",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL"
],
"required": true,
"title": "Auto-deployed VM's deployment status",
"type": "string"
}
},
"title": "Report of a VM's deployment status",
"type": "object"
}
ClusterNodeVMFormFactor (type)
{
"description": "Specifies the desired \"size\" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE",
"XLARGE"
],
"id": "ClusterNodeVMFormFactor",
"module_id": "ClusterNodeVMDeployment",
"title": "Supported VM form factor for cluster nodes",
"type": "string"
}
ClusterProfile (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "ClusterProfile",
"module_id": "ClusterProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "ClusterProfileType",
"help_summary": "The cluster profile type.",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ClusterProfileListParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ClusterProfileListParameters",
"module_id": "ClusterProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_system_owned": {
"default": true,
"required": false,
"title": "Whether the list result contains system resources",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"$ref": "ClusterProfileType",
"required": false,
"title": "Type of cluster profile"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ClusterProfile List Parameters",
"type": "object"
}
ClusterProfileListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "ClusterProfileListResult",
"module_id": "ClusterProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterProfile"
},
"readonly": true,
"required": false,
"title": "Cluster Profile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Cluster Profile queries result",
"type": "object"
}
ClusterProfileType (type)
{
"enum": [
"EdgeHighAvailabilityProfile",
"BridgeHighAvailabilityClusterProfile"
],
"id": "ClusterProfileType",
"module_id": "ClusterProfile",
"title": "Supported cluster profiles.",
"type": "string"
}
ClusterProfileTypeIdEntry (type) (Deprecated)
{
"deprecated": true,
"id": "ClusterProfileTypeIdEntry",
"module_id": "ClusterProfile",
"properties": {
"profile_id": {
"description": "key value",
"readonly": false,
"required": true,
"type": "string"
},
"resource_type": {
"$ref": "ClusterProfileType"
}
},
"type": "object"
}
ClusterRestoreStatus (type)
{
"id": "ClusterRestoreStatus",
"module_id": "ClusterRestore",
"properties": {
"allowed_actions": {
"default": [],
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of actions that are allowed.",
"type": "array",
"uniqueItems": true
},
"backup_timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": false,
"title": "Timestamp when backup was initiated in epoch millisecond"
},
"endpoints": {
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"required": true,
"title": "The list of allowed endpoints, based on the current state of\nthe restore process\n",
"type": "array"
},
"id": {
"readonly": true,
"required": false,
"title": "Unique id for backup request",
"type": "string"
},
"instructions": {
"items": {
"$ref": "InstructionInfo"
},
"readonly": true,
"required": false,
"title": "Instructions for users to reconcile Restore operations",
"type": "array"
},
"not_allowed_actions": {
"default": [],
"items": {
"enum": [
"VC_UPDATES"
],
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of actions that are not allowed",
"type": "array",
"uniqueItems": true
},
"restore_end_time": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": false,
"title": "Timestamp when restore was completed in epoch millisecond"
},
"restore_start_time": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": false,
"title": "Timestamp when restore was started in epoch millisecond"
},
"status": {
"$ref": "GlobalRestoreStatus"
},
"step": {
"$ref": "RestoreStep"
},
"total_steps": {
"readonly": true,
"required": false,
"title": "Total number of steps in the entire restore process",
"type": "integer"
}
},
"title": "Cluster restore status",
"type": "object"
}
ClusterRestoreStatusRequestParameters (type)
{
"id": "ClusterRestoreStatusRequestParameters",
"properties": {
"restore_component": {
"default": "LOCAL_MANAGER",
"enum": [
"LOCAL_MANAGER",
"GLOBAL_MANAGER"
],
"readonly": true,
"required": false,
"type": "string"
}
},
"type": "object"
}
ClusterRoleConfig (type)
{
"additionalProperties": false,
"id": "ClusterRoleConfig",
"module_id": "ClusterManagement",
"properties": {
"type": {
"enum": [
"ManagementClusterRoleConfig",
"ControllerClusterRoleConfig"
],
"readonly": true,
"required": true,
"title": "Type of this role configuration",
"type": "string"
}
},
"type": "object"
}
ClusterStatus (type)
{
"additionalProperties": false,
"id": "ClusterStatus",
"module_id": "ClusterManagement",
"properties": {
"cluster_id": {
"readonly": true,
"title": "Unique identifier of this cluster",
"type": "string"
},
"control_cluster_status": {
"$ref": "ControllerClusterStatus",
"deprecated": true,
"readonly": true,
"title": "The current status of the control cluster"
},
"detailed_cluster_status": {
"$ref": "AllClusterGroupStatus",
"readonly": true,
"title": "Status of all the cluster groups"
},
"mgmt_cluster_status": {
"$ref": "ManagementClusterStatus",
"deprecated": true,
"readonly": true,
"title": "The current status of the management cluster"
},
"node_services_status": {
"$ref": "NodeServicesStatus",
"readonly": true,
"title": "Status of all node level services"
},
"overall_status": {
"enum": [
"STABLE",
"DEGRADED",
"UNAVAILABLE"
],
"readonly": true,
"title": "Aggregated status of node services and clustered services",
"type": "string"
}
},
"type": "object"
}
ClusterVirtualIpProperties (type)
{
"additionalProperties": false,
"id": "ClusterVirtualIpProperties",
"properties": {
"force": {
"default": "false",
"enum": [
"true",
"false"
],
"title": "On enable it ignores duplicate address detection and DNS lookup validation check",
"type": "string"
},
"ip6_address": {
"title": "Virtual IPv6 address, :: if not configured",
"type": "string"
},
"ip_address": {
"title": "Virtual IP address, 0.0.0.0 if not configured",
"type": "string"
}
},
"title": "Cluster virtual IP properties",
"type": "object"
}
ClusteringConfig (type)
{
"description": "Configuration for automatically joining a cluster node to the cluster after it is deployed. ClusteringConfig is required if any of the deployment nodes has CONTROLLER role.",
"id": "ClusteringConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "clustering_type"
},
"properties": {
"clustering_type": {
"description": "Specifies the type of clustering config to be used.",
"enum": [
"ControlClusteringConfig"
],
"required": true,
"title": "Type for the clustering config",
"type": "string"
}
},
"title": "Configuration for VM's clustering",
"type": "object"
}
ClusteringInfo (type)
{
"description": "Clustering parameters for the controller cluster",
"id": "ClusteringInfo",
"module_id": "ClusterManagement",
"properties": {
"join_to_existing_cluster": {
"description": "Property to indicate if the node must join an existing cluster.",
"required": true,
"title": "True If the controller node should join an existing cluster",
"type": "boolean"
},
"shared_secret": {
"description": "Shared secret of the cluster.",
"required": true,
"sensitive": true,
"title": "Shared Secret of the cluster",
"type": "secure_string"
}
},
"type": "object"
}
ClusteringStatus (type)
{
"enum": [
"CONNECTED",
"DISCONNECTED",
"UNKNOWN"
],
"id": "ClusteringStatus",
"module_id": "ClusterManagement",
"type": "string"
}
ClustersAggregateInfo (type)
{
"additionalProperties": false,
"id": "ClustersAggregateInfo",
"module_id": "ClusterManagement",
"properties": {
"cluster_status": {
"$ref": "AllClusterGroupStatus",
"title": "Status of all the cluster groups"
},
"controller_cluster": {
"items": {
"$ref": "ControllerNodeAggregateInfo"
},
"required": true,
"title": "Array of Controller Nodes",
"type": "array"
},
"management_cluster": {
"items": {
"$ref": "ManagementNodeAggregateInfo"
},
"required": true,
"title": "Array of Management Nodes",
"type": "array"
}
},
"type": "object"
}
CmThumbprintHashingConfig (type)
{
"additionalProperties": false,
"id": "CmThumbprintHashingConfig",
"module_id": "InventoryCmObj",
"properties": {
"hashing_algorithm_type": {
"description": "This specifies the hashing algorithm to be used for stamping NSX manager thumbprint in compute manager extension. e.g. When a vCenter is registered as compute manager, thumbprint of NSX manager certificate is stamped in NSXT extension on vCenter. If algorithm type is SHA1, then SHA1 thumbprint of NSX manager API certificate is stamped. If algorithm type is SHA256, then SHA256 thumbprint of NSX manager certificate is stamped. Changing this setting to SHA256 will result in communication issues between WCP component in VC and NSX manager. Hence it is recommended not to use SHA256 if VC WCP feature is being used with NSX.",
"enum": [
"SHA1",
"SHA256"
],
"readonly": false,
"required": true,
"title": "Algorithm type for thumbprint hashing",
"type": "string"
}
},
"type": "object"
}
CollectConfigWorkflowSpec (type)
{
"additionalProperties": false,
"description": "Collect config for the requested workflow spec.",
"extends": {
"$ref": "WorkflowSpec"
},
"id": "CollectConfigWorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "CollectConfigWorkflowSpec"
},
"properties": {
"type": {
"$ref": "WorkflowSpecType",
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
},
"workflow_resource": {
"$ref": "WorkflowResource",
"readonly": false,
"required": true
}
},
"title": "Collect Config Workflow spec",
"type": "object"
}
ColorCode (type)
{
"description": "Color code.",
"enum": [
"GREEN",
"YELLOW",
"RED"
],
"id": "ColorCode",
"module_id": "OverlayAdoption",
"title": "Color code",
"type": "string"
}
ColoredMessage (type)
{
"description": "A message with a color that shows the message's severity or priority.",
"id": "ColoredMessage",
"module_id": "OverlayAdoption",
"properties": {
"color": {
"$ref": "ColorCode",
"default": "YELLOW",
"description": "The message color that shows the message's severity or priority.",
"readonly": true,
"required": false,
"title": "The message color that shows the message's severity or priority"
},
"message": {
"description": "A string message.",
"readonly": true,
"required": false,
"title": "A string message",
"type": "string"
}
},
"title": "A message with a color",
"type": "object"
}
ColumnItem (type)
{
"additionalProperties": false,
"description": "Represents a column of the Grid",
"id": "ColumnItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"column_identifier": {
"description": "Identifies the column and used for fetching content upon an user click or drilldown. If column identifier is not provided, the column's data will not participate in searches and drilldowns.",
"title": "Identifier for this column",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "Field from which values of the column will be derived.",
"maxLength": 1024,
"required": true,
"title": "Column Field",
"type": "string"
},
"hidden": {
"default": false,
"description": "If set to true, hides the column",
"title": "Hide the column",
"type": "boolean"
},
"label": {
"$ref": "Label",
"description": "Label of the column.",
"readonly": false,
"required": true,
"title": "Column Label"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"render_configuration": {
"description": "Render configuration to be applied, if any.",
"items": {
"$ref": "RenderConfiguration"
},
"title": "Render Configuration",
"type": "array"
},
"sort_ascending": {
"default": true,
"description": "If true, the value of the column are sorted in ascending order. Otherwise, in descending order.",
"title": "Represents order of sorting the values",
"type": "boolean"
},
"sort_key": {
"description": "Sorting on column is based on the sort_key. sort_key represents the field in the output data on which sort is requested.",
"maxLength": 255,
"title": "Key for sorting on this column",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over a cell in the grid.",
"items": {
"$ref": "Tooltip"
},
"title": "Multi-line tooltip",
"type": "array"
},
"type": {
"default": "String",
"description": "Data type of the field.",
"enum": [
"String",
"Number",
"Date"
],
"maxLength": 255,
"required": true,
"title": "Field data type",
"type": "string"
}
},
"title": "Grid Column",
"type": "object"
}
CommonAgentEndpointInfo (type)
{
"description": "An endpoint to connect to Kafka/ingress of the NSX Application Platform. Either FQDN or IP address can be used in the endpoint info.",
"id": "CommonAgentEndpointInfo",
"module_id": "PolicyCloudNativeCommonAgent",
"properties": {
"address": {
"description": "The IP address or the full qualified domain name of Kafka broker/ingress.",
"format": "hostname-or-ip",
"required": true,
"title": "address",
"type": "string"
},
"port": {
"description": "The port number where the broker is listening to.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "port number",
"type": "integer"
}
},
"title": "NSX Application Platform Kafka/ingress endpoints",
"type": "object"
}
CommonAgentHostConfigurationInfo (type)
{
"description": "NSX Application Platform Common Agent configuration that can be applied to host nodes.",
"extends": {
"$ref": "ManagedResource"
},
"id": "CommonAgentHostConfigurationInfo",
"module_id": "PolicyCloudNativeCommonAgent",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ingress_certificate": {
"description": "A ingress certificate to verify the identity of brokers.",
"required": false,
"title": "Broker certificate",
"type": "string"
},
"ingress_endpoint": {
"description": "List of NSX Application Platform ingress endpoints that host nodes contact initially.",
"items": {
"$ref": "CommonAgentEndpointInfo"
},
"required": false,
"title": "List of NSX Application Platform ingress endpoints",
"type": "array"
},
"kafka_certificate": {
"description": "A Kafka broker certificate to verify the identity of brokers.",
"required": false,
"title": "Broker certificate",
"type": "string"
},
"kafka_endpoint": {
"description": "List of NSX Application Platform broker endpoints that host nodes contact initially.",
"items": {
"$ref": "CommonAgentEndpointInfo"
},
"required": false,
"title": "List of NSX Application Platform Kafka broker endpoints",
"type": "array"
},
"nsx_cluster_id": {
"description": "Cluster id of the NSX Manager cluster.",
"required": false,
"title": "Cluster id of the NSX Manager cluster",
"type": "string"
},
"private_ip_range": {
"description": "List of private IP prefix that NSX Application Platform Common Agent network flow is collected from.",
"items": {
"$ref": "CommonAgentPrivateIpRangeInfo"
},
"required": false,
"title": "List of private IP prefix",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_id": {
"description": "Site id of the local manager.",
"required": false,
"title": "Site id of the local manager",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"truststore": {
"description": "A truststore to establish the trust between NSX and NSX Application Platform.",
"required": false,
"title": "truststore",
"type": "string"
}
},
"title": "NSX Application Platform Common Agent host configuration",
"type": "object"
}
CommonAgentPrivateIpRangeInfo (type)
{
"description": "An IP prefix to mark the private network that NSX Application Platform Common Agent network flow is collected from.",
"id": "CommonAgentPrivateIpRangeInfo",
"module_id": "PolicyCloudNativeCommonAgent",
"properties": {
"address": {
"$ref": "IPAddress",
"description": "The prefix of IP address that marks the range of private network.",
"required": true,
"title": "IP address"
},
"address_type": {
"description": "The type of IP address.",
"enum": [
"IPV4",
"IPV6"
],
"required": true,
"title": "IP address type",
"type": "string"
},
"prefix_length": {
"description": "The length of IP address prefix that marks the range of private network.",
"maximum": 128,
"minimum": 1,
"required": true,
"title": "IP prefix length",
"type": "integer"
}
},
"title": "NSX Application Platform Common Agent private IP prefix",
"type": "object"
}
CommonUploadFile (type)
{
"additionalProperties": false,
"description": "To upload file content example kubeconfig or Kubernetes tools.",
"extends": {
"$ref": "NoRestRequestParameters"
},
"id": "CommonUploadFile",
"module_id": "PolicyCloudNative",
"properties": {
"file": {
"description": "Kubeconfig or Kubernetes tools file to be imported.",
"required": true,
"title": "File to upload",
"type": "multipart_file"
}
},
"title": "To upload kubeconfig or Kubernetes tools",
"type": "object"
}
CommunicationEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "CommunicationEntry",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services.",
"enum": [
"ALLOW",
"DROP",
"REJECT"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "The list of policy paths where the communication entry is applied Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array"
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple CommunicationEntries under CommunicationMap for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple communication entries with the same sequence number then their order is not deterministic. If a specific order of communication entry is desired, then one has to specify unique sequence numbers or use the POST request on the communication entry entity with a query parameter action=revise to let the framework assign a sequence number",
"required": false,
"title": "Sequence number of the this CommunicationEntry",
"type": "int"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array"
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs.",
"maxLength": 32,
"required": false,
"title": "Tag applied on the communication entry",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A communication entry specifies the security policy between the workload groups",
"type": "object"
}
CommunicationEntryInsertParameters (type) (Deprecated)
{
"deprecated": true,
"description": "Parameters to let the admin specify a relative position of a communication entry w.r.t to another one in the same communication map. If the communication entry specified in the anchor_path belongs to another communication map an error will be thrown This type is deprecated. Use the type RuleInsertParameters instead.",
"extends": {
"$ref": "CommunicationInsertParameters"
},
"id": "CommunicationEntryInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where communication entry needs to be placed",
"type": "object"
}
CommunicationEntryListRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This type is deprecated. Use the type RuleListRequestParameters instead.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "CommunicationEntryListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CommunicationEntry list request parameters",
"type": "object"
}
CommunicationEntryListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This type is deprecated. Use the type RuleListResult instead.",
"extends": {
"$ref": "ListResult"
},
"id": "CommunicationEntryListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CommunicationEntry"
},
"required": true,
"title": "CommunicationEntry list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of CommunicationEntries",
"type": "object"
}
CommunicationInsertParameters (type) (Deprecated)
{
"deprecated": true,
"description": "Parameters to let the admin specify a relative position of a communication map or communication entry w.r.t to another one. This type is deprecated. Use the type RuleInsertParameters instead.",
"id": "CommunicationInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where communication map/communication entry\nneeds to be placed\n",
"type": "object"
}
CommunicationMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Ordered list of CommunicationEntries. This object is created by default along with the Domain. This type is deprecated. Use the type SecurityPolicy instead.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "CommunicationMap",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildCommunicationEntry"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework for Distributed Firewall provides four pre-defined categories for classifying a communication map. They are \"Emergency\", \"Infrastructure\", \"Environment\" and \"Application\". Amongst the layer 3 communication maps,there is a pre-determined order in which the policy framework manages the priority of these communication maps. Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a communication map into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four layer 3 categories.",
"required": false,
"title": "A way to classify a communication map, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"communication_entries": {
"items": {
"$ref": "CommunicationEntry"
},
"required": false,
"title": "CommunicationEntries that are a part of this CommunicationMap",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"precedence": {
"description": "This field is used to resolve conflicts between communication maps across domains. In order to change the precedence of a communication map one can fire a POST request on the communication map entity with a query parameter action=revise The precedence field will reflect the value of the computed precedence upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several communication maps, the only way to set the precedence is to explicitly specify the precedence number for each communication map. If no precedence is specified in the payload, a value of 0 is assigned by default. If there are multiple communication maps with the same precedence then their order is not deterministic. If a specific order of communication map is desired, then one has to specify a unique precedence or use the POST request on the communication map entity with a query parameter action=revise to let the framework assign a precedence",
"title": "Precedence to resolve conflicts across Domains",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of CommunicationEntries",
"type": "object"
}
CommunicationMapInsertParameters (type) (Deprecated)
{
"deprecated": true,
"description": "Parameters to let the admin specify a relative position of a communication map w.r.t to another one. This type is deprecated. Use the type SecurityPolicyInsertParameters instead.",
"extends": {
"$ref": "CommunicationInsertParameters"
},
"id": "CommunicationMapInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where communication map needs to be placed",
"type": "object"
}
CommunicationMapListRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This type is deprecated. Use the type SecurityPolicyListRequestParameters instead.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "CommunicationMapListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CommunicationMap list request parameters",
"type": "object"
}
CommunicationMapListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This type is deprecated. Use the type SecurityPolicyListResult instead.",
"extends": {
"$ref": "ListResult"
},
"id": "CommunicationMapListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CommunicationMap"
},
"required": true,
"title": "CommunicationMap list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Communication map",
"type": "object"
}
CommunityList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "CommunityList",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"communities": {
"description": "List of BGP community entries. Both standard and large communities are supported. Standard community format: aa:nn where aa and nn must be within the range [1 - 65536]. Large BGP Community format: aa:bb:nn where aa (Global Administrator), bb (Local Data Part 1) and nn (Local Data Part 2) must be within the range [1 - 4294967295]. In additon to numbered communites (e.g. 3356:2040), predefined communities (NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED) are supported.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "List of BGP community entries",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Community list for BGP routing configuration",
"type": "object"
}
CommunityListListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "CommunityListListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CommunityList"
},
"required": true,
"title": "CommunityList results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of CommunityLists",
"type": "object"
}
CommunityMatchCriteria (type)
{
"additionalProperties": false,
"id": "CommunityMatchCriteria",
"module_id": "PolicyConnectivity",
"properties": {
"criteria": {
"description": "Match criteria specified as a community list path or a regular expression.",
"required": true,
"title": "Match criteria based on community list path or a regular expression",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0RouteMap"
],
"relationshipType": "ROUTEMAP_COMMUNITY_LIST_RELATIONSHIP",
"rightType": [
"CommunityList"
]
}
]
},
"match_operator": {
"description": "Match operator for community list entries. Not valid when a regular expression is specified for criteria.",
"enum": [
"MATCH_ANY",
"MATCH_ALL",
"MATCH_EXACT",
"MATCH_COMMUNITY_REGEX",
"MATCH_LARGE_COMMUNITY_REGEX"
],
"required": false,
"title": "Match operator for community list entries",
"type": "string"
}
},
"title": "Match criteria based on a community list",
"type": "object"
}
CommunityMatchExpression (type)
{
"additionalProperties": false,
"id": "CommunityMatchExpression",
"module_id": "Routing",
"properties": {
"expression": {
"items": {
"$ref": "CommunityMatchOperation"
},
"required": true,
"title": "Array of community match operations",
"type": "array"
},
"operator": {
"description": "Operator for evaluating community match expressions. AND logical AND operator",
"enum": [
"AND"
],
"readonly": true,
"title": "Operator",
"type": "string"
}
},
"title": "Community match expression",
"type": "object"
}
CommunityMatchOperation (type)
{
"additionalProperties": false,
"id": "CommunityMatchOperation",
"module_id": "Routing",
"properties": {
"community_list_id": {
"description": "ID of BGP community list. This value is not required when match_operator is MATCH_REGEX otherwise required.",
"title": "Community list id",
"type": "string"
},
"match_operator": {
"default": "MATCH_ANY",
"description": "Match operator for communities from provided community list id. MATCH_ANY will match any community MATCH_ALL will match all communities MATCH_EXACT will do exact match on community MATCH_NONE [operator not supported] will not match any community MATCH_REGEX will match normal communities by evaluating regular expression MATCH_LARGE_COMMUNITY_REGEX will match large communities by evaluating regular expression",
"enum": [
"MATCH_ANY",
"MATCH_ALL",
"MATCH_EXACT",
"MATCH_NONE",
"MATCH_REGEX",
"MATCH_LARGE_COMMUNITY_REGEX"
],
"title": "Match operator",
"type": "string"
},
"regular_expression": {
"description": "Regular expression to match BGP communities. If match_operator is MATCH_REGEX then this value must be specified.",
"title": "Regular expression",
"type": "string"
}
},
"title": "Community match operation",
"type": "object"
}
ComponentConditionItem (type)
{
"additionalProperties": false,
"description": "This indicate component health condition and the reason why not healthy.",
"id": "ComponentConditionItem",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"condition_type": {
"$ref": "ComponentConditionType",
"description": "Indicate which component condition it is.",
"readonly": true,
"title": "Antrea Component condition type"
},
"last_heartbeat_time": {
"$ref": "EpochMsTimestamp",
"description": "Time unit is millisecond.",
"title": "Last heartbeat time"
},
"message": {
"description": "Additional condition information.",
"title": "Antrea Component condition message",
"type": "string"
},
"reason": {
"description": "Indicate why not healthy.",
"title": "Reason of unhealthy status",
"type": "string"
},
"status": {
"$ref": "ConditionStatus",
"description": "Indicate healthy or unhealthy.",
"title": "Component condition status"
}
},
"title": "Antrea Component condition",
"type": "object"
}
ComponentConditionType (type)
{
"description": "Antrea Component condition names collection.",
"enum": [
"CONTROLLER_HEALTHY",
"MP_ADAPTER_HEALTHY",
"MP_CONNECTED",
"CCP_ADAPTER_HEALTHY",
"CCP_SESSION_STATE_UP"
],
"id": "ComponentConditionType",
"module_id": "PolicyAntreaMonitoring",
"title": "Antrea Component condition",
"type": "string"
}
ComponentHealthMetric (type)
{
"id": "ComponentHealthMetric",
"module_id": "Heatmap",
"properties": {
"data_type": {
"description": "Health metric data type.",
"enum": [
"INTEGER",
"DOUBLE",
"STRING",
"BOOL",
"TIMESTAMP"
],
"title": "Data type",
"type": "string"
},
"name": {
"description": "Health metric name.",
"title": "Name",
"type": "string"
},
"unit": {
"description": "Health metric unit.",
"enum": [
"BYTES",
"PERCENT",
"MILLISECOND",
"MICROSECOND"
],
"title": "Unit",
"type": "string"
},
"value": {
"description": "Health metric value.",
"title": "Value",
"type": "string"
}
},
"type": "object"
}
ComponentMigrationStatus (type)
{
"additionalProperties": false,
"id": "ComponentMigrationStatus",
"module_id": "Migration",
"properties": {
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the migration of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the migration status",
"type": "string"
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the migration status",
"type": "string"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of migration progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Migration status of component",
"type": "string"
}
},
"type": "object"
}
ComponentStatus (type)
{
"description": "Antrea Component status enum. If lose connection, status will be UNKNOWN",
"enum": [
"HEALTHY",
"DEGRADED",
"FAILED",
"UNKNOWN"
],
"id": "ComponentStatus",
"module_id": "PolicyAntreaMonitoring",
"title": "Antrea Component status",
"type": "string"
}
ComponentTargetVersion (type)
{
"id": "ComponentTargetVersion",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": true,
"required": true,
"type": "string"
},
"target_version": {
"readonly": true,
"required": true,
"type": "string"
}
},
"type": "object"
}
ComponentTypeListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ComponentTypeListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type on which the action is performed or on which the results are filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ComponentUpgradeChecksInfo (type)
{
"additionalProperties": false,
"description": "Meta-data of pre/post-upgrade checks for a component",
"id": "ComponentUpgradeChecksInfo",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type of the pre/post-upgrade checks",
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"post_upgrade_checks_info": {
"items": {
"$ref": "UpgradeCheckInfo"
},
"required": false,
"title": "Collection of post-upgrade checks",
"type": "array"
},
"pre_upgrade_checks_info": {
"items": {
"$ref": "UpgradeCheckInfo"
},
"required": false,
"title": "Collection of pre-upgrade checks",
"type": "array"
}
},
"title": "Meta-data of pre/post-upgrade checks for a component",
"type": "object"
}
ComponentUpgradeChecksInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ComponentUpgradeChecksInfoListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComponentUpgradeChecksInfo"
},
"required": true,
"title": "Collection of info of pre/post-upgrade checks for components",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ComponentUpgradeStatus (type)
{
"additionalProperties": false,
"id": "ComponentUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList",
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus",
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"type": "object"
}
ComputeClusterIdfwConfiguration (type)
{
"additionalProperties": false,
"description": "Idfw configuration for activate/deactivate idfw on cluster level.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "ComputeClusterIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster_idfw_enabled": {
"description": "If set to true, idfw is enabled for this cluster",
"readonly": false,
"required": true,
"title": "Idfw enabled flag",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_stale": {
"description": "If set to true, this cluster has been deleted from NSX.",
"readonly": true,
"title": "Cluster stale flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member": {
"$ref": "PolicyResourceReference",
"description": "Contains actual policy resource reference object",
"required": true,
"title": "PolicyResourceReference"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Compute cluster idfw configuration",
"type": "object"
}
ComputeClusterIdfwConfigurationListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ComputeClusterIdfwConfigurationListRequestParameters",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Compute cluster idfw configuration request parameters",
"type": "object"
}
ComputeClusterIdfwConfigurationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ComputeClusterIdfwConfigurationListResult",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComputeClusterIdfwConfiguration"
},
"required": true,
"title": "Compute cluster wise identity firewall configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of compute cluster idfw configuration",
"type": "object"
}
ComputeCollection (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ComputeCollection",
"module_id": "InventoryCmObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"readonly": true,
"required": true,
"title": "Local Id of the compute collection in the Compute Manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpu_config": {
"$ref": "ClusterDpuConfig",
"description": "Specifies property related to cluster homogeneity for SmartNic",
"readonly": true,
"required": false,
"title": "Configuration of homogeneous cluster"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External ID of the ComputeCollection in the source Compute manager,\ne.g. mo-ref in VC\n",
"type": "string"
},
"host_groups": {
"description": "List of host groups for a cluster",
"items": {
"$ref": "ClusterHostGroup"
},
"readonly": true,
"required": false,
"title": "Host groups",
"type": "array"
},
"origin_id": {
"readonly": true,
"required": true,
"title": "Id of the compute manager from where this Compute Collection was discovered",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair"
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional specific properties of\ncompute collection in the Compute Manager\n",
"type": "array"
},
"origin_type": {
"readonly": true,
"required": true,
"title": "ComputeCollection type like VC_Cluster. Here the Compute Manager\ntype prefix would help in differentiating similar named Compute\nCollection types from different Compute Managers\n",
"type": "string"
},
"owner_id": {
"readonly": true,
"required": false,
"title": "Id of the owner of compute collection in the Compute Manager",
"type": "string"
},
"owner_nsx": {
"description": "Specifies owner nsx of the compute collection. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when compute collection prepared by that nsx. OTHER applies to when compute collection prepared by other nsx. MULTIPLE applies to when compute collection tried to prepare by multiple nsx at a time. NONE applies to when compute collection is not prepared by any nsx.",
"enum": [
"SELF",
"OTHER",
"MULTIPLE",
"NONE"
],
"readonly": true,
"required": false,
"title": "Specifies owner nsx of the compute collection",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ComputeCollectionAction (type)
{
"additionalProperties": false,
"id": "ComputeCollectionAction",
"module_id": "ComputeCollectionDeployment",
"properties": {
"action": {
"description": "For Compute collection, the supported actions are: - remove_nsx: removes NSX from the cluster",
"enum": [
"remove_nsx"
],
"title": "Supported actions on compute-collection",
"type": "string"
}
},
"title": "Compute collection action parameters",
"type": "object"
}
ComputeCollectionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ComputeCollectionListRequestParameters",
"module_id": "InventoryCmObj",
"properties": {
"cm_local_id": {
"required": false,
"title": "Local Id of the compute collection in the Compute Manager",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"discovered_node_id": {
"required": false,
"title": "Id of the discovered node which belongs to this Compute Collection\n",
"type": "string"
},
"display_name": {
"required": false,
"title": "Name of the ComputeCollection in source compute manager",
"type": "string"
},
"external_id": {
"required": false,
"title": "External ID of the ComputeCollection in the source Compute manager,\ne.g. mo-ref in VC\n",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"node_id": {
"required": false,
"title": "Id of the fabric node created from a discovered node belonging to\nthis Compute Collection\n",
"type": "string"
},
"origin_id": {
"required": false,
"title": "Id of the compute manager from where this Compute Collection was discovered",
"type": "string"
},
"origin_type": {
"required": false,
"title": "ComputeCollection type like VC_Cluster. Here the Compute Manager\ntype prefix would help in differentiating similar named Compute\nCollection types from different Compute Managers\n",
"type": "string"
},
"owner_id": {
"required": false,
"title": "Id of the owner of compute collection in the Compute Manager",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Compute Collection list parameters",
"type": "object"
}
ComputeCollectionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ComputeCollectionListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComputeCollection"
},
"required": true,
"title": "Compute Collection list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Compute Collection list result",
"type": "object"
}
ComputeCollectionNetworkInterfacesListResult (type)
{
"description": "List of network interfaces for all discovered nodes in compute collection",
"extends": {
"$ref": "ListResult"
},
"id": "ComputeCollectionNetworkInterfacesListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of discovered node with network interfaces",
"items": {
"$ref": "DiscoveredNodeNetworkInterfaces"
},
"required": true,
"title": "Discovered node network interfaces",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ComputeCollection Interfaces List Result",
"type": "object"
}
ComputeManager (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "ComputeManager",
"module_id": "InventoryCmObj",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_level_for_oidc": {
"default": "FULL",
"deprecated": true,
"description": "This is a deprecated property which is always set as FULL. Specifies the maximum access level allowed for calls from compute manager to NSX using the OIDC provider.",
"enum": [
"FULL",
"LIMITED"
],
"readonly": false,
"required": false,
"title": "Specifies access level to NSX from the compute manager",
"type": "string"
},
"certificate": {
"$ref": "CACertificateData",
"description": "Specifies CA certificate data for compute manager fetched from VC.",
"readonly": false,
"required": false,
"title": "Data of CA certificate for compute manager."
},
"create_service_account": {
"default": true,
"description": "Enable this flag to create service account user on compute manager. This is required by features such as vSphere Lifecycle Manager for authentication with vAPIs from nsx. From VCF 9.0 service account is mandatory.",
"readonly": false,
"required": false,
"title": "Specifies whether service account is created or not on compute manager",
"type": "boolean"
},
"credential": {
"$ref": "LoginCredential",
"description": "Supported credential types are 'SamlTokenLoginCredential'. Please note 'UsernamePasswordLoginCredential' and 'SessionLoginCredential' are deprecated. VerifiableAsymmetricLoginCredential is used for internal purpose only.",
"readonly": false,
"required": false,
"title": "Login credentials for the compute manager"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extension_certificate": {
"$ref": "CertificateData",
"description": "Specifies certificate for compute manager extension registered on vCenter.",
"readonly": false,
"required": false,
"title": "Specifies certificate for compute manager extension"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"multi_nsx": {
"default": false,
"description": "Enable this flag to manage same compute manager by multiple nsx.",
"readonly": false,
"required": false,
"title": "Specifies whether multi nsx feature is enabled for compute manager",
"type": "boolean"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair"
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional specific properties of compute manager",
"type": "array"
},
"origin_type": {
"readonly": false,
"required": true,
"title": "Compute manager type like vCenter",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"reverse_proxy_https_port": {
"default": 443,
"description": "Specifies https port of the reverse proxy to connect to compute manager. For e.g. In case of VC, this port can be retrieved from this config file /etc/vmware-rhttpproxy/config.xml.",
"maximum": 65535,
"minimum": 1,
"readonly": false,
"required": false,
"title": "Proxy https port of compute manager",
"type": "integer"
},
"server": {
"format": "hostname-or-ip",
"readonly": false,
"required": true,
"title": "IP address or hostname of compute manager",
"type": "string"
},
"set_as_oidc_provider": {
"default": true,
"description": "If the compute manager is VC and need to set set as OIDC provider for NSX then this flag should be set as true. This is specific to wcp feature, should be enabled when this feature is being used.",
"readonly": false,
"required": false,
"title": "Specifies whether compute manager has been set as OIDC provider",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"vpc_access_level": {
"default": "FULL",
"description": "Defines representation and consumption of VPCs from default Project in vCenter: - Full Access: VPC and Subnet available for configuration from vCenter - READONLY: VPC and Subnet available in vCenter for read only access from vCenter - DISABLED: No VPC objects in vCenter, networks are represented as PortGroup under relevant VDS",
"enum": [
"FULL",
"READONLY",
"DISABLED"
],
"nsx_feature": "VpcInvCenter",
"readonly": false,
"required": false,
"title": "VPC access level",
"type": "string"
}
},
"type": "object"
}
ComputeManagerListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ComputeManagerListRequestParameters",
"module_id": "InventoryCmObj",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"origin_type": {
"readonly": false,
"required": false,
"title": "Compute manager type like vCenter",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"server": {
"format": "hostname-or-ip",
"readonly": false,
"required": false,
"title": "IP address or hostname of compute manager",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Compute manager list parameters",
"type": "object"
}
ComputeManagerListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ComputeManagerListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComputeManager"
},
"required": true,
"title": "List of compute managers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of compute managers",
"type": "object"
}
ComputeManagerStatus (type)
{
"additionalProperties": false,
"id": "ComputeManagerStatus",
"module_id": "InventoryCmObj",
"properties": {
"connection_errors": {
"help_detail": "Errors will be cleared after successful connection",
"items": {
"$ref": "ErrorInfo"
},
"readonly": true,
"required": false,
"title": "Errors when connecting with compute manager",
"type": "array"
},
"connection_status": {
"enum": [
"UP",
"DOWN",
"CONNECTING"
],
"readonly": true,
"required": false,
"title": "Status of connection with the compute manager",
"type": "string"
},
"connection_status_details": {
"help_detail": "Details, if any, about the current status of the connection with the compute manager",
"readonly": true,
"required": false,
"title": "Details about connection status",
"type": "string"
},
"last_sync_time": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": false,
"title": "Timestamp of the last successful update of Inventory, in epoch milliseconds."
},
"oidc_end_point_id": {
"description": "If Compute manager is trusted as authorization server, then this Id will be Id of corresponding oidc end point.",
"readonly": true,
"required": false,
"title": "Specifies Id of corresponding OidcEndPoint",
"type": "string"
},
"registration_errors": {
"help_detail": "Errors will be cleared after successful registration",
"items": {
"$ref": "ErrorInfo"
},
"readonly": true,
"required": false,
"title": "Errors when registering with compute manager",
"type": "array"
},
"registration_status": {
"enum": [
"REGISTERED",
"UNREGISTERED",
"REGISTERING",
"REGISTERED_WITH_ERRORS"
],
"readonly": true,
"required": false,
"title": "Registration status of compute manager",
"type": "string"
},
"version": {
"readonly": true,
"required": false,
"title": "Version of the compute manager",
"type": "string"
}
},
"title": "Runtime status information of the compute manager",
"type": "object"
}
Condition (type)
{
"additionalProperties": false,
"description": "Represents the leaf level condition. Evaluation of the condition expression will be case insensitive.",
"extends": {
"$ref": "Expression"
},
"id": "Condition",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "Condition"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"exclude": {
"$ref": "ExcludedMembersList",
"description": "List of members to be excluded from the condition. This field is applicable only for condition representing the list of malicious IPs. Only IPAddressExpression and PathExpression are supported. The PathExpression should have paths of Groups that of the group_type IPAddress. Multiple PathExpressions are not supported here.",
"required": false,
"title": "Members to be excluded from the condition"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key": {
"enum": [
"Tag",
"Name",
"OSName",
"ComputerName",
"NodeType",
"GroupType",
"ALL",
"IPAddress",
"PodCidr",
"ManagementInterface",
"OSVersion"
],
"required": true,
"title": "Key",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_type": {
"description": "For global groups (groups created from Global Manager), the supported Member Types are - VirtualMachine, Segment, SegmentPort, Group, DVPG and DVPort. For local groups (groups created on the local policy manager), the supported member types are IPSet, VirtualMachine, LogicalPort, LogicalSwitch, Segment, SegmentPort, Pod, Service, Namespace, TransportNode, Group, DVPG, DVPort, KubernetesCluster, KubernetesNamespace, AntreaEgress, AntreaIPPool, KubernetesIngress, KubernetesGateway, KubernetesService, KubernetesNode, BareMetalServer and BareMetalServerInterface. Support for LogicalPort and LogicalSwitch has been removed. Please use Segment and SegmentPort instead. Support for IPSet member type will be removed in the future. We recommend to create AntreaIPPool, KubernetesIngress, KubernetesGateway, KubernetesService and KubernetesNode, BareMetalServer and BareMetalServerInterface. Support for IPSet member type will be removed in the future. We recommend to create criterion with Group as the member type instead of IPSet.",
"enum": [
"IPSet",
"VirtualMachine",
"LogicalPort",
"LogicalSwitch",
"Segment",
"SegmentPort",
"Pod",
"Service",
"Namespace",
"TransportNode",
"Group",
"DVPG",
"DVPort",
"IPAddress",
"VpcSubnet",
"KubernetesCluster",
"KubernetesNamespace",
"AntreaEgress",
"AntreaIPPool",
"KubernetesIngress",
"KubernetesGateway",
"KubernetesService",
"KubernetesNode",
"VpcSubnetPort",
"BareMetalServer",
"BareMetalServerInterface"
],
"required": true,
"title": "Group member type",
"type": "string"
},
"operator": {
"description": "Operator is made non-mandatory to support Segment and SegmentPort tag based expression. To evaluate expression for other types, operator value should be provided.",
"enum": [
"EQUALS",
"CONTAINS",
"STARTSWITH",
"ENDSWITH",
"NOTEQUALS",
"NOTIN",
"MATCHES",
"IN"
],
"required": false,
"title": "operator",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression",
"GeoLocationExpression"
],
"required": true,
"type": "string"
},
"scope_operator": {
"description": "Default operator when not specified explicitly would be considered as EQUALS. If value for Condition is empty, then condition will not be evaluated. For example, Condition with key as Tag and value as \"|tag\" would be evaluated for tag value not for empty scope value.",
"enum": [
"EQUALS",
"NOTEQUALS"
],
"required": false,
"title": "operator",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"value": {
"minLength": 1,
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "Represents the leaf level condition",
"type": "object"
}
ConditionStatus (type)
{
"description": "Antrea Component condition status shared by all component condition.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"id": "ConditionStatus",
"module_id": "PolicyAntreaMonitoring",
"title": "Antrea Component condition status",
"type": "string"
}
ConditionalForwarderStatistics (type)
{
"additionalProperties": false,
"id": "ConditionalForwarderStatistics",
"module_id": "PolicyVpcStatistics",
"properties": {
"domain_names": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Domain names.",
"type": "array"
},
"upstream_statistics": {
"items": {
"$ref": "UpstreamStatistics"
},
"readonly": true,
"required": false,
"title": "Upstream Statistics for DNS Forwarder Enforcement.",
"type": "array"
}
},
"type": "object"
}
ConditionalForwarderZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ForwarderZone"
},
"id": "ConditionalForwarderZone",
"module_id": "DnsForwarder",
"properties": {
"domain_names": {
"description": "A forwarder domain name should be a valid FQDN. If reverse lookup is needed for this zone, reverse lookup domain name like X.in-addr.arpa can be defined. Here the X represents a subnet.",
"items": {
"type": "string"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Domain names of a forwarder zone",
"type": "array"
},
"source_ip": {
"$ref": "IPv4Address",
"description": "The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used.",
"required": false,
"title": "Source ip of the forwarder"
},
"upstream_servers": {
"description": "Ip address of the upstream DNS servers the DNS forwarder accesses.",
"items": {
"$ref": "IPv4Address"
},
"maxItems": 3,
"minItems": 1,
"required": true,
"title": "Ips of upsteam DNS servers",
"type": "array"
}
},
"type": "object"
}
ConditionalValueConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level expression to restrict the target attribute value based on the set of existing values. Generally, used in combination with RelatedAttributeConditionalExpression to constraint the values related to another attribute on the same resource. This object is always used in conjunction with some exression. Example - { \"condition\" : { \"operator\":\"INCLUDES\", \"rhs_value\": [\"/infra/domains/mgw/groups/VCENTER\", \"/infra/domains/mgw/groups/SRM\", \"/infra/domains/mgw/groups/NSX\"], \"value_constraint\": { \"resource_type\": \"ValueConstraintExpression\", \"operator\":\"EXCLUDES\", \"values\":[\"/infra/domains/mgw/groups/VCENTER\", \"/infra/domains/mgw/groups/SRM\", \"/infra/domains/mgw/groups/NSX\"] } }",
"id": "ConditionalValueConstraintExpression",
"module_id": "PolicyConstraints",
"properties": {
"operator": {
"description": "INCLUDES_ANY operator supported only for StringArrayConstraintValue",
"enum": [
"INCLUDES",
"INCLUDES_ANY",
"EXCLUDES",
"EQUALS"
],
"required": true,
"title": "Set operation to constraint values.",
"type": "string"
},
"rhs_value": {
"description": "List of values.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of values to perform operation.",
"type": "array"
},
"rhs_value_with_type": {
"$ref": "ConstraintValue",
"description": "List of values.",
"required": false,
"title": "Array of values to perform operation."
},
"value_constraint": {
"$ref": "ValueConstraintExpression",
"description": "Values to apply the conditional constraint on target.",
"required": true,
"title": "Value Constraint"
}
},
"title": "Represents the leaf level conditional value constraint.",
"type": "object"
}
ConfigState (type)
{
"additionalProperties": false,
"description": "Configuration State. | SANDBOXED_REALIZATION_PENDING - This is applicable to only Global intent in the NSX+ platform. The intent in this state indicates that the Global intent is having a conflict with local intent in the corresponding site and it is sandboxed in an intent logical store. Also the realization is pending until the conflict is resolved. Policy Alarm will be genereated and notified to the NSX+ admin to alert the user to take action to resolve the conflicts.",
"enum": [
"SUCCESS",
"IN_PROGRESS",
"ERROR",
"UNKNOWN",
"UNINITIALIZED",
"SANDBOXED_REALIZATION_PENDING"
],
"id": "ConfigState",
"module_id": "PolicyRealizedState",
"title": "Config State",
"type": "string"
}
ConfigType (type)
{
"enum": [
"nsxa-state",
"nsxa-edge-cluster",
"nsxa-lrouter",
"nsxa-service-router",
"nestdb",
"edge-agent",
"dataplane",
"nsd",
"manager",
"controller",
"core"
],
"id": "ConfigType",
"title": "Config Type",
"type": "string"
}
ConfigurationState (type)
{
"id": "ConfigurationState",
"module_id": "Common",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Describes status of configuration of an entity",
"type": "object"
}
ConfigurationStateElement (type)
{
"id": "ConfigurationStateElement",
"module_id": "Common",
"properties": {
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"enum": [
"in_progress",
"success",
"failed",
"partial_success",
"in_sync",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_FAILED",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_FAILED",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"EDGE_CONFIG_ERROR",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_NETWORK_EDIT_PENDING",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"NOT_AVAILABLE",
"REGISTRATION_TIMEDOUT",
"ADVANCED_CONFIG_EDIT_FAILED",
"VM_RESOURCE_RESERVATION_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"pending",
"orphaned",
"unknown",
"error",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_POWER_ON_IN_PROGRESS",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_SUCCESSFUL",
"VM_DEPLOYMENT_RESTARTED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_READY",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"ADVANCED_CONFIG_EDIT_PENDING",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_IN_PROGRESS",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "State of configuration on this sub system",
"type": "string"
},
"sub_system_address": {
"readonly": true,
"required": false,
"title": "URI of backing resource on sub system",
"type": "string"
},
"sub_system_id": {
"readonly": true,
"required": false,
"title": "Identifier of backing resource on sub system",
"type": "string"
},
"sub_system_name": {
"readonly": true,
"required": false,
"title": "Name of backing resource on sub system",
"type": "string"
},
"sub_system_type": {
"readonly": true,
"required": false,
"title": "Type of backing resource on sub system",
"type": "string"
}
},
"title": "Describes status of configuration of an entity",
"type": "object"
}
ConjunctionOperator (type)
{
"additionalProperties": false,
"description": "Represents the operators AND or OR.",
"extends": {
"$ref": "Expression"
},
"id": "ConjunctionOperator",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ConjunctionOperator"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"conjunction_operator": {
"enum": [
"OR",
"AND"
],
"required": true,
"title": "Conjunction Operator Node",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression",
"GeoLocationExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents the operators AND or OR",
"type": "object"
}
ConnectivityAdvancedConfig (type)
{
"additionalProperties": false,
"id": "ConnectivityAdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {
"connectivity": {
"default": "ON",
"description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity.",
"enum": [
"ON",
"OFF"
],
"required": false,
"title": "Connectivity configuration",
"type": "string"
}
},
"title": "Advanced configuration for Policy connectivity",
"type": "object"
}
ConsistencyCheckComponentReport (type)
{
"description": "Consistency check report for component [EDGE/HOST/MP]",
"id": "ConsistencyCheckComponentReport",
"module_id": "ConsistencyCheck",
"properties": {
"component_type": {
"description": "Component type based on which consistency report is to be generated",
"readonly": true,
"required": true,
"title": "Component type based on which consistency report is to be generated",
"type": "string"
},
"drop_stats": {
"description": "Consistency checks for traffic drop statistics",
"items": {
"$ref": "ConsistencyCheckDropStats"
},
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": false,
"title": "Consistency checks for traffic drop statistics",
"type": "array"
},
"forward_stats": {
"description": "Consistency checks for forward traffic statistics",
"items": {
"$ref": "ConsistencyCheckForwardStats"
},
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": false,
"title": "Consistency checks for forward traffic statistics",
"type": "array"
},
"realization_failure": {
"$ref": "ConsistencyCheckRealizationFailure",
"description": "Consistency checks for realization failures",
"nsx_feature": "UpgradeConsistencyCheckerRealizationFailure",
"readonly": true,
"required": false,
"title": "Consistency checks for realization failures"
},
"state": {
"description": "Current state of the consistency checker function",
"enum": [
"NOT_STARTED",
"PRE_UPGRADE_COLLECTED",
"IN_PROGRESS",
"POST_UPGRADE_COMPLETED"
],
"readonly": true,
"required": true,
"title": "State of the consistency checker",
"type": "string"
}
},
"title": "Consistency check report for component",
"type": "object"
}
ConsistencyCheckComponentReportCsvRecord (type)
{
"description": "Consistency check report for component [EDGE/HOST/MP]",
"extends": {
"$ref": "CsvRecord"
},
"id": "ConsistencyCheckComponentReportCsvRecord",
"module_id": "ConsistencyCheck",
"properties": {
"component_report_state": {
"description": "Current state of the consistency checker function",
"enum": [
"NOT_STARTED",
"PRE_UPGRADE_COLLECTED",
"IN_PROGRESS",
"POST_UPGRADE_COMPLETED"
],
"readonly": true,
"required": true,
"title": "State of the consistency checker",
"type": "string"
},
"component_type": {
"description": "Component type based on which consistency report is to be generated",
"readonly": true,
"required": true,
"title": "Component type based on which consistency report is to be generated",
"type": "string"
},
"drop_stats_cluster_id": {
"description": "Unique identifier for cluster where drop outliers were detected",
"readonly": true,
"required": true,
"title": "Unique identifier for cluster where drop outliers were detected",
"type": "string"
},
"drop_stats_cluster_name": {
"description": "Cluster name where drop traffic outliers were detected",
"readonly": true,
"required": true,
"title": "Cluster name where drop traffic outliers were detected",
"type": "string"
},
"drop_stats_deviation": {
"description": "Number of standard deviations away from the mean",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Number of standard deviations away from the mean",
"type": "number"
},
"drop_stats_drop_pps": {
"description": "Average packets being dropped per second across the cluster",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Average packets being dropped per second across the cluster",
"type": "number"
},
"drop_stats_observed_until": {
"description": "Timestamp till the packet drop rate, i.e. drop outlier was detected",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Timestamp till the packet drop rate, i.e. drop outlier was detected",
"type": "string"
},
"drop_stats_pnic_rx_pps": {
"description": "Average packets being received per second for physical nic across the cluster",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Average packets being received per second for physical nic across the cluster",
"type": "number"
},
"drop_stats_pnic_tx_pps": {
"description": "Average packets being transmitted per second for physical nic across the cluster",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Average packets being transmitted per second for physical nic across the cluster",
"type": "number"
},
"drop_stats_start_time": {
"description": "Timestamp when the packet drop rate, i.e. drop outlier was detected",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Timestamp when the packet drop rate, i.e. drop outlier was detected",
"type": "string"
},
"drop_stats_total_outliers": {
"description": "Total number of outliers for traffic drop statistics",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Total number of outliers for traffic drop statistics",
"type": "integer"
},
"drop_stats_vnic_rx_pps": {
"description": "Average packets being received per second for virtual nic across the cluster",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Average packets being received per second for virtual nic across the cluster",
"type": "number"
},
"drop_stats_vnic_tx_pps": {
"description": "Average packets being transmitted per second for virtual nic across the cluster",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": true,
"title": "Average packets being transmitted per second for virtual nic across the cluster",
"type": "number"
},
"drop_stats_warning_msg": {
"description": "Warning message indicating the number of outliers with respect to traffic drop statistics",
"nsx_feature": "UpgradeConsistencyCheckerDropStatsCollection",
"readonly": true,
"required": false,
"title": "Warning message indicating the number of outliers with respect to traffic drop statistics",
"type": "string"
},
"forward_stats_cluster_id": {
"description": "Unique identifier for cluster where forward outliers were detected",
"readonly": true,
"required": true,
"title": "Unique identifier for cluster where forward outliers were detected",
"type": "string"
},
"forward_stats_cluster_name": {
"description": "Cluster name where forward traffic outliers were detected",
"readonly": true,
"required": true,
"title": "Cluster name where forward traffic outliers were detected",
"type": "string"
},
"forward_stats_deviation": {
"description": "Number of standard deviations away from the mean",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": true,
"title": "Number of standard deviations away from the mean",
"type": "number"
},
"forward_stats_observed_until": {
"description": "Timestamp when the packet forward rate drop, i.e. forward outlier was detected",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": true,
"title": "Timestamp till the packet forward rate drop, i.e. forward outlier was detected",
"type": "string"
},
"forward_stats_pnic_rx_pps": {
"description": "Forward Packets received per second for physical nic",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": true,
"title": "Forward packets received per second for physical nic",
"type": "number"
},
"forward_stats_pnic_tx_pps": {
"description": "Forward packets transmitted per second for physical nic",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": true,
"title": "Forward packets transmitted per second for physical nic",
"type": "number"
},
"forward_stats_start_time": {
"description": "Timestamp when the packet forward rate drop, i.e. forward outlier was detected",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": true,
"title": "Timestamp when the packet forward rate drop, i.e. forward outlier was detected",
"type": "string"
},
"forward_stats_total_outliers": {
"description": "Total number of outliers for forward traffic statistics",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": true,
"title": "Total number of outliers for forward traffic statistics",
"type": "integer"
},
"forward_stats_vnic_rx_pps": {
"description": "Forward packets received per second for virtual nic",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": true,
"title": "Forward packets received per second for virtual nic",
"type": "number"
},
"forward_stats_vnic_tx_pps": {
"description": "Forward Packets transmitted per second for virtual nic",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": true,
"title": "Forward packets transmitted per second for virtual nic",
"type": "number"
},
"forward_stats_warning_msg": {
"description": "Warning message indicating the number of outliers with respect to forward traffic statistics",
"nsx_feature": "UpgradeConsistencyCheckerForwardStatsCollection",
"readonly": true,
"required": false,
"title": "Warning message indicating the number of outliers with respect to forward traffic statistics",
"type": "string"
},
"realization_failure_object_path": {
"description": "Path of the policy object",
"readonly": true,
"required": true,
"title": "Path of the policy object",
"type": "string"
},
"realization_failure_object_status": {
"description": "Last seen failure status of the policy object",
"readonly": true,
"required": true,
"title": "Last seen failure status of the policy object",
"type": "string"
},
"realization_failure_timestamp": {
"description": "Timestamp when the failure was last seen of the policy object",
"readonly": true,
"required": true,
"title": "Timestamp when the failure was last seen of the policy object",
"type": "string"
},
"realization_failure_total": {
"description": "Total number of policy objects that have failed to realize",
"readonly": true,
"required": true,
"title": "Total number of policy objects that have failed to realize",
"type": "integer"
},
"realization_failure_warning_msg": {
"description": "Warning message indicating the number of policy objects that have failed realization",
"readonly": true,
"required": false,
"title": "Warning message indicating the number of policy objects that have failed realization",
"type": "string"
}
},
"title": "Consistency check report for component",
"type": "object"
}
ConsistencyCheckDropStats (type)
{
"description": "Consistency checks for traffic drop statistics",
"id": "ConsistencyCheckDropStats",
"module_id": "ConsistencyCheck",
"properties": {
"cluster_id": {
"description": "Cluster id for drop traffic outliers",
"readonly": true,
"required": true,
"title": "Cluster id for drop traffic outliers",
"type": "string"
},
"outliers": {
"description": "List of outliers for traffic drop statistics",
"items": {
"$ref": "DropStatsOutlier"
},
"readonly": true,
"required": false,
"title": "List of outliers for traffic drop statistics",
"type": "array"
},
"total_outliers": {
"description": "Total number of outliers for traffic drop statistics",
"readonly": true,
"required": true,
"title": "Total number of outliers for traffic drop statistics",
"type": "integer"
},
"warning_msg": {
"description": "Warning message indicating the number of outliers with respect to traffic drop statistics",
"readonly": true,
"required": false,
"title": "Warning message indicating the number of outliers with respect to traffic drop statistics",
"type": "string"
}
},
"title": "Consistency checks for traffic drop statistics",
"type": "object"
}
ConsistencyCheckForwardStats (type)
{
"description": "Consistency checks for forward traffic statistics",
"id": "ConsistencyCheckForwardStats",
"module_id": "ConsistencyCheck",
"properties": {
"cluster_id": {
"description": "Cluster id for forward traffic outliers",
"readonly": true,
"required": true,
"title": "Cluster id for forward traffic outliers",
"type": "string"
},
"outliers": {
"description": "List of outliers for forward traffic statistics",
"items": {
"$ref": "ForwardStatsOutlier"
},
"readonly": true,
"required": false,
"title": "List of outliers for forward traffic statistics",
"type": "array"
},
"total_outliers": {
"description": "Total number of outliers for forward traffic statistics",
"readonly": true,
"required": true,
"title": "Total number of outliers for forward traffic statistics",
"type": "integer"
},
"warning_msg": {
"description": "Warning message indicating the number of outliers with respect to forward traffic statistics",
"readonly": true,
"required": false,
"title": "Warning message indicating the number of outliers with respect to forward traffic statistics",
"type": "string"
}
},
"title": "Consistency checks for forward traffic statistics",
"type": "object"
}
ConsistencyCheckListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ConsistencyCheckListRequestParameters",
"module_id": "ConsistencyCheck",
"properties": {
"action": {
"readonly": false,
"required": false,
"title": "action to force refresh consistency report to current failures",
"type": "string"
},
"component_type": {
"default": "ALL",
"readonly": false,
"required": false,
"title": "Component type based on which consistency report is to be generated",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"format": {
"readonly": false,
"required": false,
"title": "Component type based on which consistency report is to be generated",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ConsistencyCheckRealizationFailure (type)
{
"description": "Consistency checks for realization failures",
"id": "ConsistencyCheckRealizationFailure",
"module_id": "ConsistencyCheck",
"properties": {
"realization_failures": {
"description": "List of policy objects that have failed to realize",
"items": {
"$ref": "RealizationFailure"
},
"readonly": true,
"required": false,
"title": "List of policy objects that have failed to realize",
"type": "array"
},
"total": {
"description": "Total number of policy objects that have failed to realize",
"readonly": true,
"required": true,
"title": "Total number of policy objects that have failed to realize",
"type": "integer"
},
"warning_msg": {
"description": "Warning message indicating the number of policy objects that have failed realization",
"readonly": true,
"required": false,
"title": "Warning message indicating the number of policy objects that have failed realization",
"type": "string"
}
},
"title": "Consistency checks for realization failures",
"type": "object"
}
ConsistencyCheckReport (type)
{
"description": "Consistency check report for all components",
"extends": {
"$ref": "ListResult"
},
"id": "ConsistencyCheckReport",
"module_id": "ConsistencyCheck",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Consistency Check Report for respective components",
"items": {
"$ref": "ConsistencyCheckComponentReport"
},
"readonly": true,
"required": true,
"title": "Consistency Check Report for respective components",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Consistency check report",
"type": "object"
}
ConsistencyCheckReportInCsvFormat (type)
{
"description": "Consistency check report for all components",
"extends": {
"$ref": "CsvListResult"
},
"id": "ConsistencyCheckReportInCsvFormat",
"module_id": "ConsistencyCheck",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"description": "Consistency Check Report for respective components",
"items": {
"$ref": "ConsistencyCheckComponentReportCsvRecord"
},
"readonly": true,
"required": true,
"title": "Consistency Check Report for respective components",
"type": "array"
}
},
"title": "Consistency check report",
"type": "object"
}
ConsolidatedAPIListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ConsolidatedAPIListRequestParameters",
"module_id": "GroupingObjectsProviders",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_filter": {
"$ref": "IPElement",
"description": "This filter can be used to verify an ip membership in the effective results",
"required": false,
"title": "An IPAddress or subnet for filtering the results."
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"site_id": {
"required": false,
"title": "UUID of the site from which the effective IP addresses are to be fetched\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Consolidated effective IP addresses API list request parameters",
"type": "object"
}
ConsolidatedEffectiveIPAddressMemberListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ConsolidatedEffectiveIPAddressMemberListResult",
"module_id": "GroupingObjectsProviders",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EffectiveIPInfo"
},
"required": true,
"title": "Paged Collection of site wise consolidated effective ip addresses for the given NSGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ConsolidatedEffectiveIPListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the pass through type api that get data from the Enforcement point. Enforcement point is mandatory for this request.",
"extends": {
"$ref": "ConsolidatedAPIListRequestParameters"
},
"id": "ConsolidatedEffectiveIPListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point on which the API needs to be executed. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_filter": {
"$ref": "IPElement",
"description": "This filter can be used to verify an ip membership in the effective results",
"required": false,
"title": "An IPAddress or subnet for filtering the results."
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"site_id": {
"required": false,
"title": "UUID of the site from which the effective IP addresses are to be fetched\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Consolidated API Realization list request params",
"type": "object"
}
ConsolidatedRealizedStatus (type)
{
"additionalProperties": false,
"description": "Consolidated Realized Status of an intent object across enforcement points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo"
},
"id": "ConsolidatedRealizedStatus",
"module_id": "PolicyRealizedState",
"properties": {
"consolidated_status": {
"$ref": "ConsolidatedStatus",
"description": "Consolidated Realized Status across enforcement points.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"consolidated_status_per_enforcement_point": {
"description": "List of Consolidated Realized Status per enforcement point.",
"items": {
"$ref": "ConsolidatedStatusPerEnforcementPoint"
},
"readonly": true,
"title": "List of Consolidated Realized Status per Enforcement Point",
"type": "array"
},
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"intent_version": {
"description": "Represent highest intent version across all realized objects",
"readonly": true,
"title": "Intent version for the status",
"type": "string"
},
"publish_status": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Aggregated Realization state of this object",
"type": "string"
},
"publish_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"site_uuid": {
"description": "Site UUID supplied for realized site.",
"title": "id of Site",
"type": "string"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization.",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
}
},
"title": "Consolidated Realized Status for an Intent Object",
"type": "object"
}
ConsolidatedStatus (type)
{
"additionalProperties": false,
"description": "Consolidated Status of an intent object. Status Consolidation of an intent happens at multiple levels: - Per Enforcement Point: calculation of the consolidated status is performed using all realized entities that the intent objet maps to on a specific enforcement point. - Across Enforcement Points: calculation of the consolidated status is performend aggregating the consolidated status from each enforcement point.",
"id": "ConsolidatedStatus",
"module_id": "PolicyRealizedState",
"properties": {
"consolidated_status": {
"$ref": "ConfigState",
"description": "Consolidated Realized Status of an intent object.",
"readonly": true,
"title": "Consolidated Realized Status"
}
},
"title": "Consolidated Status",
"type": "object"
}
ConsolidatedStatusNsxT (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status of an intent object on an NSX-T type of enforcement point.",
"extends": {
"$ref": "ConsolidatedStatusPerEnforcementPoint"
},
"id": "ConsolidatedStatusNsxT",
"module_id": "PolicyRealizationStatus",
"polymorphic-type-descriptor": {
"type-identifier": "ConsolidatedStatusNsxT"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm",
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus",
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforced_status": {
"$ref": "EnforcedStatusDetailsNsxT",
"description": "Detailed Realized Status inherent to an NSX-T Enforcement Point.",
"readonly": true,
"title": "Enforced Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "NSX-T Consolidated Status",
"type": "object"
}
ConsolidatedStatusPerEnforcementPoint (type)
{
"additionalProperties": false,
"description": "Consolidated Realized Status Per Enforcement Point.",
"extends": {
"$ref": "BaseConsolidatedStatusPerEnforcementPoint"
},
"id": "ConsolidatedStatusPerEnforcementPoint",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "ConsolidatedStatusPerEnforcementPoint"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm",
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus",
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "Consolidated Realized Status Per Enforcement Point",
"type": "object"
}
ConstantFieldValue (type)
{
"additionalProperties": false,
"description": "Constant Field Value.",
"extends": {
"$ref": "FieldSettingValue"
},
"id": "ConstantFieldValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "ConstantFieldValue"
},
"properties": {
"constant": {
"description": "Constant Value that the field must be set to.",
"title": "Constant Value",
"type": "object"
},
"resource_type": {
"description": "Field Setting Value resource type.",
"enum": [
"ConstantFieldValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Constant Field Value",
"type": "object"
}
Constraint (type)
{
"additionalProperties": false,
"description": "Constraint object to constraint any attribute on a resource based on specified expression. Example- Restrict the allowed services in Edge Communication Entry to list of services, if the destinationGroups contain vCenter. { \"target\":{ \"target_resource_type\":\"CommunicationEntry\", \"attribute\":\"services\", \"path_prefix\":\"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries\" } \"constraint_expression\":{ \"related_attribute\":{ \"attribute\":\"destinationGroups\" } \"condition\":{ \"operator\":\"INCLUDES\", \"rhs_value\":{\"vCenter\"} \"value_constraint\":{ \"operator\":\"ALLOW\", \"values\":{\"/ref/services/HTTPS\", \"/ref/services/HTTOP\", ...} } } } }",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "Constraint",
"module_id": "PolicyConstraints",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"constraint_expression": {
"$ref": "ConstraintExpression",
"deprecated": true,
"description": "This property is deprecated. Please use the \"constraint_expressions\" property instead to specify one or more constraint expressions. If this property is populated, then the \"constraint_expressions\" value is ignored.",
"required": false,
"title": "Expression to constrain the target attribute value."
},
"constraint_expressions": {
"descripiton": "An array of expressions. Note that if the deprecated property\n\"constraint_expression\" has a value then this property is\nignored. Please empty out the value of \"constraint_expression\"\nbefore using this property.\n",
"items": {
"$ref": "ConstraintExpression"
},
"required": false,
"title": "Expressions to constrain the target attribute value.",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"message": {
"required": false,
"title": "User friendly message to be shown to users upon violation.",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target": {
"$ref": "ConstraintTarget",
"deprecated": true,
"description": "This property is deprecated. Please use the \"targets\" property instead to specify one or more targets. If this property is populated, then the \"targets\" value is ignored.",
"required": false,
"title": "Target resource attribute details."
},
"target_owner_type": {
"descripiton": "Every target resource in the policy tree is owned by either local LM or remote GM/LM.\nThis target_owner_type property helps to apply constraints exclusively to only targets which are managed\nby Gloal policy manager Or local policy manager.\nGM: Target's owner type GM indicates that apply constraints to targets that are owned by GM\n this is supported on both GM/NSX+ and LM.\n On LM , Setting this owner type is not support for EntityInstanceCount Expression.\nLM: Target's owner type LM indicates that apply constraints to targets that are owned by\n local policy manager. With owner_type as LM, Constraint will not be applied to targets owned by\n GM. This owner_type is not allowed on GM/NSX+. User can configure this type only on local SDDC/LM.\n On LM , Setting this owner type is not support for EntityInstanceCount Expression.\nALL: Default type. This indicates that constraints will be applied to all\n targets either local or remote. This is supported only on LM.\nDefault owner type is \"GM\" on NSX+/GM, whereas on LM, default is \"ALL\".\n",
"enum": [
"GM",
"LM",
"ALL"
],
"required": false,
"title": "Constraint target's owner type",
"type": "string"
},
"targets": {
"descripiton": "An array of targets to apply constraints. Note that if the\ndeprecated property \"target\" has a value then this property\nis ignored. Please empty out the value of \"target\" before using\nthis property.\n",
"items": {
"$ref": "ConstraintTarget"
},
"required": false,
"title": "Collection of target resources attribute details.",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Constraint definition.",
"type": "object"
}
ConstraintExpression (type)
{
"abstract": true,
"description": "All the types of the expression extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "ManagedResource"
},
"id": "ConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base class for constraint expression",
"type": "object"
}
ConstraintGlobalConfig (type)
{
"additionalProperties": false,
"description": "Global Constraint configuration.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "ConstraintGlobalConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"include_system_resources": {
"default": false,
"description": "If true, resources that are created by the system (i.e create_user set to SYSTEM_USER) will be included as part of counting the created entity instances while evaulating the EntityInstanceCountConstraintExpression type constraint. By default, these resources are not included as part of evaluating the count expression",
"required": false,
"title": "Include policy resources that are created by system in EntityInstanceCountConstraintExpression constraint",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Constraint configuration",
"type": "object"
}
ConstraintListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ConstraintListResult",
"module_id": "PolicyConstraints",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Constraint"
},
"required": true,
"title": "Constraint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Constraints",
"type": "object"
}
ConstraintTarget (type)
{
"additionalProperties": false,
"description": "Resource attribute on which constraint should be applied. Example - sourceGroups attribute of Edge CommunicationEntry to be restricted, is given as: { \"target_resource_type\":\"CommunicationEntry\", \"attribute\":\"sourceGroups\", \"path_prefix\":\"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries\" }",
"id": "ConstraintTarget",
"module_id": "PolicyConstraints",
"properties": {
"attribute": {
"required": false,
"title": "Attribute name of the target entity.",
"type": "string"
},
"path_prefix": {
"description": "Path prefix of the entity to apply constraint. It should be a valid string prefix for policy path. This is required to further disambiguiate if multiple policy entities share the same resource type. Example - Edge FW and DFW use the same resource type CommunicationMap, CommunicationEntry, Group, etc. For multi-tenancy path-prefixes (i.e. path starting with /orgs) following values are supported: 1. When constraint is created under '/infra/constraints/' OR under '/orgs/<org-id>/projects/<default-project>/infra/constraints/' then '/orgs/<org-id>/projects/<project-id>/' value is supported. 2. When constraint is created under custom project i.e. '/orgs/<org-id>/projects/<project-id>/infra/constraints/' then '/orgs/<org-id>/projects/<project-id>/vpcs/<vpc-id>/' value is supported.",
"required": false,
"title": "Path prefix of the entity to apply constraint.\n",
"type": "string"
},
"target_resource_type": {
"description": "Target resource type accepts input as DTO Type and or FQDN. It also supports dot format like SecurityPolicy.Rule in a scenario where same DTO type shared across across policy sub tree. For example DTO type Rule shared by both security policy and gateway policy rules. So to specify any constraint for Security policy rule, user can define the target resource type as SecurityPolicy.Rule.",
"required": false,
"title": "Resource type of the target entity. This is required in case the\nconstraint expressions do not specify target resource type.\n",
"type": "string"
}
},
"title": "Resource attribute on which constraint should be applied.",
"type": "object"
}
ConstraintValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the types of value extend from this abstract class. This is present for extensibility.",
"id": "ConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
}
},
"title": "Base class for each value configuration",
"type": "object"
}
ContainerApplication (type)
{
"description": "Container application within a project.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerApplication",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cluster_ips": {
"description": "The IPv4 and IPv6 clusterIPs of the container application.",
"items": {
"$ref": "IPAddress"
},
"readonly": false,
"required": false,
"title": "List of cluster IPs",
"type": "array"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this container application belongs to.",
"readonly": true,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this container application belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container application on container cluster e.g. PCF app id, k8s service id.",
"readonly": false,
"required": true,
"title": "External identifier of the container application",
"type": "string"
},
"load_balancer_ingress": {
"description": "Specifies list of load-balancer ingress points",
"items": {
"$ref": "ContainerLoadBalancerIngress"
},
"readonly": false,
"required": false,
"title": "List of load-balancer ingress points",
"type": "array"
},
"network_errors": {
"description": "List of network errors related to container application.",
"items": {
"$ref": "NetworkError"
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container application.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container application",
"type": "string"
},
"node_port_local_endpoints": {
"description": "Specifies list of local endpoint, when service is NodePortLocal.",
"items": {
"$ref": "NodePortLocalEndpoint"
},
"readonly": false,
"required": false,
"title": "List of NodePortLocalEndpoint",
"type": "array"
},
"origin_properties": {
"description": "Array of additional specific properties of container application in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"service_ports": {
"description": "Specifies list of service port.",
"items": {
"$ref": "ContainerServicePort"
},
"readonly": false,
"required": false,
"title": "List of service port",
"type": "array"
},
"status": {
"description": "Status of the container application.",
"enum": [
"UNKNOWN",
"HEALTHY",
"UP",
"DOWN",
"DEGRADED"
],
"readonly": false,
"required": false,
"title": "Status of the container application",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"descrption": "Specifies the type of container application. e.g. In case of Kubernetes\ncontainer cluster, it specifies type of service like ClusterIP, NodePort,\nLoadBalancer or ExternalName.\n",
"enum": [
"CLUSTER_IP",
"NODE_PORT",
"LOAD_BALANCER",
"EXTERNAL_NAME"
],
"readonly": false,
"required": false,
"title": "Type of container application",
"type": "string"
}
},
"title": "Container application within a project",
"type": "object"
}
ContainerApplicationInstance (type)
{
"description": "Container application instance within a project.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerApplicationInstance",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cluster_node_id": {
"description": "Cluster node id where application instance is running.",
"readonly": false,
"required": false,
"title": "Cluster node id",
"type": "string"
},
"container_application_ids": {
"description": "List of identifiers of the container application.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Identifiers of the container application",
"type": "array"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this application instance belongs to.",
"readonly": true,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the container project which this container application instance belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container application instance on container cluster.",
"readonly": false,
"required": true,
"title": "External identifier of the container application instance",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container application instance.",
"items": {
"$ref": "NetworkError"
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container application instance.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container application instance",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container application instance in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"status": {
"description": "Status of the container application instance.",
"enum": [
"UNKNOWN",
"HEALTHY",
"UP",
"DOWN",
"DEGRADED"
],
"readonly": false,
"required": false,
"title": "Status of the container application instance",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Application Instance",
"type": "object"
}
ContainerApplicationInstanceGroupAssociationRequestParams (type)
{
"description": "List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "ContainerApplicationInstanceGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"pod_id": {
"required": true,
"title": "ContainerApplicationInstance",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path",
"type": "object"
}
ContainerApplicationInstanceListRequestParameters (type)
{
"description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.",
"extends": {
"$ref": "ContainerObjectsListRequestParameters"
},
"id": "ContainerApplicationInstanceListRequestParameters",
"module_id": "InventoryContainerObj",
"properties": {
"container_application_id": {
"description": "Identifier of the container application.",
"readonly": false,
"required": false,
"title": "Identifier of the container application",
"type": "string"
},
"container_cluster_id": {
"description": "Identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the container project.",
"readonly": false,
"required": false,
"title": "Identifier of the container project",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Specifies scope id for container cluster. Default value is same as identifier of the cluster.",
"readonly": false,
"required": false,
"title": "Scope id for container cluster",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container application instance list parameters",
"type": "object"
}
ContainerApplicationInstanceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerApplicationInstanceListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerApplicationInstance"
},
"required": true,
"title": "List of Container Applications",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerApplicationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerApplicationListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerApplication"
},
"required": true,
"title": "List of Container Applications",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerCluster (type)
{
"description": "Details of container cluster.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerCluster",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cluster_ip_ranges": {
"description": "In case of Kubernetes container cluster, it specifies CIDRs that will be assigned to services created on Kubernetes.",
"items": {
"$ref": "IPCIDRBlock"
},
"maxItems": 2,
"readonly": false,
"required": false,
"title": "List of cluster IP range",
"type": "array"
},
"cluster_type": {
"description": "Type of the container cluster. In case of creating container cluster first time, it is expected to pass the valid cluster-type. In case of update, if there is no change in cluster-type, then this field can be omitted in the request.",
"enum": [
"PAS",
"PKS",
"Kubernetes",
"Openshift",
"WCP",
"WCP_Guest",
"AKS",
"EKS",
"TKGm",
"TKGi",
"GKE",
"Gardener",
"Rancher",
"TAS",
"SupervisorCluster",
"WorkloadCluster",
"Other"
],
"readonly": false,
"required": false,
"title": "Type of the container cluster",
"type": "string"
},
"cni_type": {
"default": "Other",
"description": "Specifies Container Network Interface type for container cluster.",
"enum": [
"NCP",
"Antrea",
"Other"
],
"readonly": false,
"required": false,
"title": "CNI type for container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "External identifier of the container cluster",
"type": "string"
},
"infrastructure": {
"$ref": "ContainerInfrastructureInfo",
"description": "Details of underlying infrastructure that hosts the container cluster. In case of creating container cluster first time, it is expected to pass the valid infrastructure. In case of update, if there is no change in cluster-type, then this field can be omitted in the request.",
"readonly": false,
"required": false,
"title": "Details of infrastructure for the container cluster"
},
"network_errors": {
"description": "List of network errors related to container cluster.",
"items": {
"$ref": "NetworkError"
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container cluster.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container cluster",
"type": "string"
},
"node_port_local_range": {
"description": "Specifies the port range to be used for NodePortLocal services.",
"format": "port-or-range",
"readonly": false,
"required": false,
"title": "Node port local range",
"type": "string"
},
"node_port_range": {
"description": "In case of Kubernetes container cluster, it specifies port range to be used for Kubernetes services created with the type NodePort.",
"format": "port-or-range",
"readonly": false,
"required": false,
"title": "Node port range",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container cluster in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"supervisor_project_id": {
"description": "Specifies supervisor container project identifier for cluster.",
"readonly": false,
"required": false,
"title": "Supervisor ContainerProject identifier for cluster",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container cluster",
"type": "object"
}
ContainerClusterFilterParameters (type)
{
"description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ContainerClusterFilterParameters",
"module_id": "InventoryContainerObj",
"properties": {
"container_cluster_id": {
"description": "Identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Specifies scope id for container cluster. Default value is same as identifier of the cluster.",
"readonly": false,
"required": false,
"title": "Scope id for container cluster",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container cluster filter parameter",
"type": "object"
}
ContainerClusterListRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ContainerClusterListRequestParameters",
"module_id": "TnContainerStatus",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"status": {
"$ref": "TnContainerStatusType",
"title": "Container cluster status"
}
},
"type": "object"
}
ContainerClusterListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerClusterListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerCluster"
},
"required": true,
"title": "List of Container Clusters",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerClusterNode (type)
{
"description": "Details of container cluster node i.e. container host.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerClusterNode",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cni_agent_status": {
"description": "Specifies Container Network Interface agent status of container cluster node.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "CNI agent status of container cluster node",
"type": "string"
},
"container_cluster_id": {
"description": "External identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "External identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container cluster node in K8S/PAS.",
"readonly": false,
"required": true,
"title": "External identifier of the container cluster node",
"type": "string"
},
"external_ip_addresses": {
"description": "Specifies list of external ip address of Node.",
"items": {
"$ref": "IPAddress"
},
"readonly": false,
"required": false,
"title": "List of external ip address of Node",
"type": "array"
},
"ip_addresses": {
"description": "List of IP addresses of container cluster node.",
"items": {
"$ref": "IPAddress"
},
"readonly": false,
"required": false,
"title": "IP Addresses of Node",
"type": "array"
},
"network_errors": {
"description": "List of network errors related to container cluster node.",
"items": {
"$ref": "NetworkError"
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container cluster node.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container cluster node",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container cluster node in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"pod_cidrs": {
"description": "In case of Kubernetes container cluster, it represents the IP ranges assigned to the node for usage by Pod on that node.",
"items": {
"$ref": "IPCIDRBlock"
},
"readonly": false,
"required": false,
"title": "List of CIDR of container application instance",
"type": "array"
},
"provider_id": {
"description": "Specifies identifier of container cluster node given by infrastructure provider of container cluster. e.g. in case of vSpehere, it will be instance uuid of worker node virtual machine.",
"readonly": false,
"required": false,
"title": "Provider id of container node",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container cluster node",
"type": "object"
}
ContainerClusterNodeListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerClusterNodeListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerClusterNode"
},
"required": true,
"title": "List of container cluster nodes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerClusterPropertiesFilterParameters (type)
{
"description": "Request object, containing multiple cluster properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "ContainerClusterPropertiesFilterParameters",
"module_id": "InventoryContainerObj",
"properties": {
"cluster_type": {
"description": "This is the type of container cluster.",
"enum": [
"PAS",
"PKS",
"Kubernetes",
"Openshift",
"WCP",
"WCP_Guest",
"AKS",
"EKS",
"TKGm",
"TKGi",
"GKE",
"Gardener",
"Rancher",
"TAS",
"Other"
],
"readonly": false,
"required": false,
"title": "Type of container cluster",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"infra_type": {
"description": "This is the type of container's infrastructure.",
"enum": [
"vSphere",
"AWS",
"Azure",
"Google",
"VMC",
"KVM",
"Baremetal"
],
"readonly": false,
"required": false,
"title": "Type of infrastructure",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Specifies scope id for container cluster. Default value is same as identifier of the cluster.",
"readonly": false,
"required": false,
"title": "Scope id for container cluster",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container cluster filter parameter by cluster properties",
"type": "object"
}
ContainerClusterStatus (type)
{
"id": "ContainerClusterStatus",
"module_id": "TnContainerStatus",
"properties": {
"cluster_id": {
"description": "Identifier of the container cluster.",
"title": "Identifier of the container cluster",
"type": "string"
},
"detail": {
"description": "Detail information on status.",
"title": "Detail information on status",
"type": "string"
},
"interval": {
"description": "Display the cluster check interval in seconds.",
"maximum": 600,
"minimum": 60,
"readonly": true,
"title": "Container cluster status check interval",
"type": "int"
},
"status": {
"$ref": "TnContainerStatusType",
"description": "Display the container cluster status.",
"title": "Container cluster status"
}
},
"type": "object"
}
ContainerClusterStatusList (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "ContainerClusterStatusList",
"module_id": "TnContainerStatus",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Container cluster list.",
"items": {
"$ref": "ContainerClusterSummary"
},
"readonly": true,
"required": false,
"title": "Container cluster list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of the Container cluster",
"type": "object"
}
ContainerClusterSummary (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "ContainerClusterSummary",
"module_id": "TnContainerStatus",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cluster_id": {
"description": "Identifier of the container cluster.",
"readonly": true,
"required": true,
"title": "Identifier of the container cluster",
"type": "string"
},
"cluster_name": {
"description": "Display the container cluster name",
"required": true,
"title": "Container cluster name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"detail": {
"description": "Detail information on status.",
"readonly": true,
"required": false,
"title": "Detail information on status",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "TnContainerStatusType",
"description": "Display the container cluster status.",
"required": true,
"title": "Container cluster status"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ContainerClusterType",
"description": "Container cluster type.",
"title": "Container cluster type"
}
},
"type": "object"
}
ContainerClusterType (type)
{
"additionalProperties": false,
"enum": [
"PAS",
"PKS",
"Kubernetes",
"Openshift",
"WCP",
"Other"
],
"id": "ContainerClusterType",
"module_id": "TnContainerStatus",
"title": "Container cluster type",
"type": "string"
}
ContainerConfiguration (type)
{
"additionalProperties": false,
"description": "Represents a container to group widgets that belong to a common category or have a common purpose.",
"extends": {
"$ref": "WidgetConfiguration"
},
"id": "ContainerConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "ContainerConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource"
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue"
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet",
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer"
},
"header": {
"$ref": "Header"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon"
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"labels": {
"description": "Labels for the container.",
"items": {
"$ref": "Label"
},
"minItems": 0,
"title": "Labels",
"type": "array"
},
"layout": {
"$ref": "Layout",
"deprecated": true,
"description": "Layout of widgets can be either vertical or horizontal. If layout is not specified a default horizontal layout is applied. This property is deprecated. Now the layout inside the container can be taken care with the help of 'rowspan' and 'colspan' property.",
"title": "Layout of widgets inside container"
},
"legend": {
"$ref": "Legend",
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration"
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"widgets": {
"description": "If not specified, creates an empty container.",
"items": {
"$ref": "WidgetItem"
},
"minItems": 0,
"title": "Widgets held by the container",
"type": "array"
}
},
"title": "Container that holds widgets",
"type": "object"
}
ContainerEgress (type)
{
"description": "Details of Container Egress.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerEgress",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this egress belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"egress_ip": {
"description": "Container egress IP.",
"format": "ip",
"readonly": false,
"required": false,
"title": "Container egress IP",
"type": "string"
},
"external_id": {
"description": "Identifier of the container egress.",
"readonly": false,
"required": true,
"title": "External identifier of the container egress",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container egress in key-value format. e.g. key can be externalIPPool, value is a string",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "This specifies yaml definition of ContainerEgress resource. e.g. yaml definition of kubernetes egress resource.",
"readonly": false,
"required": false,
"title": "Container egress specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Egress",
"type": "object"
}
ContainerEgressListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerEgressListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Specifies list of container egress.",
"items": {
"$ref": "ContainerEgress"
},
"required": true,
"title": "List of ContainerEgress",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerGateway (type)
{
"description": "A Gateway describes how traffic can be translated to Services within the container cluster.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerGateway",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"addresses": {
"description": "Specifies addresses which lists the IP addresses that have actually been bound to the gateway.",
"items": {
"$ref": "ContainerGatewayAddress"
},
"readonly": false,
"required": false,
"title": "List of addresses bound to gateway",
"type": "array"
},
"container_cluster_id": {
"description": "Specifies identifier of the container cluster of this container gateway.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Specifies identifier of the container project of this container gateway.",
"readonly": false,
"required": false,
"title": "Identifier of the container project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Specifies identifier of the container gateway.",
"readonly": false,
"required": true,
"title": "External identifier of the container gateway",
"type": "string"
},
"listeners": {
"description": "Specifies list of listeners which defines logical endpoints that are bound on this Gateway's addresses.",
"items": {
"$ref": "ContainerGatewayListener"
},
"readonly": false,
"required": false,
"title": "List of listener",
"type": "array"
},
"origin_properties": {
"description": "Array of additional specific properties of container ip pool in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "This specifies yaml definition of ContainerGateway resource.",
"readonly": false,
"required": false,
"title": "Container gateway specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container gateway",
"type": "object"
}
ContainerGatewayAddress (type)
{
"description": "Specifies an address that can be bound to a container gateway.",
"id": "ContainerGatewayAddress",
"module_id": "InventoryContainerObj",
"properties": {
"address": {
"description": "Specifies address of container gateway.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Address of container gateway",
"type": "string"
},
"type": {
"description": "Specifies type of gateway address. e.g. Hostname, IPAddress, NamedAddress.",
"enum": [
"HOST_NAME",
"IP_ADDRESS",
"NAMED_ADDRESS"
],
"readonly": false,
"required": false,
"title": "Type of gateway address",
"type": "string"
}
},
"title": "Container gateway address",
"type": "object"
}
ContainerGatewayListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerGatewayListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerGateway"
},
"required": true,
"title": "List of Container Gateway",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerGatewayListener (type)
{
"description": "Listener embodies the concept of a logical endpoint where a Gateway accepts network connections.",
"id": "ContainerGatewayListener",
"module_id": "InventoryContainerObj",
"properties": {
"hostname": {
"description": "Specifies the virtual hostname to match for protocol type.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Hostname of gateway listener",
"type": "string"
},
"name": {
"description": "Specifies name of gateway listener",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Name of gateway listener",
"type": "string"
},
"port": {
"description": "Specifies network port of gateway.",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Port of gateway listener",
"type": "integer"
},
"protocol": {
"description": "Specifies the network protocol this listener expects to receive. e.g. HTTP\uff0cHTTPS\uff0cTCP, TLS, UDP.",
"enum": [
"HTTP",
"HTTPS",
"TCP",
"TLS",
"UDP"
],
"readonly": false,
"required": false,
"title": "Protocol of gateway listener",
"type": "string"
}
},
"title": "Container gateway listener",
"type": "object"
}
ContainerInfrastructureInfo (type)
{
"description": "Details of infrastructure hosting the container cluster e.g. vSphere, AWS, VMC etc..",
"id": "ContainerInfrastructureInfo",
"module_id": "InventoryContainerObj",
"properties": {
"infra_type": {
"description": "Type of the infrastructure.",
"enum": [
"vSphere",
"AWS",
"Azure",
"Google",
"VMC",
"KVM",
"Baremetal"
],
"readonly": false,
"required": true,
"title": "Type of the infrastructure",
"type": "string"
}
},
"title": "Details of container infrastructure",
"type": "object"
}
ContainerIngressPolicy (type)
{
"description": "Details of Container Ingress Policy.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerIngressPolicy",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"container_application_ids": {
"description": "List of identifiers of the container application , on which ingress policy is applied. e.g. IDs of all services on which the ingress is applied in kubernetes.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Identifiers of the container application",
"type": "array"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this ingress policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this container ingress belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container ingress policy.",
"readonly": false,
"required": true,
"title": "External identifier of the container ingress policy",
"type": "string"
},
"load_balance_ingress": {
"description": "Specifies list for ingress points for the load balancer.",
"items": {
"$ref": "ContainerLoadBalancerIngress"
},
"readonly": false,
"required": false,
"title": "List of container loadbalancer ingress",
"type": "array"
},
"network_errors": {
"description": "List of network errors related to container ingress.",
"items": {
"$ref": "NetworkError"
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container ingress.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container ingress",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container ingress in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "Container ingress policy specification.",
"readonly": false,
"required": false,
"title": "Container ingress policy specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Ingress Policy",
"type": "object"
}
ContainerIngressPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerIngressPolicyListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerIngressPolicy"
},
"required": true,
"title": "List of Container Ingress Policy specs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerIpPool (type)
{
"description": "Details of Container Ip Pool.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerIpPool",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Specifies identifier of the container cluster this container ip pool belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Specifies identifier of the container ip pool.",
"readonly": false,
"required": true,
"title": "External identifier of the container ip pool",
"type": "string"
},
"ip_ranges": {
"description": "Specifies list of SubnetIpRange, which is a set of contiguous IP addresses, represented by a CIDR or a pair of start and end IPs, along with subnet definition.",
"items": {
"$ref": "SubnetIpRange"
},
"readonly": false,
"required": false,
"title": "List of IP ranges with subnet details",
"type": "array"
},
"ip_version": {
"description": "Specifies IP version of container IP pool.",
"enum": [
4,
6
],
"readonly": false,
"required": false,
"title": "IP version of ContainerIpPool",
"type": "integer"
},
"origin_properties": {
"description": "Array of additional specific properties of container ip pool in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "This specifies yaml definition of ContainerIpPool resource.",
"readonly": false,
"required": false,
"title": "Container ip pool specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Ip Pool",
"type": "object"
}
ContainerIpPoolListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerIpPoolListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerIpPool"
},
"required": true,
"title": "List of Container IP Pool",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the pass through type api that get data from the Antrea Cluster.",
"extends": {
"$ref": "RealizationListRequestParameters"
},
"id": "ContainerListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster_id": {
"description": "ID of the cluster to query",
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realization list request params",
"type": "object"
}
ContainerLoadBalancerIngress (type)
{
"description": "It represents the status of a load-balancer ingress point.",
"id": "ContainerLoadBalancerIngress",
"module_id": "InventoryContainerObj",
"properties": {
"hostname": {
"description": "Hostname is set for load-balancer ingress points that are DNS based.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Hostname of load-balance ingress point",
"type": "string"
},
"ip": {
"description": "IP is set for load-balancer ingress points that are IP based.",
"format": "ip",
"readonly": false,
"required": false,
"title": "IP of load-balancer ingress point",
"type": "string"
},
"ports": {
"description": "Ports is a list of records of service points.",
"items": {
"$ref": "PortStatus"
},
"readonly": false,
"required": false,
"title": "List of PortStatus",
"type": "array"
}
},
"title": "Ingress point for load balancer",
"type": "object"
}
ContainerNetworkPolicy (type)
{
"description": "Network policy applied to container.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerNetworkPolicy",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this network policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this network policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container network policy.",
"readonly": false,
"required": true,
"title": "External identifier of the container network policy",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container network policy.",
"items": {
"$ref": "NetworkError"
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container network policy.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container network policy",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container network policy in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"policy_type": {
"description": "Type e.g. Network Policy, ASG.",
"enum": [
"NETWORK_POLICY",
"ASG",
"ACNP",
"ANP"
],
"readonly": false,
"required": false,
"title": "Type",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "Container network policy specification.",
"readonly": false,
"required": false,
"title": "Container network policy specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Network Policy",
"type": "object"
}
ContainerNetworkPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerNetworkPolicyListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerNetworkPolicy"
},
"required": true,
"title": "List of Container Network Policy specs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerObjectsListRequestParameters (type)
{
"description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.",
"extends": {
"$ref": "ContainerClusterFilterParameters"
},
"id": "ContainerObjectsListRequestParameters",
"module_id": "InventoryContainerObj",
"properties": {
"container_cluster_id": {
"description": "Identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the container project.",
"readonly": false,
"required": false,
"title": "Identifier of the container project",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Specifies scope id for container cluster. Default value is same as identifier of the cluster.",
"readonly": false,
"required": false,
"title": "Scope id for container cluster",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container objects list parameters",
"type": "object"
}
ContainerProject (type)
{
"description": "Details of org/namespace within a container cluster.",
"extends": {
"$ref": "DiscoveredResource"
},
"id": "ContainerProject",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster to which this project/namespace belongs.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container project.",
"readonly": false,
"required": true,
"title": "External identifier of the container project",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container project.",
"items": {
"$ref": "NetworkError"
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container project.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container project",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container project in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container project within a container cluster",
"type": "object"
}
ContainerProjectListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "ContainerProjectListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerProject"
},
"required": true,
"title": "List of projects",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerServicePort (type)
{
"description": "Specifices details of port exposed by service.",
"id": "ContainerServicePort",
"module_id": "InventoryContainerObj",
"properties": {
"name": {
"description": "Specifies name of port within the service.",
"readonly": false,
"required": false,
"title": "Name of port",
"type": "string"
},
"node_port": {
"description": "In case of Kubernetes container cluster, it is port on each node on which the service is exposed, when type of service is NodePort or LoadBalancer.",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Node port of container application",
"type": "integer"
},
"port": {
"description": "Specifies port exposed by the service",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Port of service",
"type": "integer"
},
"protocol": {
"description": "Specifies IP protocol of the port. e.g. TCP, UDP, SCTP.",
"enum": [
"TCP",
"UDP",
"SCTP"
],
"readonly": false,
"required": false,
"title": "IP protocol of port",
"type": "string"
},
"target_port": {
"description": "Specifies the number or name of port to access on container application instance by the container application. e.g. It is number or name of port to access of pod by service.",
"maxLength": 15,
"readony": false,
"required": false,
"title": "Target port of service",
"type": "string"
}
},
"title": "Details of service port",
"type": "object"
}
ContentFilterValue (type)
{
"enum": [
"ALL",
"DEFAULT",
"REMOVE_CORE_FILES",
"EAL4_AUDIT"
],
"id": "ContentFilterValue",
"title": "Support bundle content filter allowed values",
"type": "string"
}
ContextProfileAttributesMetadata (type)
{
"additionalProperties": false,
"id": "ContextProfileAttributesMetadata",
"module_id": "PolicyContextProfile",
"properties": {
"key": {
"required": true,
"title": "Key for metadata",
"type": "string"
},
"value": {
"required": true,
"title": "Value for metadata key",
"type": "string"
}
},
"title": "Key value structure for holding metadata of context profile attributes",
"type": "object"
}
ContinueMigrationRequestParameters (type)
{
"additionalProperties": false,
"id": "ContinueMigrationRequestParameters",
"module_id": "Migration",
"properties": {
"skip": {
"default": false,
"readonly": false,
"required": false,
"title": "Skip to migration of next component.",
"type": "boolean"
}
},
"type": "object"
}
ContinueRequestParameters (type)
{
"additionalProperties": false,
"id": "ContinueRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Hints NSX to upgrade a specific component.",
"readonly": false,
"required": false,
"title": "Component to upgrade.",
"type": "string"
},
"skip": {
"default": false,
"readonly": false,
"required": false,
"title": "Skip to upgrade of next component.",
"type": "boolean"
}
},
"type": "object"
}
ControlClusterNodeStatus (type)
{
"additionalProperties": false,
"id": "ControlClusterNodeStatus",
"module_id": "ClusterManagement",
"properties": {
"control_cluster_status": {
"$ref": "ClusteringStatus",
"readonly": true,
"title": "Status of this node's connection to the control cluster"
},
"mgmt_connection_status": {
"$ref": "MgmtConnStatus",
"readonly": true,
"title": "Status of this node's management plane connection"
}
},
"type": "object"
}
ControlConnStatus (type)
{
"id": "ControlConnStatus",
"module_id": "FabricNode",
"properties": {
"control_node_ip": {
"readonly": true,
"required": true,
"title": "IP address of the control Node.",
"type": "string"
},
"failure_status": {
"enum": [
"CONNECTION_REFUSED",
"INCOMPLETE_HOST_CERT",
"INCOMPLETE_CONTROLLER_CERT",
"CONTROLLER_REJECTED_HOST_CERT",
"HOST_REJECTED_CONTROLLER_CERT",
"KEEP_ALIVE_TIMEOUT",
"OTHER_SSL_ERROR",
"OTHER_ERROR"
],
"help_detail": "CONNECTION_REFUSED \"Connection refused by control node\"\nINCOMPLETE_HOST_CERT \"Incomplete host certificate\"\nINCOMPLETE_CONTROLLER_CERT \"Incomplete controller certificate\"\nCONTROLLER_REJECTED_HOST_CERT \"Controller rejected host certificate\"\nHOST_REJECTED_CONTROLLER_CERT \"Host rejected controller certificate\"\nKEEP_ALIVE_TIMEOUT \"Keep alive timeout\"\nOTHER_SSL_ERROR \"Other ssl error\"\nOTHER_ERROR \"Other error\".\n",
"readonly": true,
"required": false,
"title": "Failure status of the control Node for e.g CONNECTION_REFUSED,INCOMPLETE_HOST_CERT.",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN"
],
"help_detail": "UP \"Control node is up\"\nDown \"Control node is down\".\n",
"readonly": true,
"required": true,
"title": "Status of the control Node for e.g UP, DOWN.",
"type": "string"
}
},
"type": "object"
}
ControllerClusterRoleConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ClusterRoleConfig"
},
"id": "ControllerClusterRoleConfig",
"module_id": "ClusterManagement",
"properties": {
"control_cluster_listen_addr": {
"$ref": "ServiceEndpoint",
"readonly": true,
"title": "The IP and port for the control cluster service on this node"
},
"control_plane_listen_addr": {
"$ref": "ServiceEndpoint",
"readonly": true,
"title": "The IP and port for the control plane service on this node"
},
"host_msg_client_info": {
"$ref": "MsgClientInfo"
},
"mpa_msg_client_info": {
"$ref": "MsgClientInfo"
},
"type": {
"enum": [
"ManagementClusterRoleConfig",
"ControllerClusterRoleConfig"
],
"readonly": true,
"required": true,
"title": "Type of this role configuration",
"type": "string"
}
},
"type": "object"
}
ControllerClusterStatus (type)
{
"additionalProperties": false,
"id": "ControllerClusterStatus",
"module_id": "ClusterManagement",
"properties": {
"status": {
"enum": [
"NO_CONTROLLERS",
"UNSTABLE",
"DEGRADED",
"STABLE",
"UNKNOWN"
],
"readonly": true,
"title": "The current status of the controller cluster",
"type": "string"
}
},
"type": "object"
}
ControllerNodeAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseNodeAggregateInfo"
},
"id": "ControllerNodeAggregateInfo",
"module_id": "ClusterManagement",
"properties": {
"display_name": {
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"readonly": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"node_interface_properties": {
"items": {
"$ref": "NodeInterfaceProperties"
},
"readonly": true,
"title": "Array of Node interface statistic properties",
"type": "array"
},
"node_interface_statistics": {
"items": {
"$ref": "NodeInterfaceStatisticsProperties"
},
"readonly": true,
"title": "Array of Node network interface statistic properties",
"type": "array"
},
"node_status": {
"$ref": "ClusterNodeStatus",
"readonly": true
},
"node_status_properties": {
"items": {
"$ref": "NodeStatusProperties"
},
"title": "Time series of the node's system properties",
"type": "array"
},
"role_config": {
"$ref": "ControllerClusterRoleConfig",
"readonly": true
}
},
"type": "object"
}
ControllerProfilerProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "ControllerProfilerProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"enabled": {
"description": "True for enabling controller profiler, False for disabling controller profiler.",
"type": "boolean"
}
},
"title": "Controller profiler properties",
"type": "object"
}
CookiePersistenceModeType (type)
{
"additionalProperties": false,
"description": "If the persistence cookie is found in the incoming request, value of the cookie is used to identify the server that this request should be sent to. If the cookie is not found, then the server selection algorithm is used to select a new server to handle that request. Three different modes of cookie persistence are supported: insert, prefix and rewrite. In cookie insert mode, a cookie is inserted by load balancer in the HTTP response going from server to client. In cookie prefix and rewrite modes, server controls the cookie and load balancer only manipulates the value of the cookie. In prefix mode, server's cookie value is prepended with the server IP and port and then sent to the client. In rewrite mode, entire server's cookie value is replaced with the server IP and port in the response before sending it to the client.",
"enum": [
"INSERT",
"PREFIX",
"REWRITE"
],
"id": "CookiePersistenceModeType",
"module_id": "LoadBalancer",
"title": "cookie persistence mode",
"type": "string"
}
CookieTimeType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting",
"enum": [
"LbSessionCookieTime",
"LbPersistenceCookieTime"
],
"id": "CookieTimeType",
"module_id": "LoadBalancer",
"title": "Snat translation type",
"type": "string"
}
CopyFromRemoteFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties"
},
"id": "CopyFromRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"preserve_file_properties": {
"default": true,
"required": false,
"title": "Preserve file properties flag",
"type": "boolean"
},
"protocol": {
"$ref": "Protocol",
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CopyRemoteFileProperties (type)
{
"additionalProperties": {},
"id": "CopyRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"preserve_file_properties": {
"default": true,
"required": false,
"title": "Preserve file properties flag",
"type": "boolean"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CopyToRemoteFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties"
},
"id": "CopyToRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"preserve_file_properties": {
"default": true,
"required": false,
"title": "Preserve file properties flag",
"type": "boolean"
},
"protocol": {
"$ref": "Protocol",
"description": "Only scp and sftp may be used.",
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CoreCountByEdition (type)
{
"additionalProperties": false,
"id": "CoreCountByEdition",
"module_id": "SecurityLicenseUsage",
"properties": {
"features_in_use": {
"description": "Feature in use within product family. If there is ATP feature found on any host/edge, all features on it will be listed in ATP product family.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Feature in use within product family",
"type": "array"
},
"product_family": {
"description": "Product Family",
"readonly": true,
"required": false,
"title": "Product Family",
"type": "string"
},
"raw_core_count_by_type": {
"$ref": "RawCoreCount",
"description": "Raw cores counts by type of cores used in license edition.",
"readonly": true,
"required": false,
"title": "Raw Core Counts by core type"
},
"total_licensed_core_count": {
"description": "Total Licensed core count across features.",
"readonly": true,
"title": "Total Licensed core count across features",
"type": "string"
},
"total_raw_core": {
"description": "Total raw raw core count across features.",
"readonly": true,
"title": "Total raw raw core count across features",
"type": "string"
}
},
"type": "object"
}
CoreCountByFeature (type)
{
"additionalProperties": false,
"id": "CoreCountByFeature",
"module_id": "SecurityLicenseUsage",
"properties": {
"licensed_core_count": {
"$ref": "FeatureUsages",
"description": "Licensed Core Counts.",
"readonly": true,
"required": false,
"title": "Licensed Core Counts"
},
"raw_core_counts": {
"$ref": "FeatureUsages",
"description": "Feature Usage.",
"readonly": true,
"required": false,
"title": "Feature Usage"
}
},
"type": "object"
}
CoreDumpConfig (type)
{
"additionalProperties": false,
"description": "Node core dump config",
"id": "CoreDumpConfig",
"properties": {
"global_file_limit": {
"default": 2,
"minimum": 0,
"title": "Core dump file persistence config global limit",
"type": "integer"
},
"global_frequency_threshold": {
"default": 600,
"minimum": 0,
"title": "Core dump files frequency threshold config in seconds, set 0 to disable\n",
"type": "integer"
},
"process_config": {
"items": {
"$ref": "CoreDumpProcessConfig"
},
"title": "Core dump config per process limit",
"type": "array"
}
},
"title": "Node core dump config",
"type": "object"
}
CoreDumpProcessConfig (type)
{
"id": "CoreDumpProcessConfig",
"properties": {
"limit": {
"required": true,
"title": "Core dump process limit",
"type": "integer"
},
"process_name": {
"required": true,
"title": "Core dump process name",
"type": "string"
}
},
"title": "Core dump process config",
"type": "object"
}
CorfuCertificateExpiryCheckProperties (type)
{
"additionalProperties": false,
"id": "CorfuCertificateExpiryCheckProperties",
"module_id": "ComplianceReporter",
"properties": {
"status": {
"required": true,
"title": "Current Status of Corfu Certificate Expiry Check (enabled/disabled)",
"type": "string"
}
},
"title": "Corfu Certificate Expiry Check Properties",
"type": "object"
}
CountActionArgument (type)
{
"id": "CountActionArgument",
"module_id": "LiveTrace",
"properties": {
"count_type": {
"enum": [
"UNI_DIRECTIONAL",
"BI_DIRECTIONAL",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Type of count",
"type": "string"
},
"dest_lport": {
"description": "It is required only when the type of count is bidirectional. Please keep this field aligned with the destination logical port of trace action and packet capture action config when the type of trace action and packet capture action are bidirectional.",
"readonly": true,
"required": false,
"title": "Destination logical port for bidirectional count",
"type": "string"
},
"reverse_filter": {
"$ref": "LiveTraceFilterData",
"description": "It takes effect only when the type of count is bidirectional. Please keep this aligned with the packet filter of reverse direction of trace action and packet capture action config when the type of count action and packet capture action is bidirectional.",
"readonly": true,
"required": false,
"title": "Packet filter for flows of interest in reverse direction"
}
},
"type": "object"
}
CountActionConfig (type)
{
"id": "CountActionConfig",
"module_id": "LiveTrace",
"properties": {
"action_argument": {
"$ref": "CountActionArgument",
"required": true,
"title": "The count action argument"
}
},
"type": "object"
}
CountObservation (type)
{
"abstract": true,
"id": "CountObservation",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"required": true,
"title": "Type of count observation",
"type": "string"
}
},
"type": "object"
}
CounterResult (type)
{
"id": "CounterResult",
"module_id": "LiveTrace",
"properties": {
"backward_results": {
"description": "The count action results from the checkpoints traversed by packets from the destination port.",
"items": {
"$ref": "CountObservation"
},
"required": false,
"title": "Count action list results",
"type": "array"
},
"forward_results": {
"description": "The count action results from the checkpoints traversed by packets from the source port.",
"items": {
"$ref": "CountObservation"
},
"required": false,
"title": "Count action list results",
"type": "array"
}
},
"type": "object"
}
CounterTypesParameter (type)
{
"id": "CounterTypesParameter",
"module_id": "ObservabilityCounters",
"properties": {
"type": {
"description": "Counter type query parameters.",
"required": false,
"title": "type",
"type": "string"
}
},
"title": "Parameters to define returned counter types",
"type": "object"
}
CpuCoreConfigForEnhancedNetworkingStackSwitch (type) (Deprecated)
{
"deprecated": true,
"description": "Non Uniform Memory Access (NUMA) nodes and Logical cpu cores (Lcores) per NUMA node configuration for Enhanced Networking Stack enabled HostSwitch.",
"id": "CpuCoreConfigForEnhancedNetworkingStackSwitch",
"module_id": "TransportNode",
"properties": {
"num_lcores": {
"minimum": 1,
"readonly": false,
"required": true,
"title": "Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node",
"type": "int"
},
"numa_node_index": {
"minimum": 0,
"readonly": false,
"required": true,
"title": "Unique index of the Non Uniform Memory Access (NUMA) node",
"type": "int"
}
},
"title": "Enhanced Networking Stack CPU configuration",
"type": "object"
}
CpuStats (type)
{
"additionalProperties": false,
"description": "Provides the following CPU stats for a given core: - Core ID. - CPU type. - Number of packets sent and received per second on the core for the last 100ms. - Number of packets received per second from the crypto module, the KNI interface, the slowpath threads and the other cores within the last 100ms. - Statistics of the mega flow cache which holds flow cache key and the corresponding flow cache actions for all the entries. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. - Statistics of the micro flow cache which holds a hash of the entire flow cache key and a pointer to the mega flow cache entry. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. - Percentage of live CPU utilization of the core sampled within the last 60 seconds. - Percentage of CPU utilization of the core for actual packet processing for the last 100ms.",
"id": "CpuStats",
"properties": {
"core": {
"description": "CPU id",
"readonly": true,
"title": "core id",
"type": "string"
},
"cpu_type": {
"default": "controlpath_core",
"description": "cpu type, one of datapath_core, controlpath_core and service_core",
"enum": [
"datapath_core",
"controlpath_core",
"service_core"
],
"readonly": true,
"title": "cpu type",
"type": "string"
},
"crypto": {
"description": "The total number of packets per second (pps) received from the crypto module for the last 100ms.",
"readonly": true,
"title": "CPU crypto packet rate",
"type": "string"
},
"intercore": {
"description": "The total number of packets per second (pps) received from other cores for the last 100ms.",
"readonly": true,
"title": "CPU intercore packet rate",
"type": "string"
},
"kni": {
"description": "The total number of packets per second (pps) received from Linux KNI interface for the last 100ms.",
"readonly": true,
"title": "CPU Kernel Network Interface (KNI) packet rate",
"type": "string"
},
"mega_flowcachestats": {
"$ref": "FlowCacheStatistics",
"description": "Provides statistics of the mega flow cache which holds the flow cache key and the corresponding flow cache actions for all the entries. The flow cache key is the five tuples of an IP connection - src/dst IP, protocol, and src/dst ports. This will be reset on edge reboot or edge dataplane restart.",
"readonly": true,
"title": "Mega flow cache stats",
"type": "object"
},
"micro_flowcachestats": {
"$ref": "FlowCacheStatistics",
"description": "Provides statistics of the micro flow cache which holds a hash of the entire flow cache key and a pointer to the mega flow cache entry, where the flow cache key and actions are stored. This will be reset on edge reboot or edge dataplane restart.",
"readonly": true,
"title": "Micro flow cache stats",
"type": "object"
},
"packet_processing_usage": {
"description": "Provides the percentage of CPU utilization of the core on actual packet processing for the last 100ms. It is percentage of busy cycles vs. total cycles, where busy cycles are the cycles spent in a poll round where at least one packet was received.",
"readonly": true,
"title": "Datapath CPU packet processing usage",
"type": "string"
},
"rx": {
"description": "The total number of packets per second (pps) received from NICs for the last 100ms.",
"readonly": true,
"title": "CPU Rx packet rate",
"type": "string"
},
"slowpath": {
"description": "The total number of packets per second (pps) received from slowpath threads for the last 100ms.",
"readonly": true,
"title": "CPU slowpath packet rate",
"type": "string"
},
"tx": {
"description": "The total number of packets per second (pps) transmitted from NICs for the last 100ms. This also includes the packets dropped due to Tx ring full.",
"readonly": true,
"title": "CPU Tx packet rate",
"type": "string"
},
"usage": {
"description": "Provides the percentage of live CPU utilisation of the core sampled within the last 60 seconds.",
"readonly": true,
"title": "CPU usage",
"type": "string"
}
},
"title": "CPU core statistics",
"type": "object"
}
CpuUsage (type)
{
"additionalProperties": false,
"id": "CpuUsage",
"module_id": "ApplianceStats",
"properties": {
"avg_cpu_core_usage_dpdk": {
"description": "Indicates the average usage of all DPDK cores in percentage.",
"readonly": true,
"title": "Average utilization of all DPDK cores",
"type": "number"
},
"avg_cpu_core_usage_non_dpdk": {
"description": "Indicates the average usage of all non-DPDK cores in percentage.",
"readonly": true,
"title": "Average usage of all non-DPDK cores",
"type": "number"
},
"highest_cpu_core_usage_dpdk": {
"description": "Indicates the highest CPU utilization value among DPDK cores in percentage.",
"readonly": true,
"title": "Highest CPU utilization value among DPDK cores",
"type": "number"
},
"highest_cpu_core_usage_non_dpdk": {
"description": "Indicates the highest cpu utilization value among non_dpdk cores in percentage.",
"readonly": true,
"title": "Highest CPU utilization value among non-DPDK cores",
"type": "number"
}
},
"title": "CPU usage of DPDK and non-DPDK cores",
"type": "object"
}
CreateRemoteDirectoryProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties"
},
"id": "CreateRemoteDirectoryProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"preserve_file_properties": {
"default": true,
"required": false,
"title": "Preserve file properties flag",
"type": "boolean"
},
"protocol": {
"$ref": "SftpProtocol",
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
Criterion (type)
{
"additionalProperties": false,
"description": "Event Criterion is the logical evaluations by which the event may be deemed fulfilled. All the evaluations must be met in order for the criterion to be met (implicit AND).",
"id": "Criterion",
"module_id": "PolicyReaction",
"properties": {
"evaluations": {
"description": "Criterion Evaluations.",
"items": {
"$ref": "Evaluation"
},
"minItems": 1,
"required": true,
"title": "Criterion Evaluations",
"type": "array"
}
},
"title": "Event Criterion",
"type": "object"
}
Crl (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "Crl",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"$ref": "X509Crl",
"description": "Details of the X509Crl object.",
"readonly": true,
"required": false
},
"details_revoked_by_issuer_and_serial_number": {
"items": {
"$ref": "IssuerSerialNumber"
},
"readonly": true,
"required": false,
"title": "Certificates revoked by issuer and serial number",
"type": "array"
},
"details_revoked_by_subject_and_public_key_hash": {
"items": {
"$ref": "SubjectPublicKeyHash"
},
"readonly": true,
"required": false,
"title": "Certificates revoked by subject and public key hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"one_crl": {
"readonly": false,
"required": false,
"title": "JSON-encoded OneCRL-like object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded CRL data.",
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CrlDistributionPoint (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"deprecation_advice": "Do not use. This is currently unused functionality that will be removed.",
"extends": {
"$ref": "ManagedResource"
},
"id": "CrlDistributionPoint",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cdp_uri": {
"description": "CRL Distribution Point URI where to fetch the CRL.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "CDP URI",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"issuer": {
"description": "Issuer of the CRL, referring to the CA.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Issuer",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Reference to a CRL Distribution Point where to fetch a CRL",
"type": "object"
}
CrlDistributionPointList (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"deprecation_advice": "Do not use. This is currently unused functionality that will be removed.",
"extends": {
"$ref": "ListResult"
},
"id": "CrlDistributionPointList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CrlDistributionPoint list.",
"items": {
"$ref": "CrlDistributionPoint"
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CrlDistributionPoint query result",
"type": "object"
}
CrlDistributionPointStatus (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"deprecation_advice": "Do not use. This is currently unused functionality that will be removed.",
"id": "CrlDistributionPointStatus",
"module_id": "CertificateManager",
"properties": {
"error_message": {
"description": "Error message when fetching the CRL failed.",
"readonly": true,
"required": false,
"title": "Error Message",
"type": "string"
},
"status": {
"$ref": "CdpStatusType",
"description": "Status of the fetched CRL for this CrlDistributionPoint",
"readonly": true,
"required": true,
"title": "Status"
}
},
"title": "Reference to a CRL Distribution Point where to fetch a CRL",
"type": "object"
}
CrlList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "CrlList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CRL list.",
"items": {
"$ref": "Crl"
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Crl queries result",
"type": "object"
}
CrlObjectData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "CrlObjectData",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"one_crl": {
"readonly": false,
"required": false,
"title": "JSON-encoded OneCRL-like object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded CRL data.",
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CrlPemRequestType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"deprecation_advice": "Do not use. This is currently unused functionality that will be removed.",
"id": "CrlPemRequestType",
"module_id": "CertificateManager",
"properties": {
"cdp_uri": {
"description": "CRL Distribution Point URI where to fetch the CRL.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "CDP URI",
"type": "string"
}
},
"title": "Request Type to get a CRL's PEM file.",
"type": "object"
}
CrossSiteFlowInfo (type)
{
"description": "Represents details of the config flow between sites. Federation has the following flows - Global Manager to Local Manager (GM -> LM) - Local Manager to Glocal Manager (LM -> GM) - Global Manager Active to Glocal Manager Standby (GM -> GM) - Local Manager to Local Manager (LM -> LM)",
"id": "CrossSiteFlowInfo",
"module_id": "FederationObservability",
"properties": {
"from_site_id": {
"read_only": true,
"title": "Site id of the source",
"type": "string"
},
"from_site_path": {
"read_only": true,
"title": "Source site policy path",
"type": "string"
},
"full_sync_info": {
"$ref": "FullSyncInfo",
"read_only": true,
"title": "Full sync information for the flow"
},
"latency_measured_ts": {
"read_only": true,
"title": "Timestamp of latency measurement",
"type": "integer"
},
"latency_millis": {
"read_only": true,
"title": "Latency from source to destination site in milli seconds",
"type": "integer"
},
"leader_node_id": {
"read_only": true,
"title": "Local leader node id sharded for this remote site.",
"type": "string"
},
"status": {
"enum": [
"GOOD",
"DISCONNECTED",
"RECOVERY",
"ERROR",
"UNKNOWN",
"NOT_READY"
],
"read_only": true,
"title": "Overall status of the flow",
"type": "string"
},
"to_site_id": {
"read_only": true,
"title": "Site id of the destination",
"type": "string"
},
"to_site_path": {
"read_only": true,
"title": "Destination site policy path",
"type": "string"
}
},
"title": "Information about config flow in federation",
"type": "object"
}
CryptoAlgorithm (type)
{
"additionalProperties": false,
"id": "CryptoAlgorithm",
"module_id": "CertificateManager",
"properties": {
"key_size": {
"description": "Supported key sizes for the algorithm.",
"items": {
"$ref": "KeySize"
},
"readonly": true,
"required": true,
"type": "array"
},
"name": {
"description": "Crypto algorithm name.",
"readonly": true,
"required": true,
"type": "string"
}
},
"type": "object"
}
CryptoEnforcement (type)
{
"additionalProperties": false,
"description": "If enforced and if TLS protocol Client/Server Hello has none of the permitted TLS versions or ciphers then the connection is immediately terminated.",
"enum": [
"ENFORCE",
"TRANSPARENT"
],
"help_summary": "Use of 'ENFORCE' will terminate connection if TLS protocol Client/Server Hello has\nnone of the permitted TLS versions or ciphers.\nUse of 'TRANSPARENT' will let client's and server's own choices use for TLS\nversions and ciphers to successfully intercept the connection.\n",
"id": "CryptoEnforcement",
"module_id": "PolicyTlsActionProfile",
"readonly": true,
"required": false,
"title": "Action for crypto enforcement",
"type": "string"
}
CspConfig (type)
{
"description": "Extra OIDC configuration relevant only for CSP endpoints.",
"id": "CspConfig",
"module_id": "CertificateManager",
"properties": {
"additional_org_ids": {
"description": "A list of organization IDs. CSP tokens must be associated with one of these organizations, or the customer_org_id, in order to be considered valid.",
"items": {
"type": "string"
},
"title": "Additional orginzation IDs",
"type": "array"
},
"customer_org_id": {
"descrpition": "The ID of the customer organization.",
"title": "Customer organization ID",
"type": "string"
}
},
"title": "CSP authentication configuration",
"type": "object"
}
Csr (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "Csr",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA",
"EC"
],
"readonly": false,
"required": false,
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extensions": {
"$ref": "CsrExtensions",
"description": "X509 v3 extensions to be added to a CSR.",
"readonly": true,
"required": false,
"title": "X509 extensions to add"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal",
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CsrExtensions (type)
{
"additionalProperties": false,
"id": "CsrExtensions",
"module_id": "CertificateManager",
"properties": {
"subject_alt_names": {
"$ref": "SubjectAltNames",
"description": "Subject alternative names of the CSR",
"readonly": true,
"required": false,
"title": "Subject alternative names"
}
},
"title": "Collection of various x509 v3 extensions to be added to a CSR",
"type": "object"
}
CsrList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "CsrList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CSR list.",
"items": {
"$ref": "Csr"
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Csr queries result",
"type": "object"
}
CsrWithDaysValid (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Csr"
},
"id": "CsrWithDaysValid",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA",
"EC"
],
"readonly": false,
"required": false,
"type": "string"
},
"days_valid": {
"default": 825,
"title": "Number of days the certificate will be valid, default 825 days",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extensions": {
"$ref": "CsrExtensions",
"description": "X509 v3 extensions to be added to a CSR.",
"readonly": true,
"required": false,
"title": "X509 extensions to add"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal",
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "CSR data with days valid",
"type": "object"
}
CsvListResult (type)
{
"abstract": true,
"description": "Base type for CSV result.",
"id": "CsvListResult",
"module_id": "CsvTypes",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
}
},
"type": "object"
}
CsvRecord (type)
{
"abstract": true,
"description": "Base type for CSV records.",
"id": "CsvRecord",
"module_id": "CsvTypes",
"type": "object"
}
CurrentBackupOperationStatus (type)
{
"additionalProperties": false,
"id": "CurrentBackupOperationStatus",
"module_id": "BackupConfiguration",
"properties": {
"backup_id": {
"required": false,
"title": "Unique identifier of current backup",
"type": "string"
},
"current_step": {
"enum": [
"BACKUP_CREATING_CLUSTER_BACKUP",
"BACKUP_CREATING_NODE_BACKUP"
],
"required": false,
"title": "Current step of operation",
"type": "string"
},
"current_step_message": {
"required": false,
"title": "Additional human-readable status information about current step",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp",
"required": false,
"title": "Time when operation is expected to end"
},
"operation_type": {
"enum": [
"NONE",
"BACKUP"
],
"required": false,
"title": "Type of operation that is in progress. Returns none if no operation is in progress, in which case\nnone of the other fields will be set.\n",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"required": false,
"title": "Time when operation was started"
}
},
"title": "Current backup operation status",
"type": "object"
}
CurrentRealizationStateBarrier (type)
{
"description": "The current global barrier number of the realized state",
"id": "CurrentRealizationStateBarrier",
"module_id": "RealizationStateBarrier",
"properties": {
"current_barrier_number": {
"description": "Gives the current global barrier number for NSX",
"readonly": true,
"required": true,
"type": "integer"
}
},
"type": "object"
}
CustomAttributeAction (type)
{
"additionalProperties": false,
"description": "Request Parameter which specify action to either add or remove the custom values.",
"id": "CustomAttributeAction",
"module_id": "PolicyContextProfile",
"properties": {
"action": {
"description": "Action parameter determines whether to add or remove Custom Context Profile Attribute values.",
"enum": [
"add",
"remove"
],
"required": true,
"title": "Add or Remove Custom Context Profile Attribute values.",
"type": "string"
}
},
"title": "Request Parameters for Custom Context Profile Attributes",
"type": "object"
}
CustomFilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for custom filter widget. For this widget the data source is not applicable. It defines ui identifer for filter UI component and render it on dashboard view. This configuration can only be used for system owned widgets.",
"extends": {
"$ref": "FilterWidgetConfiguration"
},
"id": "CustomFilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "CustomFilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource"
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue"
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet",
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon"
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend",
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration"
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ui_component_identifier": {
"description": "User defined filter component selector to be rendered inside view/container.",
"required": true,
"title": "UI identifier for filter component to be rendered inside view/container",
"type": "string"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Custom Filter widget Configuration",
"type": "object"
}
CustomSignatureModification (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "CustomSignatureModification",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"overridden_signature": {
"$ref": "OverriddenSignature",
"description": "Overridden custom signature.",
"required": false,
"title": "overridden custom signature"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"raw_signature": {
"description": "IDS raw signature.",
"required": false,
"title": "IDS raw signature",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "IDS custom signature ID.",
"required": true,
"title": "IDS custom signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS raw signatures",
"type": "object"
}
CustomSignatureValidationPayload (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "CustomSignatureValidationPayload",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"deleted_signatures": {
"description": "List of deleted custom signature paths. Paths should be of type IdsCustomSignaturePreview. As the Validate action is only supported on Preview Signatures.",
"items": {
"type": "string"
},
"required": false,
"title": "List of deleted custom signature paths",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"modified_signatures": {
"description": "IDS custom signature modification collection.",
"items": {
"$ref": "CustomSignatureModification"
},
"required": false,
"title": "IDS custom signature modification collection",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"revert_overridden_signatures": {
"description": "List of custom signature ids that need to be reverted to default action/state.",
"items": {
"type": "string"
},
"required": false,
"title": "List of custom signature ids that need to be reverted to default action/state",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS raw signatures",
"type": "object"
}
CustomWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for custom widget. For this widget the data source is not applicable. It defines ui identifer to identify UI component and render it on dashboard view. This configuration can only be used for system owned widgets.",
"extends": {
"$ref": "WidgetConfiguration"
},
"id": "CustomWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "CustomWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource"
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue"
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet",
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon"
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend",
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration"
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ui_component_identifier": {
"description": "User defined component selector to be rendered inside view/container.",
"title": "UI identifier for component to be rendered inside view/container",
"type": "string"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Custom widget Configuration",
"type": "object"
}
CvxConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to a CVX type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo"
},
"id": "CvxConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "CvxConnectionInfo"
},
"properties": {
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"password": {
"description": "Password.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"required": false,
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "secure_string"
}
},
"title": "CVX Connection Info",
"type": "object"
}
DADMode (type)
{
"additionalProperties": false,
"description": "Duplicate address detection modes.",
"enum": [
"LOOSE",
"STRICT"
],
"id": "DADMode",
"module_id": "Routing",
"title": "DAD Mode",
"type": "string"
}
DADProfile (type)
{
"additionalProperties": false,
"description": "Duplicate address detection profile.",
"extends": {
"$ref": "ManagedResource"
},
"id": "DADProfile",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"dad_mode": {
"$ref": "DADMode",
"default": "LOOSE",
"required": false,
"title": "DAD Mode"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ns_retries": {
"default": 3,
"description": "Number of Neighbor solicitation packets generated before completing the Duplicate address detection process.",
"maximum": 10,
"minimum": 0,
"required": false,
"title": "NS retries count",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"wait_time": {
"default": 1,
"description": "The time duration in seconds, to wait for Neighbor advertisement after sending the Neighbor solicitation message.",
"maximum": 60,
"minimum": 0,
"required": false,
"title": "Wait time",
"type": "integer"
}
},
"type": "object"
}
DADProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DADProfileListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DADProfile"
},
"required": true,
"title": "Paginated list of DADProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DADStatus (type)
{
"additionalProperties": false,
"description": "Duplicate address detection status for IP address on port.",
"enum": [
"DUPLICATED",
"TENTATIVE",
"ASSIGNED",
"NOT_APPLICABLE",
"UNKNOWN"
],
"id": "DADStatus",
"module_id": "LogicalRouterPorts",
"title": "DAD Status",
"type": "string"
}
DHGroup (type)
{
"additionalProperties": false,
"description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit random Elliptic Curve (ECP) group. GROUP20 uses 384-bit random ECP group. GROUP21 uses 521-bit random ECP group.",
"enum": [
"GROUP2",
"GROUP5",
"GROUP14",
"GROUP15",
"GROUP16",
"GROUP19",
"GROUP20",
"GROUP21"
],
"id": "DHGroup",
"module_id": "IPSecVPN",
"title": "Diffie-Hellman groups",
"type": "string"
}
DNSForwarderStatisticsPerEnforcementPoint (type)
{
"abstract": true,
"description": "DNS forwarder statistics per enforcement point.",
"id": "DNSForwarderStatisticsPerEnforcementPoint",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the statistics are fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatistics"
],
"required": true,
"type": "string"
}
},
"title": "DNS forwarder statistics per enforcement point",
"type": "object"
}
DNSForwarderStatusPerEnforcementPoint (type)
{
"abstract": true,
"description": "DNS forwarder status per enforcement point.",
"id": "DNSForwarderStatusPerEnforcementPoint",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the status is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatus"
],
"required": true,
"type": "string"
}
},
"title": "DNS forwarder status per enforcement point",
"type": "object"
}
DSAppliedToType (type)
{
"enum": [
"NSGroup",
"LogicalSwitch",
"LogicalRouter",
"LogicalPort"
],
"id": "DSAppliedToType",
"module_id": "DistributedServices",
"title": "Resource type valid for use as AppliedTo filter in section API",
"type": "string"
}
DSExcludeList (type)
{
"abstract": true,
"description": "List of entities excluded for enforcing a service or a feature.",
"extends": {
"$ref": "ManagedResource"
},
"id": "DSExcludeList",
"module_id": "DistributedServices",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_count": {
"description": "Total number of members present in Exclude List.",
"readonly": true,
"required": false,
"title": "Total Member Count",
"type": "integer"
},
"members": {
"description": "List of members in Exclusion List",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 1000,
"readonly": false,
"required": true,
"title": "Member list",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Exclusion List",
"type": "object"
}
DSInsertParameters (type)
{
"abstract": true,
"id": "DSInsertParameters",
"module_id": "DistributedServices",
"properties": {
"id": {
"maxLength": 64,
"required": false,
"title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where rule/section need to be added. All the params take rule/section Id.",
"type": "object"
}
DSListRequestParameters (type)
{
"abstract": true,
"description": "Pagination and Filtering parameters to get only a subset of sections/rules.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "DSListRequestParameters",
"module_id": "DistributedServices",
"properties": {
"applied_tos": {
"description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "AppliedTo's referenced by this section or section's Distributed Service Rules .",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"destinations": {
"description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Destinations referenced by this section's Distributed Service Rules .",
"type": "string"
},
"filter_type": {
"default": "FILTER",
"description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.",
"enum": [
"FILTER",
"SEARCH"
],
"required": false,
"title": "Filter type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"services": {
"description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "NSService referenced by this section's Distributed Service Rules .",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sources": {
"description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Sources referenced by this section's Distributed Service Rules .",
"type": "string"
}
},
"title": "Parameters to filter list of sections/rules.",
"type": "object"
}
DSRule (type)
{
"abstract": true,
"extends": {
"$ref": "EmbeddedResource"
},
"id": "DSRule",
"module_id": "DistributedServices",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink",
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"action": {
"description": "Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DETECT - Detect IDS Signatures. ALLOW_CONTINUE - Allows rules to jump from this rule. Action on matching rules in the destination category will decide next step. Application is default destination until new categories are supported to jump to. DETECT_PREVENT - Detect and Prevent IDS Signatures.",
"enum": [
"ALLOW",
"DROP",
"REJECT",
"REDIRECT",
"DO_NOT_REDIRECT",
"DETECT",
"ALLOW_CONTINUE",
"DETECT_PREVENT"
],
"readonly": false,
"required": true,
"title": "Action",
"type": "string"
},
"applied_tos": {
"description": "List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of the destinations. Null will be treated as any.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Destination List",
"type": "array"
},
"destinations_excluded": {
"default": false,
"description": "Negation of the destination.",
"readonly": false,
"required": false,
"title": "Negation of destination",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"readonly": false,
"required": false,
"title": "Rule direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.",
"readonly": false,
"required": false,
"title": "Rule enable/disable flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"description": "Identifier of the resource",
"readonly": true,
"required": false,
"type": "string"
},
"ip_protocol": {
"default": "IPV4_IPV6",
"description": "Type of IP packet that should be matched while enforcing the rule.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "Flag to indicate whether rule is default.",
"readonly": true,
"required": false,
"title": "Default rule",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"notes": {
"description": "User notes specific to the rule.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Notes",
"type": "string"
},
"priority": {
"description": "Priority of the rule.",
"readonly": true,
"required": false,
"title": "Rule priority",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_tag": {
"description": "User level field which will be printed in CLI and packet logs.",
"maxLength": 32,
"readonly": false,
"required": false,
"title": "Tag",
"type": "string"
},
"sources": {
"description": "List of sources. Null will be treated as any.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Source List",
"type": "array"
},
"sources_excluded": {
"default": false,
"description": "Negation of the source.",
"readonly": false,
"required": false,
"title": "Negation of source",
"type": "boolean"
}
},
"type": "object"
}
DSRuleState (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Rule Realization State",
"extends": {
"$ref": "ConfigurationState"
},
"id": "DSRuleState",
"module_id": "DistributedServices",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"revision_desired": {
"description": "This attribute represents revision number of rule's desired state.",
"readonly": true,
"required": false,
"title": "Desired state revision number",
"type": "integer"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Rule Realization State",
"type": "object"
}
DSSection (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "DSSection",
"module_id": "DistributedServices",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.",
"readonly": true,
"required": false,
"title": "Default section flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"section_type": {
"description": "Type of the rules which a section can contain. Only homogeneous sections are supported.",
"enum": [
"LAYER2",
"LAYER3",
"L3REDIRECT",
"IDS"
],
"readonly": false,
"required": true,
"title": "Section Type",
"type": "string"
},
"stateful": {
"description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.",
"readonly": false,
"required": true,
"title": "Stateful nature of the distributed service rules in the section.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DSSectionListResult (type)
{
"abstract": true,
"extends": {
"$ref": "ListResult"
},
"id": "DSSectionListResult",
"module_id": "DistributedServices",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DSSectionQueryParameters (type)
{
"abstract": true,
"id": "DSSectionQueryParameters",
"module_id": "DistributedServices",
"properties": {
"cascade": {
"default": false,
"required": false,
"title": "Flag to cascade delete of this object to all it's child objects.",
"type": "boolean"
}
},
"title": "Section query parameters",
"type": "object"
}
DSSectionState (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Section Realization Status",
"extends": {
"$ref": "ConfigurationState"
},
"id": "DSSectionState",
"module_id": "DistributedServices",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"revision_desired": {
"description": "This attribute represents revision number of section's desired state.",
"readonly": true,
"required": false,
"title": "Section's desired state revision number",
"type": "integer"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Section Realization State",
"type": "object"
}
DSService (type)
{
"abstract": true,
"extends": {
"$ref": "ResourceReference"
},
"id": "DSService",
"module_id": "DistributedServices",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"service": {
"$ref": "NSServiceElement",
"description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.",
"readonly": false,
"required": false,
"title": "Distributed Service Network and Security Service element"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"type": "object"
}
DailyTelemetrySchedule (type)
{
"extends": {
"$ref": "TelemetrySchedule"
},
"id": "DailyTelemetrySchedule",
"module_id": "TelemetryConfig",
"polymorphic-type-descriptor": {
"type-identifier": "DailyTelemetrySchedule"
},
"properties": {
"frequency_type": {
"description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.",
"required": true,
"title": "Frequency at which data will be collected",
"type": "string"
},
"hour_of_day": {
"description": "Hour at which data will be collected. Specify a value between 0 through 23.",
"maximum": 23,
"minimum": 0,
"required": true,
"title": "Hour at which data will be collected",
"type": "integer"
},
"minutes": {
"default": 0,
"description": "Minute at which data will be collected. Specify a value between 0 through 59.",
"maximum": 59,
"minimum": 0,
"required": false,
"title": "Minute at which data will be collected",
"type": "integer"
}
},
"type": "object"
}
DashboardSummaryListRequestQueryParameters (type)
{
"description": "Represents the query parameters, such as the tenancy context and the pagination properties, that the dashboard APIs (ids-summary, affected-vms) accept.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "DashboardSummaryListRequestQueryParameters",
"module_id": "PolicyIDSMetrics",
"properties": {
"context": {
"$ref": "TenancyContextQueryParameter"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"$ref": "EnforcementPointPathQueryParameter"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Query parameters passed to the dashboard APIs",
"type": "object"
}
DataCounter (type)
{
"id": "DataCounter",
"module_id": "AggSvcL2Types",
"properties": {
"dropped": {
"required": false,
"title": "The dropped packets or bytes",
"type": "integer"
},
"multicast_broadcast": {
"required": false,
"title": "The multicast and broadcast packets or bytes",
"type": "integer"
},
"total": {
"required": true,
"title": "The total packets or bytes",
"type": "integer"
}
},
"type": "object"
}
DataPathL3 (type)
{
"id": "DataPathL3",
"module_id": "ObservabilityCounters",
"properties": {
"arp_hold_pkt_drops": {
"description": "The drops of packet(IPv4) pending on ARP resolution.",
"required": false,
"type": "integer"
},
"drop_route_ipv4_drops": {
"description": "Packet(IPv4) matching drop routes.",
"required": false,
"type": "integer"
},
"drop_route_ipv6_drops": {
"description": "Packet(IPv6) matching drop routes.",
"required": false,
"type": "integer"
},
"dtgw_ext_vlan_uplink_arp_fail": {
"description": "dtgw ext vlan uplink arp fail",
"required": false,
"type": "integer"
},
"no_route_ipv4_drops": {
"description": "No IPv4 routes.",
"required": false,
"type": "integer"
},
"no_route_ipv6_drops": {
"description": "No IPv6 routes.",
"required": false,
"type": "integer"
},
"ns_hold_pkt_drops": {
"description": "The drops of packet(IPv6) pending on neighbor resolution.",
"required": false,
"type": "integer"
},
"pkt_attr_error_drops": {
"description": "Packets which failed attribute operation.",
"required": false,
"type": "integer"
},
"rpf_ipv4_drops": {
"description": "Reverse path forwarding drops of packet(IPv4).",
"required": false,
"type": "integer"
},
"rpf_ipv6_drops": {
"description": "Reverse path forwarding drops of packet(IPv6).",
"required": false,
"type": "integer"
},
"rx_pkt_parsing_error_drops": {
"description": "Packets failed to be parsed.",
"required": false,
"type": "integer"
},
"ttl_ipv4_drops": {
"description": "Packet(IPv4) drops due to low TTL.",
"required": false,
"type": "integer"
},
"ttl_ipv6_drops": {
"description": "Packet(IPv6) drops due to low TTL.",
"required": false,
"type": "integer"
},
"tx_dispatch_queue_too_long_drops": {
"description": "Packets being tail dropped in the txDispatchQueue.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
DataSourceParameters (type)
{
"id": "DataSourceParameters",
"module_id": "Types",
"properties": {
"source": {
"$ref": "DataSourceType",
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"type": "object"
}
DataSourceType (type)
{
"enum": [
"realtime",
"cached"
],
"id": "DataSourceType",
"module_id": "Types",
"title": "Data source type.",
"type": "string"
}
DataTypeCollectionConfiguration (type)
{
"id": "DataTypeCollectionConfiguration",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"collection_frequency": {
"description": "The frequency in seconds at which data is collected",
"maximum": 86400,
"minimum": 15,
"required": true,
"title": "Data Collection Frequency In Seconds",
"type": "integer"
},
"data_type": {
"description": "Defines the type of data being collected",
"enum": [
"STATUS",
"STATISTICS"
],
"required": true,
"title": "Data type",
"type": "string"
}
},
"title": "Data type collection configuration",
"type": "object"
}
DatapathCounterResult (type)
{
"description": "The datapath counter result.",
"id": "DatapathCounterResult",
"module_id": "LiveTrace",
"properties": {
"module_counters": {
"description": "The data of the datapath module counters.",
"items": {
"$ref": "DatapathModuleCounter"
},
"readonly": true,
"required": true,
"title": "The counters of the datapath module",
"type": "array"
},
"module_name": {
"description": "The name of the datapath module (e.g., VDL2, VDR).",
"readonly": true,
"required": true,
"title": "The name of the datapath module",
"type": "string"
}
},
"title": "Datapath counter result",
"type": "object"
}
DatapathModuleCounter (type)
{
"description": "The counter of the datapath module.",
"id": "DatapathModuleCounter",
"module_id": "LiveTrace",
"properties": {
"counter_name": {
"description": "The name of the counter.",
"readonly": true,
"required": true,
"title": "The name of the counter",
"type": "string"
},
"counter_value": {
"description": "The value of the counter.",
"readonly": true,
"required": true,
"title": "The value of the counter",
"type": "integer"
}
},
"title": "The counter of the datapath module",
"type": "object"
}
DatapathPacketDrops (type)
{
"id": "DatapathPacketDrops",
"module_id": "ObservabilityCounters",
"properties": {
"broadcast_rate_limiting_packet_drops": {
"description": "Drops due to broadcast rate limiting.",
"required": false,
"type": "integer"
},
"fastpath_packet_drops": {
"description": "Drops by the Fastpath.",
"required": false,
"type": "integer"
},
"firewall_flood_limit_packet_drops": {
"description": "Firewall flood limit drops.",
"required": false,
"type": "integer"
},
"firewall_internal_error_packet_drops": {
"description": "Drops due to Firewall detected internal error.",
"required": false,
"type": "integer"
},
"firewall_malformed_packet_drops": {
"description": "Drop due to Firewall detected malformed packet.",
"required": false,
"type": "integer"
},
"firewall_packet_rejects": {
"description": "Drops due to Firewall packet rejects.",
"required": false,
"type": "integer"
},
"firewall_rule_received_packet_drops": {
"description": "Firewall rule drops at RX.",
"required": false,
"type": "integer"
},
"firewall_rule_transmitted_packet_drops": {
"description": "Firewall rule drops at TX.",
"required": false,
"type": "integer"
},
"firewall_state_check_packet_drops": {
"description": "Firewall state check drops.",
"required": false,
"type": "integer"
},
"firewall_state_table_full_packet_drops": {
"description": "Drops due to Firewall state table full.",
"required": false,
"type": "integer"
},
"firewall_total_packet_drops": {
"description": "Firewall total packet drops.",
"required": false,
"type": "integer"
},
"hostswitch_network_mismatch_packet_drops": {
"description": "RX Drops at vswitch due to network mismatch.",
"required": false,
"type": "integer"
},
"hostswitch_received_forged_mac_packet_drops": {
"description": "RX drops at vswtich due to forged mac.",
"required": false,
"type": "integer"
},
"l3_hop_limit_packet_drops": {
"description": "L3 Drops due to hop limit (TTL).",
"required": false,
"type": "integer"
},
"l3_neighbor_unreachable_packet_drops": {
"description": "L3 Drops due to unreachable neighbor.",
"required": false,
"type": "integer"
},
"l3_no_route_packet_drops": {
"description": "L3 Drops due to no route.",
"required": false,
"type": "integer"
},
"l3_reverse_path_forwarding_packet_drops": {
"description": "L3 drops due to reverse path forwarding.",
"required": false,
"type": "integer"
},
"overlay_received_packet_drops": {
"description": "Overlay RX drops.",
"required": false,
"type": "integer"
},
"overlay_transmitted_packet_drops": {
"description": "Overlay TX drops.",
"required": false,
"type": "integer"
},
"overlay_uplink_received_packet_drops": {
"description": "Overlay uplink RX drops.",
"required": false,
"type": "integer"
},
"overlay_uplink_transmitted_packet_drops": {
"description": "Overlay uplink TX drops.",
"required": false,
"type": "integer"
},
"packet_parsing_error_drops": {
"description": "Drops due to parsing errors.",
"required": false,
"type": "integer"
},
"spoof_guard_packet_drops": {
"description": "Drops due to spoofguard.",
"required": false,
"type": "integer"
},
"workload_bpdu_filter_packet_drops": {
"description": "Drops due to BPDU filtering.",
"required": false,
"type": "integer"
},
"workload_dhcp_not_allowed_packet_drops": {
"description": "Drops due to workload DHCP not allowed.",
"required": false,
"type": "integer"
},
"workload_ipv6_ra_guard_packet_drops": {
"description": "Drops due to workload ipv6 router advertisement guard.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
DatapathStatsActionArgument (type)
{
"id": "DatapathStatsActionArgument",
"module_id": "LiveTrace",
"properties": {
"datapath_stats_type": {
"description": "Type of datapath statistics action. UNI_DIRECTIONAL - Perform the datapath statistics action for the traffic ingressed from the source logical port. BI_DIRECTIONAL - Perform the datapath statistics action for the traffic ingressed from the source logical port and the destination logical port, respectively.",
"enum": [
"UNI_DIRECTIONAL",
"BI_DIRECTIONAL"
],
"readonly": true,
"required": true,
"title": "Type of datapath statistics action",
"type": "string"
},
"dest_lport": {
"description": "It is required only when the type of datapath statistics action is bidirectional.",
"readonly": true,
"required": false,
"title": "Destination logical port for bidirectional datapath statistics action",
"type": "string"
},
"reverse_filter": {
"$ref": "LiveTraceFilterData",
"description": "It takes effect only when the type of datapath statistics action is bidirectional.",
"readonly": true,
"required": false,
"title": "Packet filter for flows of interest in reverse direction"
}
},
"type": "object"
}
DatapathStatsActionConfig (type)
{
"id": "DatapathStatsActionConfig",
"module_id": "LiveTrace",
"properties": {
"action_argument": {
"$ref": "DatapathStatsActionArgument",
"description": "Action argument for datapath statistics.",
"readonly": true,
"required": true,
"title": "Action argument for datapath statistics"
},
"sampling_argument": {
"$ref": "SamplingArgument",
"description": "Only first-N sampling is supported and the maximum sampling number is 65535.",
"readonly": true,
"required": false,
"title": "Sample argument for datapath statistics"
}
},
"type": "object"
}
DatapathStatsResult (type)
{
"description": "The datapath statistics action result.",
"id": "DatapathStatsResult",
"module_id": "LiveTrace",
"properties": {
"direction": {
"enum": [
"FORWARD",
"REVERSE"
],
"readonly": true,
"required": false,
"title": "Direction of datapath statistics action result",
"type": "string"
},
"transport_node_datapath_stats": {
"description": "The datapath statistics for transport nodes.",
"items": {
"$ref": "TransportNodeDatapathStats"
},
"readonly": true,
"required": false,
"title": "Datapath statistics for transport nodes",
"type": "array"
}
},
"title": "Datapath statistics action result",
"type": "object"
}
Datasource (type)
{
"additionalProperties": false,
"description": "An instance of a datasource configuration.",
"id": "Datasource",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"display_name": {
"description": "Name of a datasource instance.",
"maxLength": 255,
"required": true,
"title": "Datasource instance's display name",
"type": "string"
},
"keystore_info": {
"$ref": "KeyStoreInfo",
"description": "Key Store information for all the url aliases defined in datasource. Use this property if key store information is same for each url aliases in the datasource.",
"title": "Key Store Info"
},
"urls": {
"description": "Array of urls relative to the datasource configuration. For example, api/v1/fabric/nodes is a relative url of nsx-manager instance.",
"items": {
"$ref": "UrlAlias"
},
"required": true,
"title": "Array of relative urls and their aliases",
"type": "array"
}
},
"title": "Datasource Instance",
"type": "object"
}
DatetimeUTC (type)
{
"description": "Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'",
"id": "DatetimeUTC",
"title": "Datetime string in UTC",
"type": "string"
}
DecryptionFailAction (type)
{
"additionalProperties": false,
"description": "Action to take when TLS handshake fails.",
"enum": [
"BLOCK",
"BYPASS"
],
"help_summary": "Use of 'BLOCK' will terminate subsequent connections.\nUse of 'BYPASS' will remember handshake failure and not intercept subsequent.\nconnections.\n",
"id": "DecryptionFailAction",
"module_id": "PolicyTlsActionProfile",
"readonly": true,
"required": false,
"title": "TLS handshake fail action",
"type": "string"
}
DedicatedResources (type)
{
"additionalProperties": false,
"description": "To assign dedicated resources from default project to custom project for logging. Resources dedicated to this project for logging cannot be dedicated to other projects.",
"id": "DedicatedResources",
"module_id": "PolicyProject",
"properties": {
"tier_0s": {
"description": "Logs for Tier0s mentioned will have this project's context. Tier0s mentioned under dedicated_resources should also be part of tier0s under project payload.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of Tier0s paths dedicated to this Project for logging.",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Project"
],
"relationshipType": "PROJECT_TIER0_DEDICATED_RESOURCES_RELATIONSHIP",
"rightType": [
"Tier0"
]
}
]
}
},
"title": "Dedicated Resources to Project for Logging",
"type": "object"
}
DefaultFilterValue (type)
{
"additionalProperties": false,
"description": "An instance of a datasource configuration.",
"id": "DefaultFilterValue",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alias": {
"description": "Filter alias.",
"required": true,
"title": "Filter alias",
"type": "string"
},
"value": {
"description": "Filter default value.",
"required": true,
"title": "Filter default value",
"type": "string"
}
},
"title": "Default filter values",
"type": "object"
}
DeleteMigrationDataFileSpec (type)
{
"additionalProperties": false,
"id": "DeleteMigrationDataFileSpec",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"file_type": {
"enum": [
"VRA_INPUT",
"EDGE_CUTOVER_MAPPING",
"BYOT_L3_MAPPING",
"AVI_LB_MAPPING"
],
"readonly": false,
"required": true,
"title": "Type of the Migration data file that needs to be deleted.",
"type": "string"
}
},
"type": "object"
}
DeleteRemoteDirectoryProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties"
},
"id": "DeleteRemoteDirectoryProperties",
"properties": {
"directory_path": {
"description": "Directory Path which needs to be retained",
"required": false,
"title": "Directory Path",
"type": "string"
},
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"preserve_file_properties": {
"default": true,
"required": false,
"title": "Preserve file properties flag",
"type": "boolean"
},
"protocol": {
"$ref": "SftpProtocol",
"description": "Protocol to use to delete directory",
"required": true,
"title": "Protocol to use to delete directory"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
DeleteRequestParameters (type)
{
"additionalProperties": {},
"id": "DeleteRequestParameters",
"module_id": "Common",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Parameters that affect how delete operations are processed",
"type": "object"
}
DependentServices (type)
{
"additionalProperties": false,
"id": "DependentServices",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"dependent_services": {
"description": "List of firewall dependent services.",
"items": {
"type": "string"
},
"title": "List of firewall dependent services",
"type": "array"
}
},
"type": "object"
}
DeploymentChecksAction (type)
{
"additionalProperties": false,
"description": "Pre/Post deployment checks.",
"id": "DeploymentChecksAction",
"module_id": "PolicyCloudNative",
"properties": {
"action": {
"description": "Run pre/post deployment checks. PRE_CHECKS - Run pre-check before deployment. POST_CHECKS - Run post-check after deployment. ABORT_CHECKS - Abort running pre/post deployement checks.",
"enum": [
"PRE_CHECKS",
"POST_CHECKS",
"ABORT_CHECKS"
],
"required": true,
"title": "Pre/post deployment checks",
"type": "string"
}
},
"title": "Deployment checks",
"type": "object"
}
DeploymentChecksExecutionRequired (type)
{
"additionalProperties": false,
"description": "Request for pre/post checks execution required or not.",
"id": "DeploymentChecksExecutionRequired",
"module_id": "PolicyCloudNative",
"properties": {
"form_factor": {
"$ref": "FormFactorType",
"description": "Form factor in use for deployment.",
"required": true,
"title": "Deployment form factor"
}
},
"title": "Request for pre/post checks execution required or not",
"type": "object"
}
DeploymentChecksExecutionRequiredResult (type)
{
"additionalProperties": false,
"description": "Result for pre/post checks execution required or not.",
"id": "DeploymentChecksExecutionRequiredResult",
"module_id": "PolicyCloudNative",
"properties": {
"is_required": {
"default": true,
"description": "Flag for pre/post checks execution required or not.",
"title": "Flag for pre/post checks required",
"type": "boolean"
}
},
"title": "Result for pre/post checks execution required or not",
"type": "object"
}
DeploymentChecksStatus (type)
{
"additionalProperties": false,
"description": "Pre/Post deployment status.",
"id": "DeploymentChecksStatus",
"module_id": "PolicyCloudNative",
"properties": {
"description": {
"description": "Show more information about pre/post check performed.",
"title": "More detail about check",
"type": "string"
},
"name": {
"title": "Name of pre/post check",
"type": "string"
},
"reason": {
"description": "Reason for failure of pre/post check. Otherwise empty.",
"title": "Reason in case of pre/post check failure",
"type": "string"
},
"status": {
"description": "Status pre/post check. SUCCESS - Successfully completed pre/post check. FAILED - Failed pre/post check. WARNING - Warning in pre/post check. SKIPPED - Pre/post check skipped. IN_PROGRESS - Pre/post check in progress. STOPPING - Stopping pre/post check. STOPPED - Pre/post check stopped. NOT_STARTED - Pre/post check not started",
"enum": [
"SUCCESS",
"FAILED",
"WARNING",
"SKIPPED",
"IN_PROGRESS",
"STOPPING",
"STOPPED",
"NOT_STARTED"
],
"title": "Status of pre/post checks",
"type": "string"
}
},
"title": "Pre/Post deployment status",
"type": "object"
}
DeploymentChecksStatusResult (type)
{
"additionalProperties": false,
"description": "List of pre/post checks status.",
"id": "DeploymentChecksStatusResult",
"module_id": "PolicyCloudNative",
"properties": {
"results": {
"description": "Array of pre/post deployment checks.",
"items": {
"$ref": "DeploymentChecksStatus"
},
"title": "Array of pre/post deployment checks",
"type": "array"
}
},
"title": "Status of pre/post checks",
"type": "object"
}
DeploymentConfig (type)
{
"additionalProperties": false,
"id": "DeploymentConfig",
"module_id": "FabricNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "placement_type"
},
"properties": {
"placement_type": {
"enum": [
"VsphereDeploymentConfig"
],
"required": true,
"type": "string"
}
},
"type": "object"
}
DeploymentProgressStatus (type)
{
"additionalProperties": false,
"description": "Progress status of deployment.",
"id": "DeploymentProgressStatus",
"module_id": "PolicyCloudNative",
"properties": {
"error_message": {
"description": "Errors during deployment.",
"items": {
"type": "string"
},
"title": "Error message",
"type": "array"
},
"overall_status": {
"description": "Progress status of deployment. DEPLOYMENT_IN_PROGRESS - Deployment in progress. UNDEPLOYMENT_IN_PROGRESS - Undeployment in progress. UPGRADE_IN_PROGRESS - Upgrade in progress. UPDATE_IN_PROGRESS - Update in progress. DEPLOYMENT_QUEUED - Deployment queued. UNDEPLOYMENT_QUEUED - Undeployment queued. UPDATE_QUEUED - Update queued. DEPLOYMENT_SUCCESSFUL - Deployment successful. UNDEPLOYMENT_SUCCESSFUL - Undeployment successful. UPGRADE_SUCCESSFUL - Upgrade successful. UPDATE_SUCCESSFUL - Update successful. DEPLOYMENT_FAILED - Deployment failed. UNDEPLOYMENT_FAILED - Undeployment failed. UPGRADE_FAILED - Upgrade failed. UPDATE_FAILED - Update failed. NOT_DEPLOYED - Deployment pending.",
"enum": [
"DEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_IN_PROGRESS",
"UPGRADE_IN_PROGRESS",
"UPDATE_IN_PROGRESS",
"DEPLOYMENT_QUEUED",
"UNDEPLOYMENT_QUEUED",
"UPDATE_QUEUED",
"DEPLOYMENT_SUCCESSFUL",
"UNDEPLOYMENT_SUCCESSFUL",
"UPGRADE_SUCCESSFUL",
"UPDATE_SUCCESSFUL",
"DEPLOYMENT_FAILED",
"UNDEPLOYMENT_FAILED",
"UPGRADE_FAILED",
"UPDATE_FAILED",
"NOT_DEPLOYED"
],
"required": true,
"title": "Progress status of deployment",
"type": "string"
},
"percentage": {
"description": "Percentage completed for deployment.",
"title": "Percentage completed",
"type": "integer"
},
"progress_message": {
"description": "More information about progress.",
"title": "Progress message",
"type": "string"
}
},
"title": "Progress status of deployment/undeployment/upgrade",
"type": "object"
}
DeploymentRegistry (type)
{
"additionalProperties": false,
"description": "Template for storing docker registry and helm url.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DeploymentRegistry",
"module_id": "PolicyCloudNative",
"policy_hierarchical_children": [
"ChildDeploymentRegistry"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Helm repo certificate to access locally hosted helm repository",
"required": false,
"title": "Private CA or Self Signed Certificate ID.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"docker_registry": {
"description": "Docker registry url to access docker images.",
"required": true,
"title": "Docker registry url",
"type": "string"
},
"helm_repo": {
"description": "Helm repo url to access helm charts.",
"required": true,
"title": "Helm repo url",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "NSX Application Platform registry template",
"type": "object"
}
DeploymentSpecName (type)
{
"description": "Used to provide the deployment spec for Upgrade.",
"id": "DeploymentSpecName",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"deployment_spec_name": {
"description": "This indicates the deployment spec.",
"readonly": true,
"required": true,
"title": "Deployment Spec Name",
"type": "string"
},
"storage_id": {
"description": "Moref of the datastore in VC.",
"readonly": true,
"required": false,
"title": "Storage Id",
"type": "string"
}
},
"title": "Deployment spec to be used in upgrade",
"type": "object"
}
DeploymentTemplate (type)
{
"description": "Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX.",
"id": "DeploymentTemplate",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"attributes": {
"description": "List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager.",
"items": {
"$ref": "Attribute"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Deployment Template attributes",
"type": "array"
},
"name": {
"description": "Deployment Template name.",
"readonly": false,
"required": false,
"title": "name",
"type": "string"
}
},
"title": "Service Deployment Template",
"type": "object"
}
DeploymentVersionSpec (type)
{
"additionalProperties": false,
"description": "Deployment version with chart name",
"id": "DeploymentVersionSpec",
"module_id": "PolicyCloudNative",
"properties": {
"chart_name": {
"description": "Deployment chart name.",
"title": "Chart name",
"type": "string"
},
"versions": {
"description": "List of deployment versions.",
"title": "Deployment versions",
"type": "string"
}
},
"title": "Deployment version",
"type": "object"
}
DeploymentVersions (type)
{
"additionalProperties": false,
"description": "Different NSX Application Platform deployment versions.",
"id": "DeploymentVersions",
"module_id": "PolicyCloudNative",
"properties": {
"versions": {
"description": "List of deployment versions.",
"items": {
"$ref": "DeploymentVersionSpec"
},
"title": "Deployment versions",
"type": "array"
}
},
"title": "List of deployment versions",
"type": "object"
}
DeploymentZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Logical grouping of enforcement points. This is a deprecated type. DeploymentZone has been renamed to Site. Use Site.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DeploymentZone",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildEnforcementPoint"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_points": {
"items": {
"$ref": "EnforcementPoint"
},
"required": false,
"title": "Logical grouping of enforcement points",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Deployment zone",
"type": "object"
}
DeploymentZoneListRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DeploymentZone list request parameters. This is a deprecated type. DeploymentZone has been renamed to Site. Use SiteListRequestParameters.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "DeploymentZoneListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DeploymentZone list request parameters",
"type": "object"
}
DeploymentZoneListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Paged Collection of Deployment Zones. This is a deprecated type. DeploymentZone has been renamed to Site. Use SiteListResult.",
"extends": {
"$ref": "ListResult"
},
"id": "DeploymentZoneListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DeploymentZone"
},
"required": true,
"title": "Deployment Zones",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Deployment Zones",
"type": "object"
}
DestinationNsxApiEndpoint (type)
{
"additionalProperties": false,
"description": "Details about the destination NSX manager for the migration",
"id": "DestinationNsxApiEndpoint",
"module_id": "Migration",
"properties": {
"destination_nsx_ip": {
"description": "IP address or host name of the destination NSX manager to which the config will be migrated.",
"format": "hostname-or-ip",
"readonly": false,
"required": true,
"title": "Destination NSX IP ddress or host name",
"type": "string"
},
"destination_nsx_password": {
"description": "Valid password for connecting to the destination NSX manager.",
"readonly": false,
"required": false,
"sensitive": true,
"title": "Password for destination NSX manager",
"type": "secure_string"
},
"destination_nsx_port": {
"default": 443,
"description": "Destination NSX manager port that will be used to apply details.",
"readonly": false,
"required": false,
"title": "Destination NSX manager port",
"type": "int"
},
"destination_nsx_username": {
"description": "Valid username for connecting to the destination NSX manager.",
"readonly": false,
"required": false,
"title": "Username for destination NSX manager",
"type": "string"
}
},
"title": "Destination NSX manager details",
"type": "object"
}
DetachClusterParameters (type)
{
"id": "DetachClusterParameters",
"module_id": "ClusterBootManager",
"properties": {
"force": {
"enum": [
"true",
"false"
],
"type": "string"
},
"graceful-shutdown": {
"default": "false",
"enum": [
"true",
"false"
],
"required": false,
"type": "string"
},
"ignore-repository-ip-check": {
"default": "false",
"enum": [
"true",
"false"
],
"required": false,
"type": "string"
}
},
"type": "object"
}
DfwDropCounters (type)
{
"id": "DfwDropCounters",
"module_id": "AggSvcL2Types",
"properties": {
"rx_dropped": {
"description": "The number of received packets dropped by distributed firewall rules due to rule actions.",
"required": false,
"title": "Number of received packets dropped by firewall",
"type": "integer"
},
"tx_dropped": {
"description": "The number of sent packets dropped by distributed firewall rules due to rule actions.",
"required": false,
"title": "Number of sent packets dropped by firewall",
"type": "integer"
}
},
"type": "object"
}
DfwFirewallConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FirewallConfiguration"
},
"id": "DfwFirewallConfiguration",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildIdsSettings",
"ChildPolicyExcludeList"
],
"polymorphic-type-descriptor": {
"type-identifier": "DfwFirewallConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disable_auto_drafts": {
"default": false,
"description": "To deactivate auto drafts, set it to true. By default, auto drafts are enabled.",
"title": "Auto draft deactivate flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_firewall": {
"default": true,
"description": "If set to true, Firewall is enabled.",
"title": "Firewall enable flag",
"type": "boolean"
},
"global_addrset_mode_enabled": {
"default": true,
"description": "When this flag is set to true, global address set is enabled in Distributed Firewall.",
"title": "A flag to indicate if global address set is enabled in DFW",
"type": "boolean"
},
"global_macset_optimization_mode_enabled": {
"default": false,
"description": "MACSet optimization is turned on when this flag is set to true. By default it is set to false.",
"title": "Global MACSet Optimization Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idfw_enabled": {
"default": false,
"description": "If set to true, identity firewall is enabled.",
"title": "Identity firewall enable flag",
"type": "boolean"
},
"idfw_event_log_scraper_enabled": {
"default": false,
"description": "Enables event log scraping for Identity firewall.",
"title": "Enable event log scraping",
"type": "boolean"
},
"idfw_loginsight_enabled": {
"default": false,
"description": "If set to true, collection of login/logout events from Loginsight server is enabled.",
"title": "Enable Loginsight server for Identity Firewall",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"DfwFirewallConfiguration"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DFW Firewall related configurations",
"type": "object"
}
DfwHeapMemoryUsage (type)
{
"additionalProperties": false,
"description": "Distributed Firewall heap memory utilization.",
"id": "DfwHeapMemoryUsage",
"module_id": "ApplianceStats",
"properties": {
"description": {
"description": "Description of the DFW module.",
"readonly": true,
"title": "Description of the DFW module",
"type": "string"
},
"ever_time": {
"description": "Time duration when last peak ever was observed for specific heap.",
"readonly": true,
"title": "Ever time for specific heap",
"type": "string"
},
"name": {
"description": "Name of the DFW heap on specified host.",
"readonly": true,
"title": "Name of the DFW module",
"type": "string"
},
"peak_ever": {
"description": "Number of times peak threshold reached for specific heap.",
"readonly": true,
"title": "Peak ever for specific heap",
"type": "number"
},
"total_mb": {
"description": "Total size of heap for the specified heap in mb units.",
"readonly": true,
"title": "Total size of heap for the specified heap in mb units",
"type": "integer"
},
"usage_pct": {
"description": "Percentage of heap utilized for specific heap.",
"readonly": true,
"title": "Percentage of heap utilized for specific heap",
"type": "number"
},
"used_mb": {
"description": "Utilized size of heap for the specified heap in mb units.",
"readonly": true,
"title": "Utilized size of heap for the specified heap in mb units",
"type": "integer"
}
},
"title": "DFW heap memory usage",
"type": "object"
}
DhGroup (type)
{
"additionalProperties": false,
"description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1048-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit Random Elliptic Curve (ECP) group. GROUP20 uses 384-bit Random ECP group. GROUP21 uses 521-bit Random ECP group.",
"enum": [
"GROUP2",
"GROUP5",
"GROUP14",
"GROUP15",
"GROUP16",
"GROUP19",
"GROUP20",
"GROUP21"
],
"id": "DhGroup",
"module_id": "PolicyVpnIPSecVpn",
"title": "Diffie-Hellman groups",
"type": "string"
}
DhcpConfig (type)
{
"description": "DHCP config. This dhcp configuration can be overriden per subnet.",
"id": "DhcpConfig",
"module_id": "PolicyVpc",
"properties": {
"dhcp_relay_config_path": {
"description": "Policy path of DHCP-relay-config. If configured then all the subnets will be configured with the DHCP relay server. If not specified, then the local DHCP server will be configured for all connected subnets.",
"required": false,
"title": "DHCP relay config path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"dns_client_config": {
"$ref": "DnsClientConfig",
"description": "Dns configuration",
"required": false,
"title": "Dns client configuration"
},
"enable_dhcp": {
"description": "If activated, the DHCP server will be configured based on IP address type. If deactivated then neither DHCP server nor relay shall be configured.",
"required": false,
"title": "Activate or Deactivate DHCP",
"type": "boolean"
}
},
"title": "DHCP configuration",
"type": "object"
}
DhcpDeleteLeaseRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "DhcpDeleteLeaseRequestParameters",
"module_id": "Dhcp",
"properties": {
"ip": {
"$ref": "IPAddress",
"required": true
},
"mac": {
"$ref": "MACAddress",
"required": true
}
},
"type": "object"
}
DhcpDeleteLeases (type)
{
"additionalProperties": false,
"id": "DhcpDeleteLeases",
"module_id": "PolicyConnectivity",
"properties": {
"leases": {
"items": {
"$ref": "DhcpDeleteLeaseRequestParameters"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "List of DHCP leases",
"type": "array"
}
},
"title": "List of DHCP leases to be deleted",
"type": "object"
}
DhcpFilter (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpFilter",
"module_id": "SwitchSecuritySwitchingProfile",
"properties": {
"client_block_enabled": {
"readonly": false,
"required": true,
"title": "Indicates whether DHCP client blocking is enabled",
"type": "boolean"
},
"server_block_enabled": {
"readonly": false,
"required": true,
"title": "Indicates whether DHCP server blocking is enabled",
"type": "boolean"
},
"v6_client_block_enabled": {
"default": false,
"readonly": false,
"required": false,
"title": "Indiactes whether DHCP v6 client blocking is enabled",
"type": "boolean"
},
"v6_server_block_enabled": {
"default": false,
"readonly": false,
"required": false,
"title": "Indiactes whether DHCP V6 server blocking is enabled",
"type": "boolean"
}
},
"title": "DHCP filtering configuration",
"type": "object"
}
DhcpHeader (type)
{
"additionalProperties": false,
"id": "DhcpHeader",
"module_id": "Traceflow",
"properties": {
"op_code": {
"default": "BOOTREQUEST",
"description": "This is used to specify the general type of message. A client sending request to a server uses an op code of BOOTREQUEST, while a server replying uses an op code of BOOTREPLY.",
"enum": [
"BOOTREQUEST",
"BOOTREPLY"
],
"required": false,
"title": "Message op code / message type",
"type": "string"
}
},
"type": "object"
}
DhcpIpPool (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP ip-pool to define dynamic ip allocation ranges.",
"extends": {
"$ref": "IpAllocationBase"
},
"id": "DhcpIpPool",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_ranges": {
"description": "Ip-ranges to define dynamic ip allocation ranges.",
"items": {
"$ref": "IpPoolRange"
},
"required": true,
"title": "Ip-ranges",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error_threshold": {
"default": 100,
"description": "Error threshold. Alert will be raised if the pool usage reaches the given threshold.",
"maximum": 100,
"minimum": 80,
"required": false,
"title": "Error threshold, valid [80-100], default 100",
"type": "integer"
},
"gateway_ip": {
"$ref": "IPAddress",
"description": "Gateway ip address of the allocation.",
"required": false,
"title": "Gateway ip"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds, [60-(2^32-1)]. Default is 86400.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"options": {
"$ref": "DhcpOptions",
"description": "If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.",
"required": false,
"title": "DHCP options"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"warning_threshold": {
"default": 80,
"description": "Warning threshold. Alert will be raised if the pool usage reaches the given threshold.",
"maximum": 80,
"minimum": 50,
"required": false,
"title": "Warning threshold, valid [50-80], default 80",
"type": "integer"
}
},
"title": "DHCP ip-pool",
"type": "object"
}
DhcpIpPoolListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP ip pools.",
"extends": {
"$ref": "ListResult"
},
"id": "DhcpIpPoolListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DHCP ip pools.",
"items": {
"$ref": "DhcpIpPool"
},
"required": true,
"title": "Paginated list of DHCP ip pools",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP ip pools",
"type": "object"
}
DhcpIpPoolUsage (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpIpPoolUsage",
"module_id": "AggSvcDhcp",
"properties": {
"allocated_number": {
"required": false,
"title": "allocated number. COULD BE INACCURATE, REFERENCE ONLY.",
"type": "integer"
},
"allocated_percentage": {
"required": false,
"title": "allocated percentage. COULD BE INACCURATE, REFERENCE ONLY.",
"type": "integer"
},
"consumed_number": {
"description": "The consumed number is intended to display the total number of IP addresses consumed by DHCP clients. However, it may not always reflect an accurate count due to the asynchronous running DHCP data path.",
"required": false,
"title": "Consumed Number",
"type": "integer"
},
"dhcp_ip_pool_id": {
"required": false,
"title": "uuid of dhcp ip pool",
"type": "string"
},
"pool_size": {
"required": false,
"title": "pool size",
"type": "integer"
}
},
"type": "object"
}
DhcpLeasePerIP (type)
{
"id": "DhcpLeasePerIP",
"module_id": "AggSvcDhcp",
"properties": {
"expire_time": {
"required": false,
"title": "expire time of the lease",
"type": "string"
},
"ip_address": {
"required": true,
"title": "ip address of client",
"type": "string"
},
"lease_time": {
"required": false,
"title": "lease time of the ip address, in seconds",
"type": "string"
},
"mac_address": {
"required": true,
"title": "mac address of client",
"type": "string"
},
"start_time": {
"required": true,
"title": "start time of lease",
"type": "string"
},
"subnet": {
"required": false,
"title": "subnet of client network",
"type": "string"
}
},
"type": "object"
}
DhcpLeaseRequestParameters (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "DataSourceParameters"
},
"id": "DhcpLeaseRequestParameters",
"module_id": "AggSvcDhcp",
"properties": {
"address": {
"required": false,
"title": "can be an ip address, or an ip range, or a mac address",
"type": "string"
},
"pool_id": {
"required": false,
"title": "The uuid of dhcp ip pool",
"type": "string"
},
"source": {
"$ref": "DataSourceType",
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"type": "object"
}
DhcpLeases (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "DhcpLeases",
"module_id": "AggSvcDhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"dhcp_server_id": {
"required": false,
"title": "dhcp server uuid",
"type": "string"
},
"ipv6_leases": {
"items": {
"$ref": "DhcpV6Lease"
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The ipv6 lease info list of the server",
"type": "array"
},
"leases": {
"items": {
"$ref": "DhcpLeasePerIP"
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The lease info list of the server",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"required": false,
"title": "timestamp of the lease info"
}
},
"type": "object"
}
DhcpLeasesResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpLeases"
},
"id": "DhcpLeasesResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"connectivity_path": {
"description": "Policy path to Segment, Tier0 or Tier1 gateway where DHCP server is attached.",
"required": false,
"title": "Policy path to Segment, Tier0 or Tier1 gateway",
"type": "string"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"dhcp_server_id": {
"required": false,
"title": "dhcp server uuid",
"type": "string"
},
"ipv6_leases": {
"items": {
"$ref": "DhcpV6Lease"
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The ipv6 lease info list of the server",
"type": "array"
},
"leases": {
"items": {
"$ref": "DhcpLeasePerIP"
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The lease info list of the server",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"required": false,
"title": "timestamp of the lease info"
}
},
"type": "object"
}
DhcpOption121 (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP option 121 to define classless static route.",
"id": "DhcpOption121",
"module_id": "Dhcp",
"properties": {
"static_routes": {
"description": "Classless static route of DHCP option 121.",
"items": {
"$ref": "ClasslessStaticRoute"
},
"maxItems": 27,
"minItems": 1,
"required": true,
"title": "DHCP classless static routes",
"type": "array"
}
},
"title": "DHCP option 121",
"type": "object"
}
DhcpOptions (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Define DHCP options of the DHCP service.",
"id": "DhcpOptions",
"module_id": "Dhcp",
"properties": {
"option121": {
"$ref": "DhcpOption121",
"description": "DHCP option 121 to define classless static routes. Once Option 121 was defined, Option 249 will be auto-generated because they are equivalent.",
"required": false,
"title": "Option 121"
},
"others": {
"customValidation": {
"OPTION_117_NAME_SERVICE_SEARCH": {
"allowedValues": [
0,
6,
41,
44,
65
],
"code": 117,
"maxItems": 5,
"validator": "exact_match"
},
"OPTION_13_BOOT_FILE_SIZE": {
"code": 13,
"maxItems": 1,
"maximum": 65535,
"minimum": 1,
"validator": "range"
},
"OPTION_150_TFTP_SERVER_ADDRESSES": {
"code": 150,
"maxItems": 10,
"validator": "ip_address"
},
"OPTION_19_IP_FORWARDING_ENABLED": {
"allowedValues": [
0,
1
],
"code": 19,
"maxItems": 1,
"validator": "exact_match"
},
"OPTION_209_PXE_CONFIG_FILE": {
"code": 209,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_210_PATH_PREFIX": {
"code": 210,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_211_REBOOT_TIME": {
"code": 211,
"maxItems": 1,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"OPTION_26_MTU": {
"code": 26,
"maxItems": 1,
"maximum": 65535,
"minimum": 68,
"validator": "range"
},
"OPTION_28_BROADCAST_ADDRESS": {
"code": 28,
"maxItems": 1,
"validator": "ip_address"
},
"OPTION_2_TIME_OFFSET": {
"code": 2,
"maxItems": 1,
"maximum": 43200,
"minimum": -43200,
"validator": "range"
},
"OPTION_35_ARP_CACHE_TIMEOUT": {
"code": 35,
"maxItems": 1,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"OPTION_40_NIS_DOMAIN_NAME": {
"code": 40,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_41_NIS_SERVERS": {
"code": 41,
"maxItems": 10,
"validator": "ip_address"
},
"OPTION_42_NTP_SERVERS": {
"code": 42,
"maxItems": 10,
"validator": "ip_address"
},
"OPTION_44_NETBIOS_SERVERS": {
"code": 44,
"maxItems": 10,
"validator": "ip_address"
},
"OPTION_45_NETBIOS_DIST_SERVERS": {
"code": 45,
"maxItems": 10,
"validator": "ip_address"
},
"OPTION_46_NETBIOS_NODE_TYPE": {
"allowedValues": [
1,
2,
4,
8
],
"code": 46,
"maxItems": 4,
"validator": "exact_match"
},
"OPTION_47_NETBIOS_SCOPE": {
"code": 47,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_58_RENEW_TIME": {
"code": 58,
"maxItems": 1,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"OPTION_59_REBINDING_TIME": {
"code": 59,
"maxItems": 1,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"OPTION_65_NIS_SERVER_ADDRESSES": {
"code": 65,
"maxItems": 10,
"validator": "ip_address"
},
"OPTION_66_TFTFP_SERVER_NAME": {
"code": 66,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_67_PXE_BOOT_FILE": {
"code": 67,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_6_DNS_SERVERS": {
"code": 6,
"maxItems": 2,
"validator": "ip_address"
},
"key": "code",
"keyType": "int",
"namespace": "GenericDhcpOptionOther"
},
"description": "To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. Option code 3, 6, 12, 51 should be configured as properties. -------------------------- Code Name -------------------------- 2 Time Offset 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time",
"items": {
"$ref": "GenericDhcpOption"
},
"maxItems": 255,
"minItems": 0,
"required": false,
"title": "Generic DHCP options other than option 121",
"type": "array"
}
},
"title": "DHCP options",
"type": "object"
}
DhcpProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP profile to specify edge cluster and members on which the dhcp server will run. A DhcpProfile can be referenced by different logical DHCP servers.",
"extends": {
"$ref": "ManagedResource"
},
"id": "DhcpProfile",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_id": {
"description": "Edge cluster uuid on which the referencing logical DHCP server runs.",
"required": true,
"title": "Edge cluster uuid",
"type": "string"
},
"edge_cluster_member_indexes": {
"description": "The Edge nodes on which the DHCP servers run. If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster. If only one edge node is provided, the DHCP servers will run without HA support.",
"items": {
"type": "integer"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "Edge node indexes",
"type": "array",
"uniqueItems": true
},
"enable_standby_relocation": {
"default": false,
"description": "Flag to enable the auto-relocation of standby DHCP Service in case of edge node failure. Only tier 1 and auto placed DHCP servers are considered for the relocation.",
"required": false,
"title": "Flag to enable standby DHCP server relocation",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "DHCP profile to specify edge cluster and members",
"type": "object"
}
DhcpProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP profiles.",
"extends": {
"$ref": "ListResult"
},
"id": "DhcpProfileListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of logical DHCP profiles.",
"items": {
"$ref": "DhcpProfile"
},
"required": true,
"title": "Paginated list of DHCP profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP profiles",
"type": "object"
}
DhcpRelayConfig (type)
{
"additionalProperties": false,
"description": "DHCP relay configuration. Please note, the realized-state of this entity returned by the \"GET /policy/api/v1/infra/realized-state/realized-entity\" with this entity policy-path is irrelevant with the application status of this entity. Please do not rely on this returned realized-state to determine how this dhcp-relay-config was applied. The dhcp realization information was reflected in the realization states of the referencing Segment or T0/T1 gateway.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DhcpRelayConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_addresses": {
"description": "DHCP server IP addresses for DHCP relay configuration. Both IPv4 and IPv6 addresses are supported.",
"items": {
"$ref": "IPAddress"
},
"maxItems": 8,
"required": true,
"title": "DHCP relay addresses",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP relay configuration",
"type": "object"
}
DhcpRelayConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DhcpRelayConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpRelayConfig"
},
"required": true,
"title": "DhcpRelayConfig results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DhcpRelayConfigs",
"type": "object"
}
DhcpRelayProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "DhcpRelayProfile",
"module_id": "DhcpRelay",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_addresses": {
"items": {
"$ref": "IPAddress"
},
"required": true,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DhcpRelayProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult"
},
"id": "DhcpRelayProfileListResult",
"module_id": "DhcpRelay",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpRelayProfile"
},
"required": true,
"title": "Dhcp relay profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DhcpRelayService (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "DhcpRelayService",
"module_id": "DhcpRelay",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_profile_id": {
"required": true,
"title": "dhcp relay profile referenced by the dhcp relay service",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DhcpRelayServiceListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult"
},
"id": "DhcpRelayServiceListResult",
"module_id": "DhcpRelay",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpRelayService"
},
"required": true,
"title": "Dhcp relay service list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DhcpServerAdditionalConfig (type)
{
"additionalProperties": false,
"description": "Additional DHCP server config for VPC subnet. The additional configuration must be cleared when the subnet has DHCP relay enabled or DHCP is deactivated.",
"id": "DhcpServerAdditionalConfig",
"module_id": "PolicyVpcSubnet",
"properties": {
"options": {
"$ref": "DhcpV4Options",
"description": "IPv4 DHCP options for VPC subnet.",
"required": false,
"title": "DHCP options"
},
"reserved_ip_ranges": {
"description": "Specifies IP ranges that are reserved and excluded from being assigned by the DHCP server to clients. These reserved IPs must not overlap with system-reserved addresses, including the gateway IP, network IP, DHCP server IP, and broadcast IP, and they must belong to the defined subnet CIDR. The reserved IPs can be provided as either a single IP address or an IP address range. Only IPv4 addresses are supported. Supported formats include: [\"192.168.1.1\", \"192.168.1.3-192.168.1.100\"]",
"items": {
"type": "string"
},
"maxItems": 10,
"required": false,
"title": "Reserved ip ranges",
"type": "array"
}
},
"title": "Additional DHCP server config.",
"type": "object"
}
DhcpServerConfig (type)
{
"additionalProperties": false,
"description": "DHCP server configuration. Please note, the realized-state of this entity returned by the \"GET /policy/api/v1/infra/realized-state/realized-entity\" with this entity policy-path is irrelevant with the application status of this entity. Please do not rely on this returned realized-state to determine how this dhcp-server-config was applied. The dhcp realization information was reflected in the realization states of the referencing Segment or T0/T1 gateway.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DhcpServerConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_path": {
"description": "The reference to the edge cluster using the policy path of the edge cluster. Auto assigned if only one edge cluster is configured on enforcement-point. Modifying edge cluster will reallocate DHCP server to the new edge cluster. Please note that re-allocating edge-cluster will result in losing of all exisitng DHCP lease information. Change edge cluster only when losing DHCP leases is not a real problem, e.g. cross-site migration or failover and all client hosts will be reboot and get new IP addresses.",
"required": false,
"title": "Edge cluster path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"DhcpServerConfig"
],
"relationshipType": "_UNOPTIMIZED_RELATIONSHIP_",
"rightType": [
"PolicyEdgeCluster"
]
}
]
},
"enable_standby_relocation": {
"default": false,
"description": "If no \"preferred-edge-paths\" were defined, and the \"enable-standby-relocation\"=true, once a new edge-node was added to the edge-cluster, the stand-by node of the DHCP could possibly be moved to another edge-node. But there is no guarantee that the stand-by will be moved. Please note, if the dhcp-server-config was applied to a gateway, and this gateway has defined its own edge-cluster and preferred edge-nodes, then the edge-cluster and nodes defined in dhcp-server-config will be ignored.",
"required": false,
"title": "Stand-By Relocation",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"deprecated": true,
"description": "IP address lease time in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "IP address lease time in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_edge_paths": {
"description": "Policy paths to edge nodes on which the DHCP servers run. The first edge node is assigned as active edge, and second one as stanby edge. If only one edge node is specified, the DHCP servers will run without HA support. When this property is not specified, edge nodes are auto-assigned during realization of the DHCP server.",
"items": {
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "Edge node path",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_address": {
"deprecated": true,
"description": "DHCP server address in CIDR format. Prefix length should be less than or equal to 30. DHCP server is deployed as DHCP relay service. This property is deprecated, use server_addresses instead. Both properties cannot be specified together with different new values.",
"format": "ip-cidr-block",
"required": false,
"title": "DHCP server address in CIDR format",
"type": "string"
},
"server_addresses": {
"description": "DHCP server address in CIDR format. Both IPv4 and IPv6 address families are supported. Prefix length should be less than or equal to 30 for IPv4 address family and less than or equal to 126 for IPv6. When not specified, IPv4 value is auto-assigned to 100.96.0.1/30. Ignored when this object is configured at a Segment.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "DHCP server address in CIDR format",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP server configuration",
"type": "object"
}
DhcpServerConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DhcpServerConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpServerConfig"
},
"required": true,
"title": "DhcpServerConfig results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DhcpServerConfigs",
"type": "object"
}
DhcpServerLeaseRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpServerRequestParameters"
},
"id": "DhcpServerLeaseRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"address": {
"description": "IP address, IP range or MAC address to retrieve specific lease information. Either a \"address\" or a \"segment_path\" can be provided, but not both in the same call.",
"required": false,
"title": "IP or MAC address",
"type": "string"
},
"connectivity_path": {
"description": "String Path of Tier0, Tier1 or Segment where DHCP server is deployed. Specify Tier0/Tier1 gateway path for DHCP server attached to the gateway. Segment path must be specified for local DHCP server configuration.",
"required": true,
"title": "String Path of Tier0, Tier1 or Segment",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path. Required when multiple enforcement points are configured.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"segment_path": {
"description": "Segment path to retrieve lease information. Either a \"address\" or a \"segment_path\" can be provided, but not both in the same call.",
"required": false,
"title": "Segment path to retrieve lease information",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType",
"description": "The data source, either realtime or cached. If not provided, cached data is returned.",
"required": false,
"title": "The data source"
}
},
"title": "DHCP server lease request parameters",
"type": "object"
}
DhcpServerRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "DhcpServerRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"connectivity_path": {
"description": "String Path of Tier0, Tier1 or Segment where DHCP server is deployed. Specify Tier0/Tier1 gateway path for DHCP server attached to the gateway. Segment path must be specified for local DHCP server configuration.",
"required": true,
"title": "String Path of Tier0, Tier1 or Segment",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path. Required when multiple enforcement points are configured.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DHCP server list request parameters",
"type": "object"
}
DhcpServerState (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ConfigurationState"
},
"id": "DhcpServerState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
DhcpServerStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpStatistics"
},
"id": "DhcpServerStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"acks": {
"required": false,
"title": "The total number of DHCP ACK packets",
"type": "integer"
},
"declines": {
"required": false,
"title": "The total number of DHCP DECLINE packets",
"type": "integer"
},
"dhcp_server_id": {
"required": false,
"title": "dhcp server uuid",
"type": "string"
},
"discovers": {
"required": false,
"title": "The total number of DHCP DISCOVER packets",
"type": "integer"
},
"errors": {
"required": false,
"title": "The total number of DHCP errors",
"type": "integer"
},
"informs": {
"required": false,
"title": "The total number of DHCP INFORM packets",
"type": "integer"
},
"ip_pool_stats": {
"items": {
"$ref": "DhcpIpPoolUsage"
},
"required": false,
"title": "The DHCP ip pool usage statistics",
"type": "array"
},
"nacks": {
"required": false,
"title": "The total number of DHCP NACK packets",
"type": "integer"
},
"offers": {
"required": false,
"title": "The total number of DHCP OFFER packets",
"type": "integer"
},
"releases": {
"required": false,
"title": "The total number of DHCP RELEASE packets",
"type": "integer"
},
"requests": {
"required": false,
"title": "The total number of DHCP REQUEST packets",
"type": "integer"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"required": false,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
DhcpServerStatus (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpServerStatus",
"module_id": "AggSvcDhcp",
"properties": {
"active_node": {
"required": false,
"title": "uuid of active transport node",
"type": "string"
},
"error_message": {
"required": false,
"title": "Error message, if available",
"type": "string"
},
"service_status": {
"description": "UP means the dhcp service is working fine on both active transport-node and stand-by transport-node (if have), hence fail-over can work at this time if there is failure happens on one of the transport-node; DOWN means the dhcp service is down on both active transport-node and stand-by node (if have), hence the dhcp-service will not repsonse any dhcp request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The dhcp service may be working (or not working); NO_STANDBY means dhcp service is working in one of the transport node while not in the other transport-node (if have). Hence if the dhcp service in the working transport-node is down, fail-over will not happen and the dhcp service will go down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_STANDBY"
],
"required": false,
"type": "string"
},
"stand_by_node": {
"required": false,
"title": "uuid of stand_by transport node. null if non-HA mode",
"type": "string"
}
},
"type": "object"
}
DhcpStaticBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP static binding to define a static ip allocation.",
"extends": {
"$ref": "IpAllocationBase"
},
"id": "DhcpStaticBinding",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"gateway_ip": {
"$ref": "IPAddress",
"description": "Gateway ip address of the allocation.",
"required": false,
"title": "Gateway ip"
},
"host_name": {
"description": "The host name to be assigned to the host.",
"format": "hostname",
"required": false,
"title": "Host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress",
"description": "The ip address to be assigned to the host.",
"required": true,
"title": "Ip address"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds, [60-(2^32-1)]. Default is 86400.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress",
"description": "The MAC address of the host.",
"required": true,
"title": "MAC address"
},
"options": {
"$ref": "DhcpOptions",
"description": "If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.",
"required": false,
"title": "DHCP options"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "DHCP static binding",
"type": "object"
}
DhcpStaticBindingConfig (type)
{
"abstract": true,
"additionalProperties": false,
"description": "DHCP IPv4 and IPv6 static bindings are extended from this abstract class.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DhcpStaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DhcpStaticBindingConfig",
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for DHCP options",
"type": "object"
}
DhcpStaticBindingConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DhcpStaticBindingConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpStaticBindingConfig"
},
"required": true,
"title": "Paginated list of DhcpStaticBindingConfig",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DhcpStaticBindingListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP static bindings.",
"extends": {
"$ref": "ListResult"
},
"id": "DhcpStaticBindingListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DHCP static bindings.",
"items": {
"$ref": "DhcpStaticBinding"
},
"required": true,
"title": "Paginated list of DHCP static bindings",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP static bindings",
"type": "object"
}
DhcpStaticBindingState (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ConfigurationState"
},
"id": "DhcpStaticBindingState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
DhcpStatistics (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpStatistics",
"module_id": "AggSvcDhcp",
"properties": {
"acks": {
"required": false,
"title": "The total number of DHCP ACK packets",
"type": "integer"
},
"declines": {
"required": false,
"title": "The total number of DHCP DECLINE packets",
"type": "integer"
},
"dhcp_server_id": {
"required": false,
"title": "dhcp server uuid",
"type": "string"
},
"discovers": {
"required": false,
"title": "The total number of DHCP DISCOVER packets",
"type": "integer"
},
"errors": {
"required": false,
"title": "The total number of DHCP errors",
"type": "integer"
},
"informs": {
"required": false,
"title": "The total number of DHCP INFORM packets",
"type": "integer"
},
"ip_pool_stats": {
"items": {
"$ref": "DhcpIpPoolUsage"
},
"required": false,
"title": "The DHCP ip pool usage statistics",
"type": "array"
},
"nacks": {
"required": false,
"title": "The total number of DHCP NACK packets",
"type": "integer"
},
"offers": {
"required": false,
"title": "The total number of DHCP OFFER packets",
"type": "integer"
},
"releases": {
"required": false,
"title": "The total number of DHCP RELEASE packets",
"type": "integer"
},
"requests": {
"required": false,
"title": "The total number of DHCP REQUEST packets",
"type": "integer"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"required": false,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
DhcpV4Options (type)
{
"additionalProperties": false,
"description": "DHCP options for IPv4 server.",
"id": "DhcpV4Options",
"module_id": "PolicyConnectivity",
"properties": {
"option121": {
"$ref": "DhcpOption121",
"description": "DHCP option 121 to define classless static routes.",
"required": false,
"title": "DHCP option 121"
},
"others": {
"description": "To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. Option code 3, 6, 12, 51 should be configured as properties. -------------------------- Code Name -------------------------- 2 Time Offset 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time",
"items": {
"$ref": "GenericDhcpOption"
},
"maxItems": 255,
"minItems": 0,
"required": false,
"title": "Other DHCP options",
"type": "array"
}
},
"title": "DHCP options for IPv4 address family",
"type": "object"
}
DhcpV4StaticBindingConfig (type)
{
"additionalProperties": false,
"description": "DHCP IPv4 static bindings are configured for each segment.",
"extends": {
"$ref": "DhcpStaticBindingConfig"
},
"id": "DhcpV4StaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "DhcpV4StaticBindingConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"gateway_address": {
"$ref": "IPv4Address",
"description": "When not specified, gateway address is auto-assigned from segment configuration.",
"title": "Gateway IP address"
},
"host_name": {
"description": "Hostname to assign to the host.",
"maxLength": 63,
"title": "Host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPv4Address",
"description": "IP assigned to host. The IP address must belong to the subnet, if any, configured on Segment.",
"required": true,
"title": "IP assigned to host"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds.",
"maximum": 4294967295,
"minimum": 60,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress",
"description": "MAC address of the host.",
"required": true,
"title": "MAC address of host"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"options": {
"$ref": "DhcpV4Options",
"description": "IPv4 DHCP options.",
"required": false,
"title": "DHCP options"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DhcpStaticBindingConfig",
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP static binding",
"type": "object"
}
DhcpV6InfoBase (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Base type of IPv6 ip-allocation extended by ip-pool and static-binding.",
"extends": {
"$ref": "ManagedResource"
},
"id": "DhcpV6InfoBase",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_names": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server ips.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base type of IPv6 ip-allocation",
"type": "object"
}
DhcpV6IpPool (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP IPv6 ip pool to define dynamic ip allocation ranges. The DhcpV6IpPool would only provide stateless DHCP (domain search list, DNS servers, SNTP servers) to client if both the ranges and excluded_ranges are not specified.",
"extends": {
"$ref": "DhcpV6InfoBase"
},
"id": "DhcpV6IpPool",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_names": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"excluded_ranges": {
"description": "Excluded addresses to define dynamic ip allocation ranges.",
"items": {
"$ref": "IpPoolRange"
},
"maxItems": 128,
"minItems": 0,
"required": false,
"title": "Excluded range of IPv6 addresses",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"ranges": {
"description": "Ip address ranges to define dynamic ip allocation ranges.",
"items": {
"$ref": "IpPoolRange"
},
"maxItems": 128,
"minItems": 0,
"required": false,
"title": "Ip address ranges",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server ips.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "DHCP IPv6 ip pool",
"type": "object"
}
DhcpV6IpPoolListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP IPv6 ip pools.",
"extends": {
"$ref": "ListResult"
},
"id": "DhcpV6IpPoolListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DHCP IPv6 ip pools.",
"items": {
"$ref": "DhcpV6IpPool"
},
"required": false,
"title": "Paginated list of DHCP IPv6 ip pools",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP IPv6 ip pools",
"type": "object"
}
DhcpV6Lease (type)
{
"id": "DhcpV6Lease",
"module_id": "AggSvcDhcp",
"properties": {
"duid": {
"required": true,
"title": "DHCP unique identifier",
"type": "string"
},
"expire_time": {
"required": false,
"title": "expire time of the lease",
"type": "string"
},
"ia_type": {
"enum": [
"IA_INVALID",
"IA_NA",
"IA_TA",
"IA_PD"
],
"required": true,
"title": "identity association type",
"type": "string"
},
"iaid": {
"required": true,
"title": "An identifier for an IA",
"type": "integer"
},
"ip_addresses": {
"items": {
"type": "string"
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "ip addresses of client",
"type": "array"
},
"lease_time": {
"required": false,
"title": "lease time of the ip address, in seconds",
"type": "string"
},
"start_time": {
"required": true,
"title": "start time of lease",
"type": "string"
}
},
"type": "object"
}
DhcpV6StaticBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP IPv6 static binding to define a static ip allocation.",
"extends": {
"$ref": "DhcpV6InfoBase"
},
"id": "DhcpV6StaticBinding",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_names": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "When not specified, no ip address will be assigned to client host.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "Ip address list",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress",
"description": "The MAC address of the host. Either client-duid or mac-address, but not both.",
"required": false,
"title": "MAC address"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server ips.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "DHCP IPv6 static binding",
"type": "object"
}
DhcpV6StaticBindingConfig (type)
{
"additionalProperties": false,
"description": "DHCP IPv6 static bindings are configured for each segment.",
"extends": {
"$ref": "DhcpStaticBindingConfig"
},
"id": "DhcpV6StaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "DhcpV6StaticBindingConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "When not specified, no DNS nameserver will be set to client host.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS nameservers to be set to client host",
"type": "array"
},
"domain_names": {
"description": "When not specified, no domain name will be assigned to client host.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain names to be assigned to client host",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "When not specified, no ip address will be assigned to client host.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "IP addresses to be assigned to client host",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress",
"description": "The MAC address of the client host. Either client-duid or mac-address, but not both.",
"required": true,
"title": "MAC address"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DhcpStaticBindingConfig",
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server IP addresses.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP static binding",
"type": "object"
}
DhcpV6StaticBindingListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP IPv6 static bindings.",
"extends": {
"$ref": "ListResult"
},
"id": "DhcpV6StaticBindingListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DHCP IPv6 static bindings.",
"items": {
"$ref": "DhcpV6StaticBinding"
},
"required": false,
"title": "Paginated list of DHCP IPv6 static bindings",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP IPv6 static bindings",
"type": "object"
}
Dhcpv4 (type)
{
"description": "This type can be specified in ip assignment spec, which is desired for DHCPv4 allocated IP.",
"extends": {
"$ref": "PolicyIpAssignmentSpec"
},
"id": "Dhcpv4",
"module_id": "PolicyEdgeTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "Dhcpv4"
},
"properties": {
"ip_assignment_type": {
"enum": [
"StaticIpv4",
"StaticIpv4Pool",
"StaticIpv4List",
"Dhcpv4",
"StaticIpv6",
"StaticIpv6Pool",
"StaticIpv6List",
"StaticIpv6MacList",
"StaticIpv4MacList",
"Dhcpv6",
"AutoConf",
"NoAssignment"
],
"required": true,
"type": "string"
}
},
"title": "DHCP based IPv4 assignment.",
"type": "object"
}
Dhcpv6 (type)
{
"description": "This type can be specified in ip assignment spec, which is desired for DHCPv6 allocated IP.",
"extends": {
"$ref": "PolicyIpAssignmentSpec"
},
"id": "Dhcpv6",
"module_id": "PolicyEdgeTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "Dhcpv6"
},
"properties": {
"ip_assignment_type": {
"enum": [
"StaticIpv4",
"StaticIpv4Pool",
"StaticIpv4List",
"Dhcpv4",
"StaticIpv6",
"StaticIpv6Pool",
"StaticIpv6List",
"StaticIpv6MacList",
"StaticIpv4MacList",
"Dhcpv6",
"AutoConf",
"NoAssignment"
],
"required": true,
"type": "string"
}
},
"title": "DHCP based IPv6 assignment.",
"type": "object"
}
Dhcpv6Header (type)
{
"additionalProperties": false,
"id": "Dhcpv6Header",
"module_id": "Traceflow",
"properties": {
"msg_type": {
"default": "SOLICIT",
"description": "This is used to specify the DHCP v6 message. To request the assignment of one or more IPv6 addresses, a client first locates a DHCP server and then requests the assignment of addresses and other configuration information from the server. The client sends a Solicit message to the All_DHCP_Relay_Agents_and_Servers address to find available DHCP servers. Any server that can meet the client's requirements responds with an Advertise message. The client then chooses one of the servers and sends a Request message to the server asking for confirmed assignment of addresses and other configuration information. The server responds with a Reply message that contains the confirmed addresses and configuration. SOLICIT - A client sends a Solicit message to locate servers. ADVERTISE - A server sends and Advertise message to indicate that it is available. REQUEST - A client sends a Request message to request configuration parameters. REPLY - A server sends a Reply message containing assigned addresses and configuration parameters.",
"enum": [
"SOLICIT",
"ADVERTISE",
"REQUEST",
"REPLY"
],
"required": false,
"title": "DHCP message type",
"type": "string"
}
},
"type": "object"
}
DirectionType (type) (Deprecated)
{
"default": "BIDIRECTIONAL",
"deprecated": true,
"enum": [
"INGRESS",
"EGRESS",
"BIDIRECTIONAL"
],
"id": "DirectionType",
"module_id": "PortMirroringSwitchingProfile",
"title": "port mirroring direction",
"type": "string"
}
DirectoryAdDomain (type)
{
"extends": {
"$ref": "DirectoryDomain"
},
"id": "DirectoryAdDomain",
"module_id": "DirectoryService",
"polymorphic-type-descriptor": {
"type-identifier": "DirectoryAdDomain"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"base_distinguished_name": {
"description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Directory domain base distinguished name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"event_log_servers": {
"description": "Directory domain Event Log server's information including host, name, protocol and so on.",
"items": {
"$ref": "DirectoryEventLogServer"
},
"maxItems": 50,
"readonly": true,
"required": false,
"title": "Event Log server of directory domain",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "Directory domain LDAP servers' information including host, name, port, protocol and so on.",
"items": {
"$ref": "DirectoryLdapServer"
},
"maxItems": 50,
"required": true,
"title": "LDAP server of directory domain",
"type": "array"
},
"name": {
"description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": true,
"title": "Directory domain name",
"type": "string"
},
"netbios_name": {
"description": "NetBIOS names can contain all alphanumeric characters except for the certain disallowed characters. Names can contain a period, but names cannot start with a period. NetBIOS is similar to DNS in that it can serve as a directory service, but more limited as it has no provisions for a name hierarchy and names are limited to 15 characters. The netbios name is case insensitive and is stored in upper case regardless of input case.",
"required": true,
"title": "Directory domain NETBIOS name",
"type": "string"
},
"resource_type": {
"description": "Domain resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdDomain is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"enum": [
"DirectoryAdDomain"
],
"required": true,
"title": "Directory domain resource type",
"type": "string"
},
"selective_sync_settings": {
"$ref": "SelectiveSyncSettings",
"description": "SelectiveSync settings toggle the SelectiveSync feature and selected OrgUnits. If this is not specified, SelectiveSync is disabled by default.",
"required": false,
"title": "SelectiveSync settings"
},
"sync_settings": {
"$ref": "DirectoryDomainSyncSettings",
"description": "Each domain sync settings can be changed using this object. It is not required since there are default values used if there is no specification for this object.",
"required": false,
"title": "Directory domain sync settings"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Active Directory Domain",
"type": "object"
}
DirectoryAdGroup (type)
{
"extends": {
"$ref": "DirectoryGroup"
},
"id": "DirectoryAdGroup",
"module_id": "DirectoryService",
"polymorphic-type-descriptor": {
"type-identifier": "DirectoryAdGroup"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"distinguished_name": {
"required": true,
"title": "Directory group distinguished name",
"type": "string"
},
"domain_id": {
"description": "Domain ID this directory group belongs to.",
"required": true,
"title": "Domain id",
"type": "string"
},
"domain_name": {
"description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Directory domain distinguished name",
"type": "string"
},
"domain_sync_node_id": {
"description": "Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set.",
"required": false,
"title": "Domain synchronization root node id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_global": {
"description": "This property indicates whether the directory group was | synced from the LDAP server using global config or | local config.",
"required": true,
"title": "This flag indicates sync using either global config or local config",
"type": "boolean"
},
"object_guid": {
"description": "GUID is a 128-bit value that is unique not only in the enterprise but also across the world. GUIDs are assigned to every object created by Active Directory, not just User and Group objects.",
"required": true,
"title": "Active directory group object guid",
"type": "string"
},
"resource_type": {
"description": "Directory group resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdGroup is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"required": true,
"title": "Directory group resource type for this domain",
"type": "string"
},
"secure_id": {
"description": "A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components - The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID.",
"required": true,
"title": "Active directory group secure id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DirectoryDomain (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "DirectoryDomain",
"module_id": "DirectoryService",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"event_log_servers": {
"description": "Directory domain Event Log server's information including host, name, protocol and so on.",
"items": {
"$ref": "DirectoryEventLogServer"
},
"maxItems": 50,
"readonly": true,
"required": false,
"title": "Event Log server of directory domain",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "Directory domain LDAP servers' information including host, name, port, protocol and so on.",
"items": {
"$ref": "DirectoryLdapServer"
},
"maxItems": 50,
"required": true,
"title": "LDAP server of directory domain",
"type": "array"
},
"name": {
"description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": true,
"title": "Directory domain name",
"type": "string"
},
"resource_type": {
"description": "Domain resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdDomain is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"enum": [
"DirectoryAdDomain"
],
"required": true,
"title": "Directory domain resource type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Directory Domain",
"type": "object"
}
DirectoryDomainListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DirectoryDomainListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryDomain"
},
"maxItems": 500,
"required": true,
"title": "List of Directory Domains",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Directory Domain",
"type": "object"
}
DirectoryDomainSize (type)
{
"additionalProperties": false,
"id": "DirectoryDomainSize",
"module_id": "DirectoryService",
"properties": {
"group_count": {
"readonly": true,
"required": false,
"title": "Number of groups",
"type": "int"
},
"group_member_count": {
"readonly": true,
"required": false,
"title": "Number of group members",
"type": "int"
},
"user_count": {
"readonly": true,
"required": false,
"title": "Number of users",
"type": "int"
}
},
"title": "Size of Directory Domain",
"type": "object"
}
DirectoryDomainSyncRequest (type)
{
"id": "DirectoryDomainSyncRequest",
"module_id": "DirectoryService",
"properties": {
"action": {
"description": "Sync type could be either FULL sync or DELTA sync. The full sync fetches all the objects under the configured sync nodes while delta sync will get the changed objects from previous sync time.",
"enum": [
"FULL_SYNC",
"DELTA_SYNC",
"STOP_SYNC"
],
"required": true,
"title": "Sync type requested",
"type": "string"
},
"delay": {
"default": 0,
"description": "The delay can be added to execute the sync action in the future.",
"minimum": 0,
"required": false,
"title": "Request to execute the sync with some delay in seconds",
"type": "integer"
}
},
"title": "Directory domain synchronization request",
"type": "object"
}
DirectoryDomainSyncSettings (type)
{
"additionalProperties": false,
"id": "DirectoryDomainSyncSettings",
"module_id": "DirectoryService",
"properties": {
"delta_sync_interval": {
"default": 180,
"description": "Directory domain delta synchronization interval time between two delta sync in minutes.",
"maximum": 720,
"minimum": 5,
"required": false,
"title": "Delta synchronization inverval in minutes",
"type": "integer"
},
"full_sync_cron_expr": {
"description": "Directory domain full synchronization schedule using cron expression. For example, cron expression \"0 0 12 ? * SUN *\" means full sync is scheduled every Sunday midnight. If this object is null, it means there is no background cron job running for full sync.",
"required": false,
"title": "Full synchronization cron expression",
"type": "string"
},
"sync_delay_in_sec": {
"default": 30,
"description": "Sync delay after Directory domain has been successfully created. if delay is -1, initial full sync will not be triggered.",
"maximum": 600,
"minimum": -1,
"required": false,
"title": "Sync delay (in second).",
"type": "int"
}
},
"title": "Domain synchronization settings",
"type": "object"
}
DirectoryDomainSyncStats (type)
{
"id": "DirectoryDomainSyncStats",
"module_id": "DirectoryService",
"properties": {
"avg_delta_sync_time": {
"description": "All the historical delta sync are counted in calculating the average delta sync time in milliseconds.",
"readonly": true,
"required": false,
"title": "Average time spent for all historical delta sync",
"type": "integer"
},
"avg_full_sync_time": {
"description": "All the historical full sync are counted in calculating the average full sync time in milliseconds.",
"readonly": true,
"required": false,
"title": "Average time spent for all historical full sync",
"type": "integer"
},
"current_state": {
"description": "Current running state of the directory domain in synchronization life cycle. It could be one of the following five states. SELECTIVE_FULL_SYNC and SELECTIVE_DELTA_SYNC are sync states for selective sync.",
"enum": [
"IDLE",
"FULL_SYNC",
"DELTA_SYNC",
"SELECTIVE_FULL_SYNC",
"SELECTIVE_DELTA_SYNC"
],
"readonly": true,
"required": true,
"title": "Current state of directory domain sync context",
"type": "string"
},
"current_state_begin_time": {
"$ref": "EpochMsTimestamp",
"description": "Since what time the current state has begun. The time is expressed in millisecond epoch time.",
"readonly": true,
"required": true,
"title": "Current state elapsed time"
},
"num_delta_sync": {
"description": "number of successful historical delta sync initiated either by system or by API request.",
"readonly": true,
"required": false,
"title": "Total number of successful delta sync",
"type": "integer"
},
"num_full_sync": {
"description": "number of successful historical full sync initiated either by system or by API request.",
"readonly": true,
"required": false,
"title": "Total number of successful full sync",
"type": "integer"
},
"prev_sync_end_time": {
"$ref": "EpochMsTimestamp",
"description": "Directory domain previous sync ending time expressed in millisecond epoch time.",
"readonly": true,
"required": true,
"title": "Previous sync ended time"
},
"prev_sync_error": {
"description": "Directory domain previous sync status error if last status was failure.",
"readonly": true,
"required": false,
"title": "Previous sync error",
"type": "string"
},
"prev_sync_status": {
"description": "Directory domain previous sync status. It could be one of the following two states.",
"enum": [
"SUCCESS",
"FAILURE",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Previous sync status",
"type": "string"
},
"prev_sync_type": {
"description": "Directory domain previous sync type. It could be one of the following five states. Right after the directory domain is configured, this field is set to IDLE.",
"enum": [
"IDLE",
"FULL_SYNC",
"DELTA_SYNC",
"SELECTIVE_FULL_SYNC",
"SELECTIVE_DELTA_SYNC"
],
"readonly": true,
"required": true,
"title": "Previous sync type",
"type": "string"
}
},
"title": "Directory domain synchronization statistics",
"type": "object"
}
DirectoryDomanDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters"
},
"id": "DirectoryDomanDeleteRequestParameters",
"module_id": "DirectoryService",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Directory domain delete request parameters",
"type": "object"
}
DirectoryEventLogServer (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "DirectoryEventLogServer",
"module_id": "DirectoryService",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": false,
"title": "Directory domain name",
"type": "string"
},
"host": {
"description": "Directory Event Log server DNS host name or ip address which is reachable by NSX manager to be connected and do event fetching.",
"format": "hostname-or-ip",
"required": true,
"title": "Event log server host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"password": {
"description": "Directory event log server connection password.",
"required": false,
"sensitive": true,
"title": "Event log server password",
"type": "secure_string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "DirectoryEventLogServerStatus",
"description": "Event log server connection status object",
"required": false,
"title": "Event log server connection status"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"username": {
"description": "Directory event log server connection user name.",
"required": false,
"title": "Event log server username",
"type": "string"
}
},
"title": "Event log server of directory domain",
"type": "object"
}
DirectoryEventLogServerStatus (type)
{
"id": "DirectoryEventLogServerStatus",
"module_id": "DirectoryService",
"properties": {
"error_message": {
"readonly": true,
"required": false,
"title": "Additional optional detail error message",
"type": "string"
},
"last_event_record_id": {
"description": "Last event record ID is an opaque integer value that shows the last successfully received event from event log server.",
"readonly": true,
"required": false,
"title": "Last event record ID",
"type": "integer"
},
"last_event_time_created": {
"$ref": "EpochMsTimestamp",
"description": "Time of last successfully received and record event from event log server.",
"readonly": true,
"required": false,
"title": "Time when last event record ID was received"
},
"last_polling_time": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": false,
"title": "Last polling time"
},
"status": {
"description": "Connection status: OK: All OK ERROR: Generic error",
"enum": [
"OK",
"ERROR"
],
"readonly": true,
"required": true,
"title": "Current connection status of event log server",
"type": "string"
}
},
"title": "Event log server connection status",
"type": "object"
}
DirectoryGroup (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "DirectoryGroup",
"module_id": "DirectoryService",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"distinguished_name": {
"required": true,
"title": "Directory group distinguished name",
"type": "string"
},
"domain_id": {
"description": "Domain ID this directory group belongs to.",
"required": true,
"title": "Domain id",
"type": "string"
},
"domain_name": {
"description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Directory domain distinguished name",
"type": "string"
},
"domain_sync_node_id": {
"description": "Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set.",
"required": false,
"title": "Domain synchronization root node id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_global": {
"description": "This property indicates whether the directory group was | synced from the LDAP server using global config or | local config.",
"required": true,
"title": "This flag indicates sync using either global config or local config",
"type": "boolean"
},
"resource_type": {
"description": "Directory group resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdGroup is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"required": true,
"title": "Directory group resource type for this domain",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DirectoryGroupListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DirectoryGroupListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryGroup"
},
"required": true,
"title": "Directory group list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DirectoryGroupMember (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "DirectoryGroupMember",
"module_id": "DirectoryService",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"group_distinguished_name": {
"description": "Directory group distinguished name this group member belongs to.",
"required": true,
"title": "Group distinguished name",
"type": "string"
},
"group_id": {
"description": "Directory group id this group member belongs to",
"required": true,
"title": "Group identifier",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_group_distinguished_name": {
"description": "Directory group name this group member owns",
"required": true,
"title": "Member group distinguished name",
"type": "string"
},
"member_group_id": {
"description": "Directory group id this group member owns",
"required": true,
"title": "Member group identifier",
"type": "string"
},
"nested": {
"description": "Whether this member group is a directory member of the parent group speicified by group_id or a nested member group which parent group is also member group of the parent group speicified by group_id.",
"required": true,
"title": "Nesting flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DirectoryGroupMemberListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DirectoryGroupMemberListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryGroupMember"
},
"required": true,
"title": "Directory group member list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DirectoryLdapServer (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "DirectoryLdapServer",
"module_id": "DirectoryService",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_path": {
"description": "IdentityFirewallStore LDAP server certificate used in secure LDAPS connection.",
"required": false,
"title": "LDAP server certificate",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": false,
"title": "Directory domain name",
"type": "string"
},
"host": {
"description": "Directory LDAP server DNS host name or ip address which is reachable by NSX manager to be connected and do object synchronization.",
"format": "hostname-or-ip",
"required": true,
"title": "LDAP server host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"password": {
"description": "Directory LDAP server connection password.",
"required": false,
"sensitive": true,
"title": "LDAP server password",
"type": "secure_string"
},
"port": {
"default": 389,
"description": "Directory LDAP server connection TCP/UDP port.",
"max": 65535,
"min": 1,
"required": false,
"title": "LDAP server TCP/UDP port",
"type": "integer"
},
"protocol": {
"default": "LDAP",
"description": "Directory LDAP server connection protocol which is either LDAP or LDAPS.",
"enum": [
"LDAP",
"LDAPS"
],
"required": false,
"title": "LDAP server protocol",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"description": "Directory LDAP server certificate thumbprint used in secure LDAPS connection.",
"required": false,
"title": "LDAP server certificate thumbprint using SHA-256 algorithm",
"type": "string"
},
"use_certificate": {
"description": "This flag helps in deciding whether to use thumbprint or certificate.",
"required": false,
"title": "Flag for certificate usage",
"type": "boolean"
},
"username": {
"description": "Directory LDAP server connection user name.",
"required": false,
"title": "LDAP server username",
"type": "string"
}
},
"title": "LDAP server of directory domain",
"type": "object"
}
DirectoryLdapServerListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DirectoryLdapServerListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryLdapServer"
},
"maxItems": 50,
"required": true,
"title": "List of directory domain LDAP servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of directory domain LDAP servers",
"type": "object"
}
DirectoryLdapServerStatus (type)
{
"id": "DirectoryLdapServerStatus",
"module_id": "DirectoryService",
"properties": {
"error_id": {
"description": "Error ID of the directory LDAP server status maintained by the NSX directory service.",
"required": false,
"title": "Error ID of the directory LDAP server status",
"type": "integer"
},
"error_message": {
"description": "Error message of the directory LDAP server status maintained by the NSX directory service.",
"required": false,
"title": "Error message of the directory LDAP server status",
"type": "string"
}
},
"title": "Status LDAP server of directory domain",
"type": "object"
}
DirectoryLdapServerTestParameters (type)
{
"id": "DirectoryLdapServerTestParameters",
"module_id": "DirectoryService",
"properties": {
"action": {
"description": "Type of LDAP server test to perform.",
"enum": [
"CONNECTIVITY"
],
"required": true,
"title": "LDAP server test requested",
"type": "string"
}
},
"title": "Parameters for performing LDAP server test",
"type": "object"
}
DirectoryOrgUnit (type)
{
"id": "DirectoryOrgUnit",
"module_id": "DirectoryService",
"properties": {
"children": {
"description": "List of children Organization Units if any.",
"items": {
"$ref": "DirectoryOrgUnit"
},
"maxItems": 500,
"required": true,
"title": "List of children Organization Units",
"type": "array"
},
"distinguished_name": {
"description": "Distinguished name of the organization unit.",
"required": true,
"title": "Distinguished name",
"type": "string"
},
"name": {
"description": "Organization Unit name.",
"required": true,
"title": "Organization Unit name",
"type": "string"
}
},
"title": "Organization Unit",
"type": "object"
}
DirectoryOrgUnitListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DirectoryOrgUnitListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryOrgUnit"
},
"maxItems": 100000,
"required": true,
"title": "List of Organization Units",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of organization units",
"type": "object"
}
DirectorySearchFilterValue (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "DirectorySearchFilterValue",
"module_id": "DirectoryService",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"filter_value": {
"description": "Search filter value is a substring match pattern only which the target entity contains. It is case insentive and doesn't allow wildcard.",
"required": true,
"title": "Name search filter value",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Searching domain entities using a matching filter value",
"type": "object"
}
DisconnectBridgeWorkflowSpec (type)
{
"additionalProperties": false,
"description": "Disconnect bridge workflow spec.",
"extends": {
"$ref": "WorkflowSpec"
},
"id": "DisconnectBridgeWorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "DisconnectBridgeWorkflowSpec"
},
"properties": {
"bridge_profile_path": {
"description": "Bridge profile path used to find the bridge config in the segment to be removed.",
"readonly": false,
"required": true,
"title": "Bridge profile path",
"type": "string"
},
"segment_path": {
"description": "Path of the segment from which the bridge config specified by the property \"bridge_profile_path\" will be removed.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
},
"type": {
"$ref": "WorkflowSpecType",
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
}
},
"title": "Disconnect bridge workflow spec",
"type": "object"
}
DiscoveredNode (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource"
},
"id": "DiscoveredNode",
"module_id": "InventoryCmObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"certificate": {
"required": false,
"title": "Certificate of the discovered node",
"type": "string"
},
"cm_local_id": {
"readonly": true,
"required": true,
"title": "Local Id of the discovered node in the Compute Manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the discovered node, ex. a mo-ref from VC",
"type": "string"
},
"hardware_id": {
"description": "Hardware Id is generated using system hardware info. It is used to retrieve fabric node of the esx.",
"readonly": true,
"required": false,
"title": "Hardware Id of the discovered node",
"type": "string"
},
"ip_addresses": {
"items": {
"$ref": "IPAddress"
},
"readonly": true,
"required": true,
"title": "IP Addresses of the the discovered node.",
"type": "array"
},
"node_type": {
"readonly": true,
"required": true,
"title": "Discovered Node type like Host",
"type": "string"
},
"origin_id": {
"readonly": true,
"required": true,
"title": "Id of the compute manager from where this node was discovered",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair"
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional specific properties of discovered\nnode in the Compute Manager\n",
"type": "array"
},
"os_type": {
"readonly": true,
"required": false,
"title": "OS type of the discovered node",
"type": "string"
},
"os_version": {
"readonly": true,
"required": false,
"title": "OS version of the discovered node",
"type": "string"
},
"owner_nsx": {
"description": "Specifies owner nsx of the discovered node. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when discovered node prepared by that nsx. OTHER applies to when discovered node prepared by other nsx. MULTIPLE applies to when discovered node tried to prepare by multiple nsx at a time. NONE applies to when discovered node is not prepared by any nsx.",
"enum": [
"SELF",
"OTHER",
"MULTIPLE",
"NONE"
],
"readonly": true,
"required": false,
"title": "Specifies owner nsx of the discovered node",
"type": "string"
},
"parent_compute_collection": {
"readonly": true,
"required": false,
"title": "External id of the compute collection to which this node belongs",
"type": "string"
},
"pnic_details": {
"description": "PNIC details for the host.",
"items": {
"$ref": "PnicDetail"
},
"readonly": false,
"required": false,
"title": "PNIC details",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"stateless": {
"description": "The stateless property describes whether host persists its state across reboot or not. If state persists, value is set as false otherwise true.",
"readonly": true,
"required": false,
"title": "Specifies whether host is stateless",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DiscoveredNodeInterfaceProperties (type)
{
"additionalProperties": false,
"description": "Network interface properties of discovered node",
"id": "DiscoveredNodeInterfaceProperties",
"module_id": "InventoryCmObj",
"properties": {
"connected_switch": {
"description": "Switch name which is connected to nic, switch can be opaque, proxyHostSwitch or virtual",
"title": "Connected switch",
"type": "string"
},
"connected_switch_type": {
"description": "Type of virtual switch can be VSS, DVS or N-VDS.",
"enum": [
"VSS",
"DVS",
"N-VDS"
],
"required": false,
"title": "Type of virtual switch",
"type": "string"
},
"interface_id": {
"description": "Id of the network interface",
"title": "Interface ID",
"type": "string"
},
"physical_address": {
"$ref": "MACAddress",
"description": "Mac address of the interface",
"title": "Interface MAC address"
}
},
"title": "Discovered node network interface properties",
"type": "object"
}
DiscoveredNodeListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "DiscoveredNodeListRequestParameters",
"module_id": "InventoryCmObj",
"properties": {
"cm_local_id": {
"required": false,
"title": "Local Id of the discovered node in the Compute Manager",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"required": false,
"title": "Display name of discovered node",
"type": "string"
},
"external_id": {
"required": false,
"title": "External id of the discovered node, ex. a mo-ref from VC",
"type": "string"
},
"has_parent": {
"enum": [
"true",
"false"
],
"required": false,
"title": "Discovered node has a parent compute collection or is a standalone host",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_address": {
"required": false,
"title": "IP address of the discovered node",
"type": "string"
},
"node_id": {
"required": false,
"title": "Id of the fabric node created from the discovered node",
"type": "string"
},
"node_type": {
"required": false,
"title": "Discovered Node type like HostNode",
"type": "string"
},
"origin_id": {
"required": false,
"title": "Id of the compute manager from where this node was discovered",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"parent_compute_collection": {
"required": false,
"title": "External id of the compute collection to which this node belongs",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Discovered Node list parameters",
"type": "object"
}
DiscoveredNodeListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DiscoveredNodeListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DiscoveredNode"
},
"required": true,
"title": "Discovered Node list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Discovered Node list result",
"type": "object"
}
DiscoveredNodeNetworkInterfaces (type)
{
"description": "All the network interfaces of the discovered node",
"id": "DiscoveredNodeNetworkInterfaces",
"module_id": "InventoryCmObj",
"properties": {
"discovered_node_id": {
"description": "Id of the discovered node",
"required": true,
"title": "Discovered node Id",
"type": "string"
},
"network_interfaces": {
"description": "Network interfaces of the node",
"items": {
"$ref": "DiscoveredNodeInterfaceProperties"
},
"required": false,
"title": "Discovered Node interfaces",
"type": "array"
}
},
"title": "Discovered node network interfaces",
"type": "object"
}
DiscoveredResource (type)
{
"abstract": true,
"extends": {
"$ref": "Resource"
},
"id": "DiscoveredResource",
"module_id": "Common",
"polymorphic-type-descriptor": {
"mode": "force",
"property-name": "resource_type"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base class for resources that are discovered and automatically updated",
"type": "object"
}
DiscoveredResourceAssociation (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "DiscoveredResourceAssociation",
"module_id": "InventoryAssociations",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_resource_type": {
"description": "Type of the discovered resource for which association is being configured.",
"enum": [
"VirtualMachine",
"ComputeCollection",
"ContainerProject"
],
"required": true,
"title": "Type of the discovered resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External id of the discovered resource for which association is being configured.",
"required": true,
"title": "External id of the discovered resource",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Association for discovered resource",
"type": "object"
}
DiscoveredResourceAssociationListRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters"
},
"id": "DiscoveredResourceAssociationListRequestParameters",
"module_id": "InventoryAssociations",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"discovered_resource_external_id": {
"description": "External id of the discovered resource for which association is being queried.",
"required": false,
"title": "External id of the discovered resource",
"type": "string"
},
"discovered_resource_type": {
"description": "Type of the discovered resource for which association is being queried.",
"enum": [
"VirtualMachine",
"ComputeCollection",
"ContainerProject"
],
"required": false,
"title": "Type of the discovered resource",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters for discovered resource associations",
"type": "object"
}
DiscoveredResourceScope (type)
{
"id": "DiscoveredResourceScope",
"module_id": "Common",
"properties": {
"scope_id": {
"description": "Specifies the scope id of discovered resource.",
"required": false,
"title": "Scope Id of scope for discovered resource",
"type": "string"
},
"scope_type": {
"description": "Type of the scope for the discovered resource.",
"enum": [
"CONTAINER_CLUSTER",
"VPC"
],
"required": false,
"title": "Type of scope",
"type": "string"
}
},
"title": "Scope of discovered resource",
"type": "object"
}
DiscoveredVifListParameters (type)
{
"description": "The parameters to fetch the discovered VIF state.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "DiscoveredVifListParameters",
"module_id": "PolicyHostTransportNode",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"host_switch_id": {
"description": "Host switch id.",
"required": false,
"title": "VDS identifier",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"segment_id": {
"description": "Segment id.",
"required": false,
"title": "Segment identifier",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment list parameters",
"type": "object"
}
DiscoveredVifState (type)
{
"description": "State of VIFs connected to discovered segment on the TransportNode.",
"id": "DiscoveredVifState",
"module_id": "PolicyHostTransportNode",
"properties": {
"error_msg": {
"description": "Error encountered during segment port creation for the discovered VIF.",
"required": false,
"title": "Error message",
"type": "string"
},
"id": {
"description": "Id of discovered VIF.",
"required": true,
"title": "VIF Id",
"type": "string"
},
"segment_path": {
"description": "Segment path related with discovered VIF.",
"required": true,
"title": "Path of the discovered segment",
"type": "string"
},
"segment_port_path": {
"description": "SegmentPort path related with discovered VIF.",
"required": true,
"title": "Path of the segment port",
"type": "string"
},
"state": {
"description": "The state of specific discovered VIF.",
"enum": [
"PENDING",
"ATTACHMENT_IN_PROGRESS",
"ATTACHMENT_SUCCESS",
"ATTACHMENT_FAILED"
],
"title": "Discovered VIF State",
"type": "string"
}
},
"title": "Discovered Vif State",
"type": "object"
}
DiscoveredVifStateListResult (type)
{
"additionalProperties": false,
"description": "Array of result of discovered VIF state result.",
"extends": {
"$ref": "ListResult"
},
"id": "DiscoveredVifStateListResult",
"module_id": "PolicyHostTransportNode",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DiscoveredVifState"
},
"readonly": true,
"title": "Discovered Segment Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment queries result",
"type": "object"
}
DiscoveryProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base Discovery Profile Binding Map",
"type": "object"
}
DiskProvisioning (type)
{
"additionalProperties": false,
"description": "Disk provisioning type for deploying VM.",
"enum": [
"THIN",
"LAZY_ZEROED_THICK",
"EAGER_ZEROED_THICK"
],
"id": "DiskProvisioning",
"module_id": "HostPrepServiceFabric",
"required": true,
"title": "Disk provisioning type",
"type": "string"
}
DistributedDhcpServerPackets (type)
{
"id": "DistributedDhcpServerPackets",
"module_id": "AggSvcL2Types",
"properties": {
"acks": {
"description": "The total number of DHCP ACK packets.",
"required": true,
"title": "Total DHCP Acks",
"type": "integer"
},
"declines": {
"description": "The total number of DHCP DECLINE packets.",
"required": true,
"title": "Total DHCP Declines",
"type": "integer"
},
"discovers": {
"description": "The total number of DHCP DISCOVER packets.",
"required": true,
"title": "Total DHCP Discovers",
"type": "integer"
},
"errors": {
"description": "The total number of DHCP errors.",
"required": true,
"title": "Total DHCP Errors",
"type": "integer"
},
"informs": {
"description": "The total number of DHCP INFORM packets.",
"required": true,
"title": "Total DHCP Informs",
"type": "integer"
},
"nacks": {
"description": "The total number of DHCP NACK packets.",
"required": true,
"title": "Total DHCP Nacks",
"type": "integer"
},
"offers": {
"description": "The total number of DHCP OFFER packets.",
"required": true,
"title": "Total DHCP Offers",
"type": "integer"
},
"releases": {
"description": "The total number of DHCP RELEASE packets.",
"required": true,
"title": "Total DHCP Releases",
"type": "integer"
},
"requests": {
"description": "The total number of DHCP REQUEST packets.",
"required": true,
"title": "Total DHCP Requests",
"type": "integer"
}
},
"type": "object"
}
DistributedFirewall (type)
{
"id": "DistributedFirewall",
"module_id": "ObservabilityCounters",
"properties": {
"alg_handler_drops": {
"description": "alg handler error.",
"required": false,
"type": "integer"
},
"bad_offset_drops": {
"description": "bad-offset.",
"required": false,
"type": "integer"
},
"bad_timestamp_drops": {
"description": "bad-timestamp.",
"required": false,
"type": "integer"
},
"congestion_drops": {
"description": "congestion.",
"required": false,
"type": "integer"
},
"fragment_drops": {
"description": "fragment.",
"required": false,
"type": "integer"
},
"handshake_error_drops": {
"description": "3wh error.",
"required": false,
"type": "integer"
},
"icmp_err_pkt_drops": {
"description": "icmp errpkt drop.",
"required": false,
"type": "integer"
},
"icmp_error_drops": {
"description": "icmp error.",
"required": false,
"type": "integer"
},
"icmp_flood_overlimit_drops": {
"description": "ICMP flood overlimit.",
"required": false,
"type": "integer"
},
"ignored_offloaded_fpdrops": {
"description": "Ignored offloaded FP.",
"required": false,
"type": "integer"
},
"ignored_offloaded_spdrops": {
"description": "Ignored offloaded SP.",
"required": false,
"type": "integer"
},
"ip_option_drops": {
"description": "ip-option.",
"required": false,
"type": "integer"
},
"l7_alert_drops": {
"description": "L7 alert.",
"required": false,
"type": "integer"
},
"l7_attr_error_drops": {
"description": "L7 attr error.",
"required": false,
"type": "integer"
},
"l7_pending_misc": {
"description": "L7 pending.",
"required": false,
"type": "integer"
},
"lb_reject_drops": {
"description": "LB Reject.",
"required": false,
"type": "integer"
},
"match_drop_rule_rx_drops": {
"description": "Rx pkts dropped by hitting drop/reject rule.",
"required": false,
"type": "integer"
},
"match_drop_rule_tx_drops": {
"description": "Tx pkts dropped by hitting drop/reject rule.",
"required": false,
"type": "integer"
},
"memory_drops": {
"description": "memory.",
"required": false,
"type": "integer"
},
"normalize_drops": {
"description": "normalize.",
"required": false,
"type": "integer"
},
"other_flood_overlimit_drops": {
"description": "OTHER flood overlimit.",
"required": false,
"type": "integer"
},
"pkts_frag_queued_v4_misc": {
"description": "pkts-frag-queued-v4.",
"required": false,
"type": "integer"
},
"pkts_frag_queued_v6_misc": {
"description": "pkts-frag-queued-v6.",
"required": false,
"type": "integer"
},
"proto_cksum_drops": {
"description": "proto-cksum.",
"required": false,
"type": "integer"
},
"rx_ipv4_drop_pkts": {
"description": "Received IPv4 drop packets.",
"required": false,
"type": "integer"
},
"rx_ipv4_reject_pkts": {
"description": "Received IPv4 reject packets.",
"required": false,
"type": "integer"
},
"rx_ipv6_drop_pkts": {
"description": "Received IPv6 drop packets.",
"required": false,
"type": "integer"
},
"rx_ipv6_reject_pkts": {
"description": "Received IPv6 reject packets.",
"required": false,
"type": "integer"
},
"rx_l2_drop_pkts": {
"description": "Received layer 2 drop packets.",
"required": false,
"type": "integer"
},
"seqno_bad_ack_drops": {
"description": "seqno bad ack.",
"required": false,
"type": "integer"
},
"seqno_gt_max_ack_drops": {
"description": "seqno gt maxack.",
"required": false,
"type": "integer"
},
"seqno_lt_minack_drops": {
"description": "seqno lt minack.",
"required": false,
"type": "integer"
},
"seqno_old_ack_drops": {
"description": "seqno old ack.",
"required": false,
"type": "integer"
},
"seqno_old_retrans_drops": {
"description": "seqno old retrans.",
"required": false,
"type": "integer"
},
"seqno_outside_window_drops": {
"description": "seqno outside window.",
"required": false,
"type": "integer"
},
"short_drops": {
"description": "short.",
"required": false,
"type": "integer"
},
"spoof_guard_drops": {
"description": "spoofguard.",
"required": false,
"type": "integer"
},
"src_limit_misc": {
"description": "src-limit.",
"required": false,
"type": "integer"
},
"state_insert_drops": {
"description": "state-insert.",
"required": false,
"type": "integer"
},
"state_limit_drops": {
"description": "state-limit.",
"required": false,
"type": "integer"
},
"state_mismatch_drops": {
"description": "state-mismatch.",
"required": false,
"type": "integer"
},
"strict_no_syn_drops": {
"description": "strict no syn.",
"required": false,
"type": "integer"
},
"syn_expected_drops": {
"description": "SYN Expected.",
"required": false,
"type": "integer"
},
"syn_proxy_drops": {
"description": "synproxy.",
"required": false,
"type": "integer"
},
"tcp_flood_overlimit_drops": {
"description": "TCP flood overlimit.",
"required": false,
"type": "integer"
},
"tx_ipv4_drop_pkts": {
"description": "Sent IPv4 drop packets.",
"required": false,
"type": "integer"
},
"tx_ipv4_reject_pkts": {
"description": "Sent IPv4 reject packets.",
"required": false,
"type": "integer"
},
"tx_ipv6_drop_pkts": {
"description": "Sent IPv6 drop packets.",
"required": false,
"type": "integer"
},
"tx_ipv6_reject_pkts": {
"description": "Sent IPv6 reject packets.",
"required": false,
"type": "integer"
},
"tx_l2_drop_pkts": {
"description": "Sent layer 2 drop packets.",
"required": false,
"type": "integer"
},
"udp_flood_overlimit_drops": {
"description": "UDP flood overlimit.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
DistributedFloodProtectionProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FloodProtectionProfile"
},
"id": "DistributedFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedFloodProtectionProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_rst_spoofing": {
"default": false,
"description": "If set to true, rst spoofing will be enabled. Flag is used only for distributed firewall profiles.",
"readonly": false,
"title": "Flag to indicate rst spoofing is enabled",
"type": "boolean"
},
"enable_syncache": {
"default": false,
"description": "If set to true, sync cache will be enabled. Flag is used only for distributed firewall profiles.",
"readonly": false,
"title": "Flag to indicate syncache is enabled",
"type": "boolean"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
DistributedVirtualPortgroup (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VirtualPortgroup"
},
"id": "DistributedVirtualPortgroup",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedVirtualPortgroup"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"backing_type": {
"description": "For distributed virtual portgroup, backing type is standard. For logical switch portgroup, the backing type is set to nsx.",
"readonly": false,
"title": "Backing type for portgroup",
"type": "string"
},
"cm_local_id": {
"description": "Id of the portgroup, eg. a mo-ref from VC.",
"readonly": true,
"required": false,
"title": "Id of the portgroup in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual portgroup",
"type": "string"
},
"key": {
"readonly": false,
"title": "Generated UUID of the portgroup",
"type": "string"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Portgroup type like DistributedVirtualPortgroup",
"type": "string"
},
"overall_status": {
"description": "This parameters reflects the managed entity status of the portgroup as reported by VC.",
"enum": [
"RED",
"YELLOW",
"GREEN",
"GRAY"
],
"readonly": true,
"required": false,
"title": "General status of the virtual portgroup",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Distributed virtual portgroup on a VC",
"type": "object"
}
DistributedVirtualSwitch (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VirtualSwitch"
},
"id": "DistributedVirtualSwitch",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedVirtualSwitch"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"readonly": true,
"required": false,
"title": "ID of the virtual switch in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_nodes": {
"description": "Array of discovered nodes connected to this switch.",
"items": {
"$ref": "DiscoveredNode"
},
"readonly": true,
"required": false,
"title": "Array of discovered nodes connected",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpu_failover_policy": {
"$ref": "DpuFailoverPolicy",
"description": "This specifies the failover policy for a distributed virtual switch from vCenter DVS, specifically related to the Data Processing Unit(DPU).",
"readonly": true,
"required": false,
"title": "Dpu Failover policy for a DVS"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual switch",
"type": "string"
},
"lacp_group_configs": {
"description": "It contains information about VMware specific multiple dynamic LACP groups.",
"items": {
"$ref": "LacpGroupConfigInfo"
},
"readonly": false,
"required": false,
"title": "Array of Link Aggregation Control Protocol (LACP) configuration",
"type": "array"
},
"network_offload_spec_id": {
"description": "Specify the Id of network offload spec.",
"readonly": true,
"required": false,
"title": "Id of network offload spec",
"type": "string"
},
"origin_id": {
"description": "ID of the compute manager where this virtual switch is discovered.",
"readonly": true,
"required": false,
"title": "ID of the compute manager",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair"
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional properties of switch",
"type": "array"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Switch type like VmwareDistributedVirtualSwitch",
"type": "string"
},
"owner_nsx": {
"description": "Specifies owner nsx of the virtual switch. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when virtual switch owned by that nsx. OTHER applies to whenf virtual switch owned by other nsx. MULTIPLE applies to when virtual switch tried to own by multiple nsx at a time. NONE applies to when virtual switch is not owned by any nsx.",
"enum": [
"SELF",
"OTHER",
"MULTIPLE",
"NONE"
],
"readonly": true,
"required": false,
"title": "Specifies owner nsx of the virtual switch",
"type": "string"
},
"real_time_config": {
"$ref": "RealTimeConfig",
"description": "Real time config for VDS which consists of vswitchRT flag and annotations for uplinks.",
"readonly": true,
"required": false,
"title": "Real Time Config for a VDS"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope"
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"uplink_port_names": {
"description": "The uniform name of uplink ports on each host.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Uplink port names",
"type": "array"
},
"uplink_portgroup": {
"$ref": "DistributedVirtualPortgroup",
"readonly": true,
"required": false,
"title": "Uplink portgroup of distributed virtual switch"
},
"uuid": {
"readonly": true,
"required": false,
"title": "UUID of the switch",
"type": "string"
}
},
"title": "DistributedVirtualSwitch on a VC",
"type": "object"
}
DistributedVirtualSwitchListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DistributedVirtualSwitchListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DistributedVirtualSwitch"
},
"required": true,
"title": "Distributed Virtual switch list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Distributed Virtual switch list result",
"type": "object"
}
DistributedVlanConnection (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DistributedVlanConnection",
"module_id": "PolicyGatewayConnection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"gateway_addresses": {
"description": "Gateway IP address in network address and prefix length format",
"items": {
"$ref": "IPv4CIDRBlock"
},
"required": true,
"title": "Gateway address",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vlan_id": {
"$ref": "VlanID",
"description": "Vlan id for external gateway traffic",
"required": true,
"title": "Vlan id"
}
},
"search_dsl_name": [
"distributed external connection"
],
"title": "Policy distributed vlan connection",
"type": "object"
}
DistributedVlanConnectionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "DistributedVlanConnectionListRequestParameters",
"module_id": "PolicyGatewayConnection",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy distributed vlan connection request parameters",
"type": "object"
}
DistributedVlanConnectionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DistributedVlanConnectionListResult",
"module_id": "PolicyGatewayConnection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DistributedVlanConnection"
},
"required": true,
"title": "Distributed vlan connection list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of distributed vlan connection",
"type": "object"
}
DnsAnswer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The response for DNS nslookup.",
"id": "DnsAnswer",
"module_id": "DnsForwarder",
"properties": {
"answers": {
"description": "The answers of the query.",
"items": {
"$ref": "DnsQueryAnswer"
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "The answers of the query.",
"type": "array"
},
"authoritative_answers": {
"deprecated": true,
"description": "Authotitative answers of the query. This is a deprecated property, please use 'answers' instead.",
"items": {
"$ref": "DnsQueryAnswer"
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "Authoritative answers",
"type": "array"
},
"dns_server": {
"description": "Dns server ip address and port, format is \"ip address#port\".",
"required": true,
"title": "DNS server information",
"type": "string"
},
"edge_node_id": {
"description": "ID of the edge node that performed the query.",
"required": true,
"title": "Edge node id",
"type": "string"
},
"non_authoritative_answers": {
"deprecated": true,
"description": "Non-authotitative answers of the query. This is a deprecated property, please use 'answers' instead.",
"items": {
"$ref": "DnsQueryAnswer"
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "Non authoritative answers",
"type": "array"
},
"raw_answer": {
"description": "It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer.",
"required": false,
"title": "Raw message returned from the DNS forwarder",
"type": "string"
},
"source_ip": {
"$ref": "IPv4Address",
"description": "The source ip used in this lookup.",
"required": true,
"title": "The source ip used in this lookup"
}
},
"title": "Answer of dns nslookup",
"type": "object"
}
DnsClientConfig (type)
{
"description": "Dns config",
"id": "DnsClientConfig",
"module_id": "PolicyVpc",
"properties": {
"dns_server_ips": {
"description": "IPs of the DNS servers which need to be configured on the workload VMs",
"items": {
"type": "string"
},
"maxItems": 2,
"required": false,
"type": "array"
}
},
"title": "Dns configuration",
"type": "object"
}
DnsFailedQueries (type)
{
"additionalProperties": false,
"description": "The array of the failed DNS queries with entry count and timestamp on active and standby transport node.",
"id": "DnsFailedQueries",
"module_id": "DnsForwarder",
"properties": {
"per_node_failed_queries": {
"description": "The array of failed DNS queries on active and standby transport node. If there is no standby node, the failed queries on standby node will not be present.",
"items": {
"$ref": "PerNodeDnsFailedQueries"
},
"readonly": true,
"required": false,
"title": "The array of failed DNS queries on active and standby transport node",
"type": "array"
},
"timestamp": {
"description": "Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.",
"readonly": true,
"required": true,
"title": "Timestamp of the request",
"type": "string"
}
},
"title": "The array of failed DNS queries for active and standby transport node",
"type": "object"
}
DnsFailedQuery (type)
{
"description": "The summary of the failed DNS query. The query result represents a full query chain from client VM to dns forwarder, and upstream server if no forwarder cache was hit.",
"id": "DnsFailedQuery",
"module_id": "DnsForwarder",
"properties": {
"address": {
"description": "The address be queried, can be a FQDN or an ip address.",
"required": false,
"title": "The adddress be queried",
"type": "string"
},
"client_ip": {
"description": "The client host ip address from which the query was issued.",
"required": false,
"title": "The client host ip address from which the query was issued",
"type": "string"
},
"error_message": {
"description": "The detailed error message of the failed query, if any.",
"required": false,
"title": "The error message of the failed query",
"type": "string"
},
"error_type": {
"description": "The type of the query failure, e.g. NXDOMAIN, etc.",
"required": false,
"title": "The type of the failure",
"type": "string"
},
"forwarder_ip": {
"description": "The DNS forwarder ip address to which the query was first received.",
"required": false,
"title": "The DNS forwarder ip address to which the query was first received",
"type": "string"
},
"record_type": {
"description": "The record type be queried, e.g. A, CNAME, SOA, etc.",
"required": false,
"title": "The record type be queried",
"type": "string"
},
"source_ip": {
"description": "The source ip address that is used to forward a query to an upstream server.",
"required": false,
"title": "The source ip address for forwarding query",
"type": "string"
},
"time_spent": {
"description": "The time the query took before it got a failed answer, in ms.",
"required": false,
"title": "Time spent in the query, if applicable",
"type": "integer"
},
"timestamp": {
"description": "Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.",
"required": true,
"title": "Timestamp of the request",
"type": "string"
},
"upstream_server_ip": {
"description": "The upstream server ip address to which the query was forwarded. If the query could not be serviced from the DNS forwarder cache, this property will contain the IP address of the DNS server that serviced the request. If the request was serviced from the cache, this property will be absent.",
"required": false,
"title": "The ip address to which the query was forwarded",
"type": "string"
}
},
"title": "The failed DNS query",
"type": "object"
}
DnsFailedQueryRequestParameters (type) (Deprecated)
{
"deprecated": true,
"description": "To specify how many failed DNS queries will be returned.",
"id": "DnsFailedQueryRequestParameters",
"module_id": "DnsForwarder",
"properties": {
"count": {
"default": 100,
"description": "How many failed DNS queries should be returned.",
"maximum": 1000,
"minimum": 1,
"required": false,
"title": "The count of the failed DNS queries",
"type": "integer"
}
},
"title": "The request parameters to get failed DNS queries",
"type": "object"
}
DnsForwarder (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource"
},
"id": "DnsForwarder",
"module_id": "DnsForwarder",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cache_size": {
"default": 1024,
"description": "One DNS answer cache entry will consume ~120 bytes. Hence 1 KB cache size can cache ~8 DNS answer entries, and the default 1024 KB cache size can hold ~8k DNS answer entries.",
"maximum": 16777216,
"minimum": 1,
"required": false,
"title": "Cache size in KB",
"type": "int"
},
"conditional_forwarders": {
"description": "The conditional zone forwarders. During matching a zone forwarder, the DNS forwarder will use the conditional fowarder with the longest domain name that matches the query.",
"items": {
"$ref": "ConditionalForwarderZone"
},
"maxItems": 5,
"required": false,
"title": "Conditional zone forwarders",
"type": "array"
},
"default_forwarder": {
"$ref": "ForwarderZone",
"description": "The default zone forwarder that catches all other domain names except those matched by conditional forwarder zone.",
"required": true,
"title": "Default zone forwarder"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"required": false,
"title": "Flag to enable/disable the forwarder",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"listener_ip": {
"$ref": "IPv4Address",
"description": "The ip address the DNS forwarder listens on. It can be an ip address already owned by the logical-router uplink port or router-link, or a loopback port ip address. But it can not be a downlink port address. User needs to ensure the address is reachable via router or NAT from both client VMs and upstream servers. User will need to create Firewall rules if needed to allow such traffic on a Tier-1 or Tier-0.",
"required": true,
"title": "Listener ip address"
},
"log_level": {
"default": "INFO",
"enum": [
"DEBUG",
"INFO",
"WARNING",
"ERROR",
"FATAL"
],
"required": false,
"title": "Log level of the DNS forwarder",
"type": "string"
},
"logical_router_id": {
"description": "Specify the LogicalRouter where the DnsForwarder runs. The HA mode of the hosting LogicalRouter must be Active/Standby.",
"required": true,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DnsForwarderListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult"
},
"id": "DnsForwarderListResult",
"module_id": "DnsForwarder",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DnsForwarder"
},
"required": true,
"title": "Paginated list of DNS forwarders",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DnsForwarderStatistics (type) (Deprecated)
{
"deprecated": true,
"description": "The current statistics counters of the DNS forwarder including cache usages and query numbers per forwarders.",
"id": "DnsForwarderStatistics",
"module_id": "AggSvcDnsForwarder",
"properties": {
"conditional_forwarder_statistics": {
"items": {
"$ref": "PerForwarderStatistics"
},
"maxItems": 5,
"minItems": 0,
"readonly": true,
"required": false,
"title": "The statistics of conditional forwarders",
"type": "array"
},
"configured_cache_size": {
"readonly": true,
"title": "The configured cache size, in kb",
"type": "integer"
},
"default_forwarder_statistics": {
"$ref": "PerForwarderStatistics",
"readonly": true,
"title": "The statistics of default forwarder"
},
"error_message": {
"readonly": true,
"required": false,
"title": "Error message, if available",
"type": "string"
},
"queries_answered_locally": {
"readonly": true,
"title": "The totocal number of queries answered from local cache",
"type": "integer"
},
"queries_forwarded": {
"readonly": true,
"title": "The total number of forwarded dns queries",
"type": "integer"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"title": "Time stamp of the current statistics, in ms"
},
"total_queries": {
"readonly": true,
"title": "The total number of received dns queries",
"type": "integer"
},
"used_cache_statistics": {
"items": {
"$ref": "PerNodeUsedCacheStatistics"
},
"maxItems": 2,
"minItems": 0,
"readonly": true,
"required": false,
"title": "The statistics of used cache",
"type": "array"
}
},
"title": "Statistics counters of the DNS forwarder",
"type": "object"
}
DnsForwarderStats (type)
{
"additionalProperties": false,
"id": "DnsForwarderStats",
"module_id": "PolicyVpcStatistics",
"properties": {
"statistics_per_enforcement_point": {
"items": {
"$ref": "EnforcementDnsForwarderStatistics"
},
"readonly": true,
"required": true,
"title": "Statistics for DNS Forwarder Enforcement.",
"type": "array"
}
},
"type": "object"
}
DnsForwarderStatus (type) (Deprecated)
{
"deprecated": true,
"description": "The current runtime status of the DNS forwarder including the hosting transport nodes and forwarder service status.",
"id": "DnsForwarderStatus",
"module_id": "AggSvcDnsForwarder",
"properties": {
"active_node": {
"readonly": true,
"title": "Uuid of active transport node",
"type": "string"
},
"extra_message": {
"readonly": true,
"required": false,
"title": "Extra message, if available",
"type": "string"
},
"standby_node": {
"readonly": true,
"required": false,
"title": "Uuid of stand_by transport node. null if non-HA mode",
"type": "string"
},
"status": {
"description": "UP means the DNS forwarder is working correctly on the active transport node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The dns forwarder may be working (or not working). NO_BACKUP means dns forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_BACKUP"
],
"readonly": true,
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"title": "Time stamp of the current status, in ms"
}
},
"title": "The current runtime status of DNS forwarder",
"type": "object"
}
DnsHeader (type)
{
"additionalProperties": false,
"id": "DnsHeader",
"module_id": "Traceflow",
"properties": {
"address": {
"description": "This is used to define what is being asked or responded.",
"format": "hostname-or-ip",
"required": false,
"title": "Domain name/IP to query/response",
"type": "string"
},
"address_type": {
"default": "V4",
"description": "This is used to specify the type of the address. V4 - The address provided is an IPv4 domain name/IP address, the Type in query or response will be A V6 - The address provided is an IPv6 domain name/IP address, the Type in query or response will be AAAA",
"enum": [
"V4",
"V6"
],
"required": false,
"title": null,
"type": "string"
},
"message_type": {
"default": "QUERY",
"enum": [
"QUERY",
"RESPONSE"
],
"required": false,
"title": "Specifies the message type whether it is a query or a response.",
"type": "string"
}
},
"type": "object"
}
DnsQueryAnswer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "DnsQueryAnswer",
"module_id": "DnsForwarder",
"properties": {
"address": {
"description": "Can be resolved ip address.",
"required": false,
"title": "Matched ip address",
"type": "string"
},
"name": {
"description": "Matched name of the given address.",
"required": false,
"title": "Matched name",
"type": "string"
},
"raw_string": {
"description": "Unparsed answer string from raw_answer.",
"required": false,
"title": "Unparsed answer string",
"type": "string"
}
},
"title": "Answer of nslookup",
"type": "object"
}
DnsSecurityProfile (type)
{
"additionalProperties": false,
"description": "Used to configure DNS security profile",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DnsSecurityProfile",
"module_id": "PolicyProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ttl": {
"default": 86400,
"description": "Time to live for DNS cache entry in seconds. Valid TTL values are between 3600 to 864000. However, this field accepts values between 0 through 864000. We define TTL type based on the value of TTL as follows: TTL 0 - cached entry never expires. TTL 1 to 3599 - invalid input and error is thrown TTL 3600 to 864000 - ttl is set to user input TTL field not set by user - TTL type is 'AUTO' and ttl value is set from DNS response packet. User defined TTL value is used only when it is betweeen 3600 to 864000.",
"maximum": 864000,
"minimum": 0,
"required": false,
"title": "Time to live for DNS cache entry",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DNS security profile",
"type": "object"
}
DnsSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between DNS security profile and Group. With this entity, user can specify intent for applying DNS security profile profile to particular Group.",
"extends": {
"$ref": "ProfileBindingMap"
},
"id": "DnsSecurityProfileBindingMap",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000.",
"maximum": 100000,
"minimum": 1,
"requried": true,
"title": "Sequence number DNS Security Profile Binding Map",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Binding Map for DNS Security Profile",
"type": "object"
}
DnsSecurityProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "DnsSecurityProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DNS Security Profile Binding Map List Request Parameters",
"type": "object"
}
DnsSecurityProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DnsSecurityProfileBindingMapListResult",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DnsSecurityProfileBindingMap"
},
"requried": true,
"title": "DNS Security Profile Binding Map List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DNS Security Profile Binding Map",
"type": "object"
}
DnsSecurityProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DnsSecurityProfileListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DnsSecurityProfile"
},
"required": true,
"title": "DnsSecurityProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of DnsSecurityProfile",
"type": "object"
}
DnsTtlConfig (type)
{
"description": "Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.",
"id": "DnsTtlConfig",
"module_id": "FirewallProfile",
"properties": {
"dns_ttl_type": {
"description": "TTL type to decide how to manage ttl.",
"enum": [
"USE_TTL",
"AUTO",
"NEVER_EXPIRE"
],
"help_summary": "Use 'USE_TTL' to set custom ttl with the help of 'ttl' property.\nUse 'AUTO' to set ttl value from DNS response packet.\nUse 'NEVER_EXPIRE' to never expire cached entry.\n",
"required": true,
"title": "TTL type.",
"type": "string"
},
"ttl": {
"default": 86400,
"description": "The number of seconds that snooped DNS responses are retained in the cache. Used only when dns_ttl_type is USE_TTL.",
"maximum": 864000,
"minimum": 3600,
"required": false,
"title": "DNS server TTL",
"type": "integer"
}
},
"title": "DNS TTL config",
"type": "object"
}
Domain (type)
{
"additionalProperties": false,
"description": "Domain.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "Domain",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildBridgeFirewallPolicy",
"ChildCommunicationMap",
"ChildDomainDeploymentMap",
"ChildEndpointPolicy",
"ChildGatewayPolicy",
"ChildGroup",
"ChildIdsGatewayPolicy",
"ChildIdsSecurityPolicy",
"ChildRedirectionPolicy",
"ChildSecurityPolicy"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Domain",
"type": "object"
}
DomainDeploymentMap (type)
{
"additionalProperties": false,
"description": "Binding of domain to the enforcement point.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "DomainDeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point_path": {
"description": "Path of enforcement point on which domain shall be enforced.",
"required": true,
"title": "Absolute path of enforcement point",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"DomainDeploymentMap"
],
"relationshipType": "DEPLOYMENT_MAP_ENFORCEMENT_POINT_RELATIONSHIP",
"rightType": [
"EnforcementPoint"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Domain Deployment Map",
"type": "object"
}
DomainDeploymentMapListRequestParameters (type)
{
"additionalProperties": false,
"description": "Domain Deployment Map list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "DomainDeploymentMapListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Domain Deployment Map List Request Parameters",
"type": "object"
}
DomainDeploymentMapListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of Domain Deployment Map.",
"extends": {
"$ref": "ListResult"
},
"id": "DomainDeploymentMapListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Domain Deployment Map list result.",
"items": {
"$ref": "DomainDeploymentMap"
},
"required": true,
"title": "Domain Deployment Map List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Domain Deployment Map",
"type": "object"
}
DomainListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "DomainListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Domain list request parameters",
"type": "object"
}
DomainListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "DomainListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Domain"
},
"required": true,
"title": "Domain list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Domains",
"type": "object"
}
DonutConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a Donut",
"extends": {
"$ref": "WidgetConfiguration"
},
"id": "DonutConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "DonutConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"count": {
"description": "Expression to retrieve count to be shown on Donut.",
"title": "Expression to retrieve count to be shown on Donut",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource"
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue"
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_count": {
"default": true,
"description": "If true, displays the count of entities in the donut",
"title": "Show or hide the count of entities",
"type": "boolean"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet",
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon"
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"label": {
"$ref": "Label",
"description": "Displayed at the middle of the donut, by default. It labels the entities of donut.",
"title": "Label of the Donut Configuration"
},
"legend": {
"$ref": "Legend",
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration"
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"sections": {
"decription": "High level logical grouping of portions or segments of donut.",
"items": {
"$ref": "DonutSection"
},
"minItems": 1,
"required": true,
"title": "Sections",
"type": "array"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Donut Configuration",
"type": "object"
}
DonutPart (type)
{
"additionalProperties": false,
"description": "Represents an entity or portion to be plotted on a donut or stats chart.",
"id": "DonutPart",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the part will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"title": "Expression for evaluating condition",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "A numerical value that represents the portion or entity of the donut or stats chart.",
"maxLength": 1024,
"required": true,
"title": "Value of the portion or entity of donut or stats chart",
"type": "string"
},
"hide_empty_legend": {
"default": false,
"description": "If true, legend will be shown only if the data for the part is available. This is applicable only if legends are specified in widget configuration.",
"title": "Hide the legend if the data for the part is not available",
"type": "boolean"
},
"label": {
"$ref": "Label",
"description": "If a section 'template' holds this donut or stats part, then the label is auto-generated from the fetched field values after applying the template.",
"title": "Label of the portion or entity of donut or stats chart"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.",
"title": "Navigation to a specified UI page",
"type": "string"
},
"render_configuration": {
"description": "Additional rendering or conditional evaluation of the field values to be performed, if any.",
"items": {
"$ref": "RenderConfiguration"
},
"minItems": 0,
"title": "Render Configuration",
"type": "array"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the portion.",
"items": {
"$ref": "Tooltip"
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
}
},
"title": "Portion of a donut or stats chart",
"type": "object"
}
DonutSection (type)
{
"additionalProperties": false,
"description": "Represents high level logical grouping of portions or segments of a donut / stats chart.",
"id": "DonutSection",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"parts": {
"description": "Array of portions or parts of the donut or stats chart.",
"items": {
"$ref": "DonutPart"
},
"minItems": 1,
"required": true,
"title": "Parts of a donut / stats chart",
"type": "array"
},
"row_list_field": {
"description": "Field of the root of the api result set for forming parts.",
"maxLength": 1024,
"title": "Field from which parts of the donut or stats chart are formed",
"type": "string"
},
"template": {
"default": false,
"description": "If true, the section will be appled as template for forming parts. Only one part will be formed from each element of 'row_list_field'.",
"title": "Template, if any, for automatically forming the donut or stats parts",
"type": "boolean"
}
},
"title": "Section of a donut or stats chart",
"type": "object"
}
DpuFailoverPolicy (type)
{
"additionalProperties": false,
"id": "DpuFailoverPolicy",
"module_id": "InventoryCmObj",
"properties": {
"active_uplinks": {
"description": "Array of configured active uplinks on DVS for DPU failover policy.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Active uplinks",
"type": "array"
},
"standby_uplinks": {
"description": "Array of configured standby uplinks on DVS for DPU failover policy.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Standby uplinks",
"type": "array"
}
},
"type": "object"
}
DpuInfo (type)
{
"description": "Details of data processing unit (DPU) present on a ESXi Host.",
"id": "DpuInfo",
"module_id": "FabricNode",
"properties": {
"dpu_id": {
"description": "Specifies Id of DPU.",
"readonly": true,
"required": true,
"title": "Id of DPU",
"type": "string"
},
"firmware_version": {
"description": "Specifies the firmware version of DPU.",
"readonly": true,
"required": false,
"title": "Firmware version of DPU",
"type": "string"
},
"is_primary": {
"description": "Specifies whether this is considered the primary DPU in the host.",
"readonly": true,
"required": false,
"title": "Primary flag of DPU",
"type": "boolean"
},
"model": {
"description": "Specifies the model of DPU.",
"readonly": true,
"required": false,
"title": "Model of the DPU",
"type": "string"
},
"os_version": {
"description": "Specifies the operating system version of DPU.",
"readonly": true,
"required": false,
"title": "Operating system version of DPU",
"type": "string"
},
"state": {
"description": "Specifies state of DPU.",
"enum": [
"UNAVAILABLE",
"UNMANAGED",
"UNUSED",
"MANAGED",
"INVALID"
],
"readonly": true,
"required": false,
"title": "State of DPU",
"type": "string"
},
"vendor": {
"description": "Specifies the vendor of DPU.",
"readonly": true,
"required": false,
"title": "Vendor of DPU",
"type": "string"
}
},
"title": "DPU information for a Host Transport node",
"type": "object"
}
DpuStatusProperties (type)
{
"id": "DpuStatusProperties",
"module_id": "ApplianceStats",
"properties": {
"cpu_cores": {
"description": "The number of CPU cores on the system.",
"readonly": true,
"title": "CPU core count",
"type": "integer"
},
"dpu_alias": {
"description": "DPU alias",
"readonly": true,
"title": "Data processing unit alias",
"type": "string"
},
"dpu_id": {
"readonly": true,
"title": "Data processing unit ID",
"type": "string"
},
"load_average": {
"description": "One, five, and fifteen minute load averages for the system.",
"items": {
"type": "number"
},
"readonly": true,
"title": "System load average",
"type": "array"
},
"mem_cache": {
"description": "Amount of RAM on the system that can be flushed out to disk, in kilobytes.",
"readonly": true,
"title": "Cached RAM size in kilobytes",
"type": "integer"
},
"mem_total": {
"description": "System Amount of RAM allocated to the system, in kilobytes.",
"readonly": true,
"title": "Total RAM size in kilobytes",
"type": "integer"
},
"mem_used": {
"description": "Amount of RAM in use on the system, in kilobytes.",
"readonly": true,
"title": "Used RAM size in kilobytes",
"type": "integer"
}
},
"title": "Data processing unit status properties",
"type": "object"
}
DriverConfig (type)
{
"extends": {
"$ref": "HighPerformanceConfig"
},
"id": "DriverConfig",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "DRIVER_CONFIG"
},
"properties": {
"driver_info": {
"items": {
"type": "string"
},
"title": "This is physical nic driver version.",
"type": "array"
},
"high_performance_config_params": {
"items": {
"$ref": "HighPerformanceConfigParams"
},
"title": "List of parameters that could be used to configure high performance.",
"type": "array"
},
"high_performance_config_type": {
"enum": [
"ADV_CONFIG",
"DRIVER_CONFIG",
"MISC_CONFIG"
],
"required": true,
"title": "The specific type of config.",
"type": "string"
},
"version": {
"items": {
"type": "string"
},
"required": false,
"title": "Based on the high_performance_config_type, it could\nbe either driver version or host version. For\nhigh_performance_config_type as ADV_CONFIG or MISC_CONFIG,\nthis represents host version. For high_performance_config_type\nas DRIVER_CONFIG, this represents physical NIC driver version.\n",
"type": "array"
}
},
"title": "These are driver specific configuration options.",
"type": "object"
}
DropStatsOutlier (type)
{
"description": "Outlier for packet drop statistics",
"id": "DropStatsOutlier",
"module_id": "ConsistencyCheck",
"properties": {
"deviation": {
"description": "Number of standard deviations away from the mean",
"readonly": true,
"required": true,
"title": "Number of standard deviations away from the mean",
"type": "number"
},
"drop_pps": {
"description": "Average number of packets dropped per second across the cluster",
"readonly": true,
"required": true,
"title": "Average number of packets dropped per second across the cluster",
"type": "number"
},
"observed_until": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp till the packet drop rate, i.e. drop outlier was detected",
"readonly": true,
"required": true,
"title": "Timestamp till the packet drop rate, i.e. drop outlier was detected"
},
"pnic_rx_pps": {
"description": "Average packets being received per second for physical nic across the cluster",
"readonly": true,
"required": true,
"title": "Average packets being received per second for physical nic across the cluster",
"type": "number"
},
"pnic_tx_pps": {
"description": "Average packets being transmitted per second for physical nic across the cluster",
"readonly": true,
"required": true,
"title": "Average packets being transmitted per second for physical nic across the cluster",
"type": "number"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the packet drop rate, i.e. drop outlier was detected",
"readonly": true,
"required": true,
"title": "Timestamp when the packet drop rate, i.e. drop outlier was detected"
},
"vnic_rx_pps": {
"description": "Average packets being received per second for virtual nic across the cluster",
"readonly": true,
"required": true,
"title": "Average packets being received per second for virtual nic across the cluster",
"type": "number"
},
"vnic_tx_pps": {
"description": "Average packets being transmitted per second for virtual nic across the cluster",
"readonly": true,
"required": true,
"title": "Average packets being transmitted per second for virtual nic across the cluster",
"type": "number"
}
},
"title": "Outlier for packet drop statistics",
"type": "object"
}
DropdownFilterPlotConfiguration (type)
{
"additionalProperties": false,
"description": "Dropdown Filter plotting configuration.",
"extends": {
"$ref": "WidgetPlotConfiguration"
},
"id": "DropdownFilterPlotConfiguration",
"module_id": "NsxDashboard",
"properties": {
"allow_maximize": {
"description": "Allow maximize capability for this widget",
"title": "Allow maximize capability for this widget",
"type": "boolean"
},
"allow_search": {
"default": false,
"description": "Allow search on drop down filter.",
"title": "Allow search on drop down filter",
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the given chart config is applied to the widget configuration.",
"maxLength": 1024,
"title": "Expression for evaluating condition for this chart config",
"type": "string"
}
},
"title": "Dropdown Filtert plotting configuration",
"type": "object"
}
DropdownFilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for dropdown filter widget.",
"extends": {
"$ref": "FilterWidgetConfiguration"
},
"id": "DropdownFilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "DropdownFilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource"
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue"
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"default_value": {
"description": "Expression to specify default value of filter.",
"title": "Expression to specify default value",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"dropdown_filter_plot_config": {
"$ref": "DropdownFilterPlotConfiguration",
"description": "Dropdown filter plotting configuration. This plotting configuration will be applicable for the Dropdown filter only.",
"required": false,
"title": "Dropdown filter plotting configuration"
},
"dropdown_item": {
"$ref": "DropdownItem",
"description": "Defines the item of a dropdown.",
"required": false,
"title": "Definition for item of a dropdown"
},
"feature_set": {
"$ref": "FeatureSet",
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon"
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend",
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"placeholder_msg": {
"description": "Placeholder message to be displayed in dropdown filter.",
"title": "Placeholder message to be shown in filter",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration"
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"static_filter_condition": {
"description": "If the condition is met then the static filter will be added. If no condition is provided, then the static filters will be applied unconditionally.",
"title": "Expression for evaluating condition",
"type": "string"
},
"static_filters": {
"description": "Additional static items to be added in dropdown filter. Example can be 'ALL'.",
"items": {
"$ref": "StaticFilter"
},
"title": "Additional static items to be added in dropdown filter",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Dropdown Filter widget Configuration",
"type": "object"
}
DropdownItem (type)
{
"additionalProperties": false,
"id": "DropdownItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"additional_value": {
"description": "An additional key-value pair for item to be display in dropdown.",
"required": false,
"title": "An additional value for item to be display in dropdown.",
"type": "object"
},
"display_name": {
"description": "expression to extract display name to be shown in the drop down.",
"maxLength": 1024,
"title": "Display name for item to be displayed in dropdown",
"type": "string"
},
"field": {
"description": "An expression that represents the items of the dropdown filter.",
"required": true,
"title": "Expression for dropdown items of filter",
"type": "string"
},
"short_display_name": {
"description": "Property value is shown in the drop down input box for a filter. If the value is not provided 'display_name' property value is used.",
"maxLength": 1024,
"title": "A property value to be shown once value is selected for a filter.",
"type": "string"
},
"value": {
"description": "Value of filter inside dropdown filter.",
"required": true,
"title": "Value for item to be displayed in dropdown",
"type": "string"
}
},
"title": "Dropdown item definition",
"type": "object"
}
Dscp (type) (Deprecated)
{
"deprecated": true,
"description": "Dscp value is ignored in case of 'TRUSTED' DscpMode.",
"id": "Dscp",
"module_id": "QosSwitchingProfile",
"properties": {
"mode": {
"$ref": "DscpMode"
},
"priority": {
"default": 0,
"maximum": 63,
"minimum": 0,
"title": "Internal Forwarding Priority",
"type": "int"
}
},
"required": true,
"title": "One of Quality-of-Service or Encapsulated-Remote-Switched-Port-Analyzer",
"type": "object"
}
DscpBit (type)
{
"additionalProperties": false,
"description": "To define the Dscp bit in Global In-band network telemetry configuration.",
"extends": {
"$ref": "DscpIndicator"
},
"id": "DscpBit",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "DSCP_BIT"
},
"properties": {
"dscp_bit": {
"description": "A DSCP bit is allocated to indicate the existence of INT header. It takes effect only when the INT indicator mode is DSCP_BIT. The user should guarantee that the given DSCP bit is specifically allocated for INT.",
"maximum": 5,
"minimum": 0,
"required": true,
"title": "DSCP bit for indicating the existence of INT header.",
"type": "int"
},
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Dscp bit config",
"type": "object"
}
DscpIndicator (type)
{
"abstract": true,
"additionalProperties": false,
"description": "The DscpIndicator is the base class for global In-band network telemetry configurations for different types in a NSX domain.",
"id": "DscpIndicator",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "indicator_type"
},
"properties": {
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Abstract base type for Global In-band network telemetry configuration",
"type": "object"
}
DscpMode (type) (Deprecated)
{
"default": "TRUSTED",
"deprecated": true,
"enum": [
"TRUSTED",
"UNTRUSTED"
],
"id": "DscpMode",
"module_id": "QosSwitchingProfile",
"title": "Trust settings",
"type": "string"
}
DscpTrustMode (type)
{
"default": "TRUSTED",
"description": "When you select the Trusted mode the inner header DSCP value is applied to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic, the outer IP header takes the default value.Untrusted mode is supported on overlay-based and VLAN-based logical port.",
"enum": [
"TRUSTED",
"UNTRUSTED"
],
"id": "DscpTrustMode",
"module_id": "PolicyQoS",
"title": "Trust settings",
"type": "string"
}
DscpValue (type)
{
"additionalProperties": false,
"description": "To define the Dscp value in Global In-band network telemetry configuration.",
"extends": {
"$ref": "DscpIndicator"
},
"id": "DscpValue",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "DSCP_VALUE"
},
"properties": {
"dscp_value": {
"description": "A DSCP value is allocated to indicate the existence of INT header. It takes effects only when the INT indicator mode is DSCP_VALUE. The user should guarantee that the given DSCP value is specifically allocated for INT.",
"maximum": 63,
"minimum": 1,
"required": true,
"title": "DSCP value for indicating the existence of INT header.",
"type": "int"
},
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Dscp bit config",
"type": "object"
}
DuplicateAddressBindingEntry (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "AddressBindingEntry"
},
"id": "DuplicateAddressBindingEntry",
"module_id": "LogicalPort",
"properties": {
"binding": {
"$ref": "PacketAddressClassifier",
"title": "Combination of IP-MAC-VLAN binding"
},
"binding_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp at which the binding was discovered via snooping or manually specified by the user",
"title": "Timestamp of binding"
},
"conflicting_port": {
"description": "Provides the ID of the port on which the same address bidning exists",
"required": false,
"title": "ID of logical port with the same address binding",
"type": "string"
},
"source": {
"$ref": "AddressBindingSource",
"default": "UNKNOWN",
"description": "Source from which the address binding entry was obtained",
"title": "Address binding source"
}
},
"title": "Duplicate address binding information",
"type": "object"
}
DuplicateIPDetection (type) (Deprecated)
{
"deprecated": true,
"id": "DuplicateIPDetection",
"module_id": "IpDiscoverySwitchingProfile",
"properties": {
"duplicate_ip_detection_enabled": {
"default": false,
"readonly": false,
"required": false,
"title": "Indicates whether duplicate IP detection should be enabled",
"type": "boolean"
}
},
"title": "Duplicate IP detection and control",
"type": "object"
}
DuplicateIPDetectionOptions (type)
{
"additionalProperties": false,
"description": "Contains dupliacte IP detection related discovery options.",
"id": "DuplicateIPDetectionOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"duplicate_ip_detection_enabled": {
"default": false,
"description": "Indicates whether duplicate IP detection should be enabled",
"required": false,
"title": "Duplicate IP detection",
"type": "boolean"
}
},
"title": "Controls duplicate IP detection options",
"type": "object"
}
Dvpg (type)
{
"additionalProperties": false,
"description": "DVPG details.",
"id": "Dvpg",
"module_id": "OverlayAdoption",
"properties": {
"data_center_id": {
"description": "Datacenter ID.",
"readonly": true,
"required": false,
"title": "Datacenter ID",
"type": "string"
},
"data_center_name": {
"description": "Datacenter name.",
"readonly": true,
"required": false,
"title": "Datacenter name",
"type": "string"
},
"id": {
"description": "DVPG ID.",
"readonly": true,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"name": {
"description": "DVPG name.",
"readonly": true,
"required": false,
"title": "DVPG name",
"type": "string"
},
"vds_id": {
"description": "VDS ID.",
"readonly": true,
"required": false,
"title": "VDS ID",
"type": "string"
},
"vds_name": {
"description": "VDS name.",
"readonly": true,
"required": false,
"title": "VDS name",
"type": "string"
},
"vlan_id": {
"description": "A single vlan ID or comma separated vlan ranges. Example - \"200\" or \"1-100,201-300\"",
"readonly": true,
"required": false,
"title": "VLAN ID",
"type": "string"
},
"vm_count": {
"description": "Number of vm's that belong to dvpg.",
"readonly": true,
"required": false,
"title": "Number of vm's",
"type": "int"
}
},
"title": "DVPG details",
"type": "object"
}
DvpgAggregateInfo (type)
{
"additionalProperties": false,
"description": "DVPG aggregate info.",
"id": "DvpgAggregateInfo",
"module_id": "OverlayAdoption",
"properties": {
"assessment_result": {
"$ref": "ColorCode",
"description": "Assessment result for the resource.",
"readonly": true,
"required": false,
"title": "Assessment result for the resource"
},
"dvpg": {
"$ref": "Dvpg",
"description": "DVPG details",
"readonly": true,
"required": false,
"title": "DVPG details"
},
"migration_status": {
"$ref": "DvpgMigrationStatus",
"description": "DVPG migration status.",
"readonly": true,
"required": false,
"title": "DVPG migration status"
}
},
"title": "DVPG aggregate info",
"type": "object"
}
DvpgAggregateInfoListRequestParameters (type)
{
"description": "DVPG aggregate info list request parameters.",
"extends": {
"$ref": "DvpgListRequestParameters"
},
"id": "DvpgAggregateInfoListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"assessment_result": {
"$ref": "ColorCode",
"description": "Assessment result for the resource.",
"readonly": false,
"required": false,
"title": "Assessment result for the resource"
},
"data_center_id": {
"description": "Datacenter ID.",
"readonly": false,
"required": false,
"title": "Datacenter ID",
"type": "string"
},
"data_center_name": {
"description": "Datacenter name.",
"readonly": false,
"required": false,
"title": "Datacenter name",
"type": "string"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": false,
"title": "DVPG ID",
"type": "string"
},
"dvpg_name": {
"description": "DVPG name.",
"readonly": false,
"required": false,
"title": "DVPG name",
"type": "string"
},
"migration_status": {
"$ref": "DvpgMigrationStatus",
"description": "DVPG migration status.",
"readonly": false,
"required": false,
"title": "DVPG migration status"
},
"vds_id": {
"description": "VDS ID.",
"readonly": false,
"required": false,
"title": "VDS ID",
"type": "string"
},
"vds_name": {
"description": "VDS name.",
"readonly": false,
"required": false,
"title": "VDS name",
"type": "string"
},
"vlan_id": {
"description": "VLAN ID.",
"readonly": false,
"required": false,
"title": "VLAN ID",
"type": "string"
}
},
"title": "DVPG aggregate info list request parameters",
"type": "object"
}
DvpgAggregateInfoListResult (type)
{
"additionalProperties": false,
"description": "List of DVPG aggregate info.",
"extends": {
"$ref": "ListResult"
},
"id": "DvpgAggregateInfoListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of DVPG aggregate info.",
"items": {
"$ref": "DvpgAggregateInfo"
},
"readonly": true,
"required": true,
"title": "Paged collection of DVPG aggregate info",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of DVPG aggregate info",
"type": "object"
}
DvpgAndSegmentWorkflowResource (type)
{
"additionalProperties": false,
"description": "DVPG and segment workflow resource.",
"extends": {
"$ref": "WorkflowResource"
},
"id": "DvpgAndSegmentWorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "DvpgAndSegmentWorkflowResource"
},
"properties": {
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"segment_path": {
"description": "Segment path.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
},
"type": {
"$ref": "WorkflowResourceType",
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
}
},
"title": "DVPG and segment workflow resource",
"type": "object"
}
DvpgAndSubnetMigrationUnit (type)
{
"additionalProperties": false,
"description": "DVPG and subnet migration unit.",
"id": "DvpgAndSubnetMigrationUnit",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_and_subnet_to_segment_migration_info_list": {
"description": "Collection of DVPG and subnet migration to segment migration info.",
"items": {
"$ref": "DvpgAndSubnetToSegmentMigrationInfo"
},
"readonly": true,
"required": false,
"title": "Collection of DVPG and subnet migration to segment migration info",
"type": "array"
},
"ip_subnets": {
"$ref": "VnicIpSubnets",
"description": "A VnicIpSubnets shared by vNICs connected to a DVPG.",
"readonly": true,
"required": false,
"title": "A VnicIpSubnets shared by vNICs connected to a DVPG"
},
"migration_status": {
"$ref": "DvpgAndSubnetMigrationUnitStatus",
"description": "DVPG and subnet unit migration status.",
"readonly": true,
"required": false,
"title": "DVPG and subnet unit migration status"
},
"vm_count": {
"description": "Number of VMs connected to a DVPG in the subnets specified by the the property \"subnets\".",
"readonly": true,
"required": false,
"title": "Number of VMs connected to a DVPG in the subnets",
"type": "int"
}
},
"title": "DVPG and subnet migration unit",
"type": "object"
}
DvpgAndSubnetMigrationUnitStatus (type)
{
"description": "DVPG and subnet migration unit status.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"id": "DvpgAndSubnetMigrationUnitStatus",
"module_id": "OverlayAdoption",
"title": "DVPG and subnet migration unit status",
"type": "string"
}
DvpgAndSubnetToSegmentMigrationInfo (type)
{
"additionalProperties": false,
"description": "DVPG and subnet to segment migration info.",
"id": "DvpgAndSubnetToSegmentMigrationInfo",
"module_id": "OverlayAdoption",
"properties": {
"migration_status": {
"$ref": "DvpgAndSubnetToSegmentMigrationStatus",
"description": "DVPG and subnet to segment migration status.",
"readonly": true,
"required": false,
"title": "DVPG and subnet to segment migration status"
},
"segment_path": {
"description": "Segment path.",
"readonly": true,
"required": true,
"title": "Segment path",
"type": "string"
}
},
"title": "DVPG and subnet to segment migration info",
"type": "object"
}
DvpgAndSubnetToSegmentMigrationStatus (type)
{
"description": "DVPG and subnet to segment migration status.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"id": "DvpgAndSubnetToSegmentMigrationStatus",
"module_id": "OverlayAdoption",
"title": "DVPG and subnet to segment migration status",
"type": "string"
}
DvpgIdAndSegmentPathPair (type)
{
"additionalProperties": false,
"description": "DVPG ID and Segment path pair.",
"id": "DvpgIdAndSegmentPathPair",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"segment_path": {
"description": "Segment path.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
}
},
"title": "DVPG ID and Segment path pair",
"type": "object"
}
DvpgListRequestParameters (type)
{
"description": "DVPG list request parameters",
"id": "DvpgListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"data_center_id": {
"description": "Datacenter ID.",
"readonly": false,
"required": false,
"title": "Datacenter ID",
"type": "string"
},
"data_center_name": {
"description": "Datacenter name.",
"readonly": false,
"required": false,
"title": "Datacenter name",
"type": "string"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": false,
"title": "DVPG ID",
"type": "string"
},
"dvpg_name": {
"description": "DVPG name.",
"readonly": false,
"required": false,
"title": "DVPG name",
"type": "string"
},
"vds_id": {
"description": "VDS ID.",
"readonly": false,
"required": false,
"title": "VDS ID",
"type": "string"
},
"vds_name": {
"description": "VDS name.",
"readonly": false,
"required": false,
"title": "VDS name",
"type": "string"
},
"vlan_id": {
"description": "VLAN ID.",
"readonly": false,
"required": false,
"title": "VLAN ID",
"type": "string"
}
},
"title": "DVPG list request parameters",
"type": "object"
}
DvpgListResult (type)
{
"additionalProperties": false,
"description": "List of DVPGs.",
"extends": {
"$ref": "ListResult"
},
"id": "DvpgListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of DVPGs.",
"items": {
"$ref": "Dvpg"
},
"readonly": true,
"required": true,
"title": "Paged collection of DVPGs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of DVPGs",
"type": "object"
}
DvpgMappingInfo (type)
{
"additionalProperties": false,
"description": "Mapping info for a DVPG to which an overlay segment has been bridged.",
"id": "DvpgMappingInfo",
"module_id": "OverlayAdoption",
"properties": {
"bridge_profile_path": {
"description": "Policy path of the L2 bridge profile that has been used for bridging the segment and DVPG",
"readonly": true,
"required": true,
"title": "Bridge profile path",
"type": "string"
},
"bridging_mode": {
"$ref": "BridgingMode",
"description": "Bridging mode.",
"readonly": true,
"required": true,
"title": "Bridging mode"
},
"dvpg_id": {
"description": "DVPG ID to which the overlay segment has been bridged.",
"readonly": true,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"dvpg_name": {
"description": "DVPG name.",
"readonly": true,
"required": true,
"title": "DVPG name",
"type": "string"
},
"ipv4_subnet": {
"description": "IPv4 subnet of some/all vNICs connected to the DVPG. This value would have been provided when extend DVPG workflow was performed.",
"readonly": true,
"required": false,
"title": "IPv4 subnet of some/all vNICs connected to the DVPG",
"type": "string"
},
"ipv6_subnet": {
"description": "IPv6 subnet of some/all vNICs connected to the DVPG. This value would have been provided when extend DVPG workflow was performed.",
"readonly": true,
"required": false,
"title": "IPv6 subnet of some/all vNICs connected to the DVPG",
"type": "string"
},
"vlan_id": {
"description": "VLAN ID of the DVPG that has been bridged to overlay segment.",
"readonly": true,
"required": true,
"title": "VLAN ID",
"type": "string"
}
},
"title": "DVPG mapping info",
"type": "object"
}
DvpgMigrationInfo (type)
{
"additionalProperties": false,
"description": "Detailed DVPG migration info.",
"id": "DvpgMigrationInfo",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_and_subnet_migration_units": {
"description": "Collection of DVPG and subnet migration units.",
"items": {
"$ref": "DvpgAndSubnetMigrationUnit"
},
"readonly": true,
"required": false,
"title": "Collection of DVPG and subnet migration units",
"type": "array"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": true,
"required": true,
"title": "DVPG ID",
"type": "string"
}
},
"title": "DVPG migration info",
"type": "object"
}
DvpgMigrationInfoRequestParameters (type)
{
"description": "DVPG migration info request parameters.",
"id": "DvpgMigrationInfoRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
}
},
"title": "DVPG migration info request parameters",
"type": "object"
}
DvpgMigrationStatus (type)
{
"description": "DVPG migration status.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"id": "DvpgMigrationStatus",
"module_id": "OverlayAdoption",
"title": "DVPG migration status",
"type": "string"
}
DvpgWorkflowResource (type)
{
"additionalProperties": false,
"description": "DVPG workflow resource.",
"extends": {
"$ref": "WorkflowResource"
},
"id": "DvpgWorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "DvpgWorkflowResource"
},
"properties": {
"dvpg_id": {
"description": "DVPG Id.",
"readonly": false,
"required": true,
"title": "DVPG Id",
"type": "string"
},
"type": {
"$ref": "WorkflowResourceType",
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
}
},
"title": "DVPG workflow resource",
"type": "object"
}
DynamicContentFilterQueryParameter (type)
{
"additionalProperties": false,
"id": "DynamicContentFilterQueryParameter",
"properties": {
"scope": {
"enum": [
"NAPP"
],
"title": "Restrict scope of dynamic content filters to report",
"type": "string"
}
},
"type": "object"
}
DynamicContentFilterValue (type)
{
"id": "DynamicContentFilterValue",
"title": "Support bundle dynamic content filter allowed values, for example, NAPP:SERVICE:PLATFORM_SERVICES",
"type": "string"
}
DynamicContentFilters (type)
{
"additionalProperties": false,
"id": "DynamicContentFilters",
"properties": {
"dynamic_content_filters": {
"description": "These filter values will be set by the remote node like the NSX Intelligence Platform for instance. We would not need to know or act on these dynamic content filters, except for passing them on as request parameters along with the support bundle collection API.",
"items": {
"$ref": "DynamicContentFilterValue"
},
"title": "Support bundle content filter allowed values",
"type": "array"
}
},
"type": "object"
}
DynamicPluginFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "DynamicPluginFileProperties",
"module_id": "PolicySha",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"file_name": {
"display": {
"order": 2
},
"required": true,
"title": "File name",
"type": "string"
},
"plugin_path": {
"display": {
"order": 1
},
"required": true,
"title": "Plugin id",
"type": "string"
},
"status": {
"display": {
"order": 3
},
"enum": [
"SUCCESS",
"FAILURE"
],
"required": true,
"title": "Upload status",
"type": "string"
}
},
"title": "Plugin file properties",
"type": "object"
}
EPActionForDnsForwarderRequestParameters (type)
{
"id": "EPActionForDnsForwarderRequestParameters",
"module_id": "PolicyDnsForwarder",
"properties": {
"action": {
"description": "The valid DNS forwarder actions to be performed on EP are, - clear_cache: Clear the current cache of the dns forwarder from specified enforcement point.",
"enum": [
"clear_cache"
],
"required": true,
"title": "An action to be performed for DNS forwarder on EP",
"type": "string"
},
"enforcement_point_path": {
"default": "/infra/sites/default/enforcement-points/default",
"description": "An enforcement point path, on which the action is to be performed. If not specified, default enforcement point path, /infra/sites/default/enforcement-points/default will be considered.",
"required": false,
"title": "An enforcement point path, on which the action is to be performed",
"type": "string"
}
},
"type": "object"
}
EULAAcceptance (type)
{
"additionalProperties": false,
"description": "Indicate the status of End User License Agreement acceptance",
"extends": {
"$ref": "ManagedResource"
},
"id": "EULAAcceptance",
"module_id": "EULA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"acceptance": {
"description": "Acceptance status of End User License Agreement",
"required": true,
"title": "End User License Agreement acceptance status",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "EULA acceptance status",
"type": "object"
}
EULAContent (type)
{
"additionalProperties": false,
"description": "End User License Agreement content",
"extends": {
"$ref": "ManagedResource"
},
"id": "EULAContent",
"module_id": "EULA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"content": {
"description": "Content of End User License Agreement",
"required": true,
"sensitive": true,
"title": "End User License Agreement content",
"type": "secure_string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "EULA content",
"type": "object"
}
EULAOutputFormatRequestParameters (type)
{
"additionalProperties": false,
"description": "Indicate output format of End User License Agreement content",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "EULAOutputFormatRequestParameters",
"module_id": "EULA",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"value_format": {
"title": "End User License Agreement content output format",
"type": "string"
}
},
"type": "object"
}
EdgeCluster (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "EdgeCluster",
"module_id": "EdgeClusters",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_rules": {
"description": "Set of allocation rules and respected action for auto placement of logical router, DHCP and MDProxy on edge cluster members.",
"items": {
"$ref": "AllocationRule"
},
"required": false,
"title": "Allocation rules for auto placement",
"type": "array"
},
"cluster_profile_bindings": {
"items": {
"$ref": "ClusterProfileTypeIdEntry"
},
"required": false,
"title": "Edge cluster profile bindings",
"type": "array"
},
"deployment_type": {
"$ref": "EdgeDeploymentType",
"description": "This field is a readonly field which shows the deployment_type of members. It returns UNKNOWN if there are no members, and returns VIRTUAL_MACHINE| PHYSICAL_MACHINE if all edge members are VIRTUAL_MACHINE|PHYSICAL_MACHINE. It returns HYBRID if the cluster contains edge members of both types VIRTUAL_MACHINE and PHYSICAL_MACHINE.",
"readonly": true,
"required": false,
"title": "Edge cluster deployment type"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_inter_site_forwarding": {
"description": "Flag should be only use in federation for inter site l2 and l3 forwarding. Before enabling this flag, all the edge cluster members must have remote tunnel endpoint configured. TIER0/TIER1 logical routers managed by GM must be associated with edge cluster which has inter-site forwarding enabled.",
"readonly": true,
"title": "Flag to enable inter site forwarding",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_node_type": {
"$ref": "EdgeClusterNodeType",
"description": "Edge cluster is homogenous collection of transport nodes. Hence all transport nodes of the cluster must be of same type. This readonly field shows the type of transport nodes.",
"readonly": true,
"required": false,
"title": "Node type of the cluster members"
},
"members": {
"description": "EdgeCluster only supports homogeneous members. These member should be backed by either EdgeNode or PublicCloudGatewayNode. TransportNode type of these nodes should be the same. DeploymentType (VIRTUAL_MACHINE|PHYSICAL_MACHINE) of these EdgeNodes is recommended to be the same. EdgeCluster supports members of different deployment types.",
"items": {
"$ref": "EdgeClusterMember"
},
"required": false,
"title": "Edge cluster members",
"type": "array"
},
"node_rtep_ips": {
"description": "List of remote tunnel endpoint ipaddress configured on edge cluster for each transport node.",
"items": {
"$ref": "NodeRtepIpsConfig"
},
"readonly": true,
"required": false,
"title": "Remote tunnel endpoint ip address.",
"type": "array"
},
"password_managed_by_vcf": {
"default": false,
"description": "Setting to true enables VCF password management for all edge nodes in the cluster.",
"nsx_feature": "SimplifyEdgeInstallAndOperation",
"readonly": false,
"title": "VCF managed password flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
EdgeClusterAllocationStatus (type)
{
"additionalProperties": false,
"description": "Allocation details of cluster and its members. Contains information of the edge nodes present in cluster, active and standby services of each node, utilization details of configured sub-pools. These allocation details can be monitored by customers to trigger migration of certain service contexts to different edge nodes, to balance the utilization of edge node resources.",
"id": "EdgeClusterAllocationStatus",
"module_id": "EdgeClusters",
"properties": {
"display_name": {
"readonly": true,
"title": "Display name of the edge cluster",
"type": "string"
},
"id": {
"description": "System allotted UUID of edge cluster.",
"readonly": true,
"title": "Unique identifier of edge cluster",
"type": "string"
},
"member_count": {
"description": "Represents the number of edge nodes in the cluster.",
"readonly": true,
"title": "Count of edge nodes present in the cluster",
"type": "int"
},
"members": {
"description": "Allocation details of edge nodes present in the cluster.",
"items": {
"$ref": "EdgeMemberAllocationStatus"
},
"readonly": true,
"title": "Allocation Status of edge nodes",
"type": "array"
}
},
"title": "Allocationd details of edge cluster",
"type": "object"
}
EdgeClusterHighAvailabilityProfileListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "EdgeClusterHighAvailabilityProfileListResult",
"module_id": "PolicyEdgeClusterProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyEdgeHighAvailabilityProfile"
},
"readonly": true,
"required": false,
"title": "Edge Cluster Profile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Cluster Profile queries result",
"type": "object"
}
EdgeClusterInterSiteStatus (type)
{
"additionalProperties": false,
"id": "EdgeClusterInterSiteStatus",
"module_id": "AggSvcEdgeCluster",
"properties": {
"edge_cluster_id": {
"description": "Id of the edge cluster whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge cluster id",
"type": "string"
},
"edge_cluster_name": {
"description": "Name of the edge cluster whose status is being reported.",
"readonly": true,
"title": "Edge cluster name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the edge cluster inter-site status was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"member_status": {
"description": "Per edge node inter-site status.",
"items": {
"$ref": "EdgeClusterMemberInterSiteStatus"
},
"readonly": true,
"title": "Per edge node inter-site status",
"type": "array"
},
"overall_status": {
"description": "Overall status of all edge nodes IBGP status in the edge cluster.",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN",
"CONFIGURED"
],
"readonly": true,
"title": "Overall IBGP status in the edge cluster",
"type": "string"
}
},
"type": "object"
}
EdgeClusterListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "EdgeClusterListResult",
"module_id": "EdgeClusters",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EdgeCluster"
},
"required": true,
"title": "Edge cluster list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EdgeClusterMember (type)
{
"additionalProperties": false,
"id": "EdgeClusterMember",
"module_id": "EdgeClusters",
"properties": {
"description": {
"description": "description of edge cluster member",
"required": false,
"title": "description of edge cluster member",
"type": "string"
},
"display_name": {
"description": "display name of edge cluster member",
"required": false,
"title": "display name of edge cluster member",
"type": "string"
},
"member_index": {
"description": "System generated index for cluster member",
"readonly": true,
"required": false,
"title": "System generated index for cluster member",
"type": "int"
},
"transport_node_id": {
"description": "Identifier of the transport node backed by an Edge node",
"required": true,
"title": "UUID of edge transport node",
"type": "string"
}
},
"type": "object"
}
EdgeClusterMemberAllocationPool (type)
{
"abstract": true,
"additionalProperties": false,
"id": "EdgeClusterMemberAllocationPool",
"module_id": "LogicalRouter",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "allocation_pool_type"
},
"properties": {
"allocation_pool_type": {
"$ref": "AllocationPoolType",
"required": true
}
},
"type": "object"
}
EdgeClusterMemberAllocationProfile (type)
{
"additionalProperties": false,
"id": "EdgeClusterMemberAllocationProfile",
"module_id": "LogicalRouter",
"properties": {
"allocation_pool": {
"$ref": "EdgeClusterMemberAllocationPool",
"description": "Logical router allocation can be tracked for specific services and services may have their own hard limits and allocation sizes. For example load balancer pool should be specified if load balancer service will be attached to logical router.",
"required": false,
"title": "Edge Cluster Member Allocation Pool for logical router"
},
"allocation_type": {
"description": "Allocation type is used to specify the mode used to allocate the LR. This is populated only for TIER1 logical router and for TIER0 this will be null.",
"enum": [
"MANUAL",
"AUTO"
],
"readonly": true,
"required": false,
"title": "Resource allocation type",
"type": "string"
},
"enable_standby_relocation": {
"default": false,
"description": "Flag to enable the auto-relocation of standby service router running on edge cluster and node associated with the logical router. Only dynamically allocated tier1 logical routers are considered for the relocation.",
"required": false,
"title": "Flag to enable standby service router relocation",
"type": "boolean"
}
},
"type": "object"
}
EdgeClusterMemberIndex (type)
{
"additionalProperties": false,
"id": "EdgeClusterMemberIndex",
"module_id": "EdgeClusters",
"properties": {
"member_index": {
"description": "Index for cluster member",
"required": true,
"title": "Index for cluster member",
"type": "int"
}
},
"type": "object"
}
EdgeClusterMemberInterSiteStatus (type)
{
"additionalProperties": false,
"id": "EdgeClusterMemberInterSiteStatus",
"module_id": "AggSvcEdgeCluster",
"properties": {
"established_bgp_sessions": {
"description": "Total number of current established inter-site IBGP sessions.",
"readonly": true,
"title": "Established inter-site IBGP sessions",
"type": "integer"
},
"neighbor_status": {
"description": "Inter-site BGP neighbor status.",
"items": {
"$ref": "BgpNeighborStatusLiteDto"
},
"readonly": true,
"title": "BGP neighbor status",
"type": "array"
},
"status": {
"description": "Edge node IBGP status",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"readonly": true,
"title": "Edge node IBGP status",
"type": "string"
},
"total_bgp_sessions": {
"description": "Total number of inter-site IBGP sessions.",
"readonly": true,
"title": "Total inter-site IBGP sessions",
"type": "integer"
},
"transport_node": {
"$ref": "ResourceReference",
"description": "Edge node details from where the status is being retrived.",
"readonly": true,
"required": true,
"title": "Transport node"
}
},
"type": "object"
}
EdgeClusterMemberStatus (type)
{
"id": "EdgeClusterMemberStatus",
"module_id": "AggSvcEdgeCluster",
"properties": {
"status": {
"enum": [
"UP",
"DOWN",
"ADMIN_DOWN",
"PARTIALLY_DISCONNECTED",
"UNKNOWN"
],
"required": true,
"title": "Status of an edge node",
"type": "string"
},
"transport_node": {
"$ref": "ResourceReference",
"description": "Transport node backed by an Edge node.",
"required": true,
"title": "UUID of edge transport node"
}
},
"type": "object"
}
EdgeClusterMemberTransportNode (type)
{
"additionalProperties": false,
"id": "EdgeClusterMemberTransportNode",
"module_id": "EdgeClusters",
"properties": {
"member_index": {
"description": "System generated index for cluster member",
"required": true,
"title": "System generated index for cluster member",
"type": "int"
},
"transport_node_id": {
"description": "Identifier of the transport node backed by an Edge node",
"required": true,
"title": "UUID of edge transport node",
"type": "string"
}
},
"type": "object"
}
EdgeClusterNodeType (type)
{
"enum": [
"EDGE_NODE",
"PUBLIC_CLOUD_GATEWAY_NODE",
"UNKNOWN"
],
"id": "EdgeClusterNodeType",
"module_id": "EdgeCommonTypes",
"title": "Supported edge cluster node type.",
"type": "string"
}
EdgeClusterState (type)
{
"description": "This holds the state of Edge Cluster. If there are errors in realizing EC outside of MP, it gives details of the components and specific errors.",
"extends": {
"$ref": "EdgeConfigurationState"
},
"id": "EdgeClusterState",
"module_id": "EdgeClusters",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Realization State of Edge Cluster.",
"type": "object"
}
EdgeClusterStatus (type)
{
"id": "EdgeClusterStatus",
"module_id": "AggSvcEdgeCluster",
"properties": {
"edge_cluster_id": {
"description": "Id of the edge cluster whose status is being reported",
"required": true,
"title": "Edge cluster id",
"type": "string"
},
"edge_cluster_status": {
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"required": true,
"title": "Status of an edge node",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the cluster status was last updated",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"member_status": {
"additionalProperties": false,
"items": {
"$ref": "EdgeClusterMemberStatus"
},
"readonly": true,
"title": "Per Edge Node Status",
"type": "array"
}
},
"type": "object"
}
EdgeConfigDiagnosis (type)
{
"additionalProperties": false,
"id": "EdgeConfigDiagnosis",
"properties": {
"failed": {
"$ref": "FailedOrWarningConfig",
"required": true,
"title": "Failed Config",
"type": "object"
},
"passed": {
"items": {
"$ref": "ConfigType"
},
"required": true,
"title": "Passed Config",
"type": "array"
},
"warning": {
"$ref": "FailedOrWarningConfig",
"required": true,
"title": "Config Warning",
"type": "object"
}
},
"type": "object"
}
EdgeConfigurationState (type)
{
"additionalProperties": false,
"description": "This contains fields that captures state of Trackable entities. Edge and VPN state entities extend this object.",
"extends": {
"$ref": "ConfigurationState"
},
"id": "EdgeConfigurationState",
"module_id": "LogicalRouter",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Configuration State for Edge and VPN entities.",
"type": "object"
}
EdgeDataplaneCpuStats (type)
{
"additionalProperties": false,
"description": "Provides the dataplane CPU statistics per CPU core for a given edge transport node. It includes the following information: - Core ID. - CPU type. - Number of packets sent and received per second on the core for the last 100ms. - Number of packets received per second from the crypto module, the KNI interface, the slowpath threads and the other cores within the last 100ms. - Statistics of the mega flow cache which holds flow cache key and the corresponding flow cache actions for all the entries. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. - Statistics of the micro flow cache which holds a hash of the entire flow cache key and a pointer to the mega flow cache entry. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. - Percentage of live CPU utilization of the core sampled within the last 60 seconds. - Percentage of CPU utilization of the core for actual packet processing for the last 100ms.",
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneCpuStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cores": {
"description": "Provides the per-core CPU statistics of an edge transport node for the last 100ms. It includes the number of packets sent and received per second; the number of packets received from the crypto module, the other cores, the Kernel Network interface (KNI), and the slowpath threads per second and the CPU packet processing usage. It also provides the live CPU usage of the core sampled within the last 60 seconds. It includes the flow cache statistics since the time the edge dataplane is UP. The flow cache statistics will be reset on edge reboot or edge dataplane restart.",
"items": {
"$ref": "CpuStats"
},
"maxItems": 64,
"title": "Statistics of all CPU cores",
"type": "array"
},
"datapath_cores_mode": {
"description": "Mode of how the datapath cores get the packets from driver",
"readonly": true,
"title": "Datapath core mode",
"type": "string"
}
},
"title": "Edge dataplane CPU stats",
"type": "object"
}
EdgeDataplaneCtrlPrioSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneCtrlPrioSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"ctrl_prio_enabled": {
"description": "Control packet prioritization setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane control packet prioritization setting.",
"type": "object"
}
EdgeDataplaneFlow (type)
{
"additionalProperties": false,
"id": "EdgeDataplaneFlow",
"properties": {
"dst_ip": {
"description": "Destination IP of the flow",
"title": "Destination IP",
"type": "string"
},
"dst_port": {
"description": "Destination port of the flow",
"title": "Destination port",
"type": "integer"
},
"proto": {
"description": "Protocol of the flow",
"title": "Protocol",
"type": "integer"
},
"src_ip": {
"description": "Source IP of the flow",
"title": "Source IP",
"type": "string"
},
"src_port": {
"description": "Source port of the flow",
"title": "Source port",
"type": "integer"
},
"tunnel_dst_ip": {
"description": "Tunnel destination IP of the flow",
"title": "Tunnel destination IP",
"type": "string"
},
"tunnel_src_ip": {
"description": "Tunnel source IP of the flow",
"title": "Tunnel source IP",
"type": "string"
}
},
"title": "Edge dataplane flow record",
"type": "object"
}
EdgeDataplaneFlowCacheSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneFlowCacheSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"flow_cache_enabled": {
"description": "Flow cache setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane Flow Cache mode.",
"type": "object"
}
EdgeDataplaneFlowMonitorMessage (type)
{
"additionalProperties": false,
"id": "EdgeDataplaneFlowMonitorMessage",
"properties": {
"message": {
"description": "Edge dataplane flow monitor message",
"title": "Message",
"type": "string"
}
},
"title": "Edge dataplane flow monitor message",
"type": "object"
}
EdgeDataplaneFlowMonitorStartSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneFlowMonitorStartSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"core_id": {
"description": "Flow monitor core id",
"title": "Core id",
"type": "string"
},
"timeout": {
"default": "15",
"description": "Flow monitor timeout in seconds",
"title": "Timeout for flow monitor in seconds, in the range of 1 - 600.",
"type": "string"
}
},
"title": "Information about Edge Dataplane flow monitor start setting.",
"type": "object"
}
EdgeDataplaneFlowQueryParameters (type)
{
"extends": {
"$ref": "ListResultQueryParameters"
},
"id": "EdgeDataplaneFlowQueryParameters",
"properties": {
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"top_10": {
"default": false,
"description": "Collect top 10 flows when set to true, else collect all flows.",
"title": "Collect top 10 flows when set to true",
"type": "boolean"
}
},
"type": "object"
}
EdgeDataplaneFwContexts (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneFwContexts",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"results": {
"description": "Firewall context",
"items": {
"$ref": "FwContexts"
},
"maxItems": 4096,
"title": "Firewall Context",
"type": "array"
}
},
"title": "Information about Edge Dataplane firewall contexts",
"type": "object"
}
EdgeDataplaneGeneveCbitSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneGeneveCbitSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"geneve_cbit_set": {
"description": "geneve critical bit setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane geneve cbit setting.",
"type": "object"
}
EdgeDataplaneIntrModeSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneIntrModeSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"intr_mode_enabled": {
"description": "interrupt mode setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane interrupt mode setting.",
"type": "object"
}
EdgeDataplaneL2vpnPmtuSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneL2vpnPmtuSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"l2vpn_pmtu_enabled": {
"description": "l2vpn pmtu setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane l2vpn pmtu message generation setting.",
"type": "object"
}
EdgeDataplanePmtuLearningSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplanePmtuLearningSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"pmtu_learning_enabled": {
"description": "l3vpn pmtu setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane pmtu learning setting.",
"type": "object"
}
EdgeDataplaneQatAdminSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneQatAdminSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"qat_admin_enabled": {
"description": "QAT feature enabled setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane QAT feature enabled setting.",
"type": "object"
}
EdgeDataplaneQatAdminSettingResponse (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneQatAdminSettingResponse",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"update_message": {
"description": "Message to display after setting QAT feature",
"readonly": true,
"title": "Datapath QAT enable CLI message",
"type": "string"
}
},
"title": "Information about Edge Dataplane QAT feature enabled setting.",
"type": "object"
}
EdgeDataplaneQatStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneQatStatus",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"admin_status": {
"description": "QAT device enabled",
"readonly": true,
"title": "QAT enabled",
"type": "boolean"
},
"device_present": {
"description": "QAT device present",
"readonly": true,
"title": "QAT present",
"type": "boolean"
},
"fips_compliant": {
"description": "FIPS compliance of QAT feature",
"readonly": true,
"title": "FIPS compliance",
"type": "boolean"
},
"is_vm": {
"description": "Edge is deployed in VM",
"readonly": true,
"title": "VM deployment",
"type": "boolean"
},
"operational_status": {
"description": "QAT device currently running",
"readonly": true,
"title": "QAT running",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane QAT status",
"type": "object"
}
EdgeDataplaneQueueNumPerPortPerCoreSetting (type)
{
"additionalProperties": false,
"description": "Provides information about the number of receive(Rx) and transmit(Tx) queue per port per core on the edge transport node.",
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneQueueNumPerPortPerCoreSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"queue_num_per_port_per_core": {
"description": "The total number of receive(Rx) and transmit(Tx) queues that edge dataplane allocates per port per core.",
"maximum": 16,
"minimum": 1,
"title": "Queue number per port per core",
"type": "integer"
}
},
"title": "Rx and Tx queue number",
"type": "object"
}
EdgeDataplaneRingSize (type)
{
"additionalProperties": false,
"description": "Provides information about the receive(Rx) and transmit(Tx) ring buffer size of the edge dataplane. These buffers store the incoming and outgoing packets on the edge NIC respectively.",
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneRingSize",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"rx_ring_size": {
"description": "The size of the ring buffer which stores the incoming packets on the edge NIC before they are processed.",
"title": "Rx ring size",
"type": "integer"
},
"tx_ring_size": {
"description": "The size of the ring buffer which stores the packets to be sent out from the edge NIC.",
"title": "Tx ring size",
"type": "integer"
}
},
"title": "Edge dataplane ring size",
"type": "object"
}
EdgeDataplaneRingSizeSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneRingSizeSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"ring_size": {
"description": "ring size",
"type": "integer"
}
},
"title": "Information about Edge physical port ring size setting.",
"type": "object"
}
EdgeDataplaneTopKFlowQueryParameters (type)
{
"extends": {
"$ref": "ListResultQueryParameters"
},
"id": "EdgeDataplaneTopKFlowQueryParameters",
"properties": {
"core_id": {
"description": "CPU core on which the flows are to be monitored",
"maximum": 128,
"minimum": 0,
"title": "CPU core on which the flows are to be monitored",
"type": "integer"
},
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"timeout": {
"default": 30,
"description": "Timeout for flow monitor in seconds",
"maximum": 120,
"minimum": 1,
"title": "Timeout for flow monitor in seconds",
"type": "integer"
}
},
"type": "object"
}
EdgeDataplaneTopKFlows (type)
{
"id": "EdgeDataplaneTopKFlows",
"properties": {
"flow_count": {
"description": "Count of flow records in the result",
"title": "Count of flow records",
"type": "integer"
},
"flows": {
"description": "Array of flow records",
"items": {
"$ref": "EdgeDataplaneFlow"
},
"title": "Array of flow records",
"type": "array"
}
},
"title": "Edge dataplane top-k flow dump",
"type": "object"
}
EdgeDataplaneUptModeSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "EdgeDataplaneUptModeSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"upt_mode_enabled": {
"default": false,
"description": "UPT (Uniform Pass Thru) mode setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane UPT mode setting.",
"type": "object"
}
EdgeDeploymentType (type)
{
"enum": [
"VIRTUAL_MACHINE",
"PHYSICAL_MACHINE",
"UNKNOWN"
],
"id": "EdgeDeploymentType",
"module_id": "EdgeCommonTypes",
"title": "Supported edge deployment type.",
"type": "string"
}
EdgeDiagnosis (type)
{
"additionalProperties": false,
"id": "EdgeDiagnosis",
"properties": {
"config": {
"$ref": "EdgeConfigDiagnosis",
"required": true,
"title": "Edge Config Diagnosis",
"type": "object"
},
"ha-state": {
"enum": [
"disabled",
"offline",
"discover",
"statesync",
"inactive",
"active",
"unknown"
],
"required": true,
"title": "HA State",
"type": "string"
}
},
"type": "object"
}
EdgeDiagnosisInconsistency (type)
{
"id": "EdgeDiagnosisInconsistency",
"properties": {
"detail": {
"description": "NSX Edge inconsistency check detail",
"items": {
"type": "string"
},
"title": "NSX Edge inconsistency check detail",
"type": "array"
},
"title": {
"description": "NSX Edge inconsistency check type",
"title": "NSX Edge inconsistency check type",
"type": "string"
}
},
"title": "NSX Edge inconsistency check",
"type": "object"
}
EdgeDiagnosisInconsistencyResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "EdgeDiagnosisInconsistencyResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EdgeDiagnosisInconsistency"
},
"title": "NSX Edge inconsistency check result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSX Edge inconsistency check result",
"type": "object"
}
EdgeFailoverChecksConfig (type)
{
"id": "EdgeFailoverChecksConfig",
"module_id": "EdgeUpgrade",
"properties": {
"disable_checks_for_edge_clusters": {
"description": "To disable the pre-checks on selective edge clusters.",
"items": {
"type": "string"
},
"title": "Mentions list of edge cluster policy paths",
"type": "array"
},
"disable_checks_for_unpinned_edges": {
"description": "true: Default behavior for upgrades from 9.0 onwards. Disables the pre-checks for edges that are not pinned. This will perform the checks only for the edges which have \"edge_host_affinity_config\" set in the intent. We will assume an edge to be pinned only when \"edge_host_affinity_config\" set in the intent. Otherwise, the pre-checks will be skipped. false: During host/edge upgrade, perform the checks for all edges, pinned or unpinned alike.",
"required": true,
"title": "Toggle pre-checks between pinned or all edges",
"type": "boolean"
},
"enabled": {
"description": "true: Execute all pre-checks. Default behavior for upgrades from 9.0 onwards. false: To disable all pre-checks.",
"required": true,
"title": "Enable or disable edge failover pre-checks",
"type": "boolean"
}
},
"type": "object"
}
EdgeFormFactor (type)
{
"enum": [
"SMALL",
"MEDIUM",
"LARGE",
"XLARGE"
],
"id": "EdgeFormFactor",
"module_id": "EdgeCommonTypes",
"title": "Supported edge form factor.",
"type": "string"
}
EdgeHighAvailabilityProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ClusterProfile"
},
"id": "EdgeHighAvailabilityProfile",
"module_id": "EdgeHighAvailabilityProfile",
"polymorphic-type-descriptor": {
"type-identifier": "EdgeHighAvailabilityProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_allowed_hops": {
"default": 255,
"maximum": 255,
"minimum": 1,
"required": false,
"title": "BFD allowed hops",
"type": "integer"
},
"bfd_declare_dead_multiple": {
"default": 3,
"maximum": 16,
"minimum": 2,
"required": false,
"title": "Number of times a packet is missed before BFD declares the neighbor down.",
"type": "integer"
},
"bfd_probe_interval": {
"default": 500,
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "the time interval (in millisec) between probe packets for heartbeat purpose",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "ClusterProfileType",
"help_summary": "The cluster profile type.",
"required": true
},
"standby_relocation_config": {
"$ref": "StandbyRelocationConfig",
"required": false,
"title": "Standby service contexts relocation setting"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for BFD HA cluster setting",
"type": "object"
}
EdgeHostAffinityConfig (type)
{
"description": "This config allows edge VM to be pinned to a host group. Edge VM to host group affinity rule is configured to define the placement boundary of Edge VM. BestEffortRestart policy is also configured on the VM, with the help of a BER_Edge_VM_Tag, which aligns Edge VM power cycle with the assigned host's maintenance operation. When edge's current host enters host maintenance mode, Edge VM shall gracefully shut down. Once the host exits maintenance mode, edge will get powered on, provided there are no other compatible hosts available in the given host group. If other hosts are available in the given host group, edge will gracefully shut down once the current host enters maintenance mode, and shall be powered on upon another compatible host in the given host group.",
"id": "EdgeHostAffinityConfig",
"module_id": "FabricNode",
"nsx_feature": "EdgeHostPinning",
"properties": {
"host_group_name": {
"description": "Host group name as created on VC to which edge VM is to be pinned. This will configure a ClusterVmHostRuleInfo affinity rule, between Edge VM and given host group",
"required": true,
"title": "Host group name",
"type": "string"
}
},
"type": "object"
}
EdgeIPSecDetermRSSSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "EdgeIPSecDetermRSSSetting",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"deterministic_esp_rss": {
"description": "Deterministically queue ESP packets to CPU queues, to achieve higher throughout.",
"title": "Deterministic ESP RSS Config",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Information about Edge IPSec Deterministic RSS Setting.",
"type": "object"
}
EdgeIPSecDetermRSSValues (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "EdgeIPSecDetermRSSValues",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"deterministic_esp_rss_driver_status": {
"description": "Shows driver status of deterministic esp rss feature.",
"enum": [
"ENABLED",
"DISABLED"
],
"title": "Deterministic ESP RSS Driver Status",
"type": "string"
},
"deterministic_esp_rss_enabled": {
"description": "Shows configured value of deterministic esp rss feature.",
"title": "Deterministic ESP RSS Config Status",
"type": "boolean"
},
"deterministic_esp_rss_status": {
"description": "Shows runtime status of deterministic esp rss feature.",
"enum": [
"ENABLED",
"DISABLED"
],
"title": "Deterministic ESP RSS Runtime Status",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Information about Edge IPSec Deterministic RSS Values.",
"type": "object"
}
EdgeInconsistencyQueryParameters (type)
{
"additionalProperties": false,
"id": "EdgeInconsistencyQueryParameters",
"properties": {
"cursor": {
"description": "A cursor points to a specific record in the inconsistency check result",
"minimum": 0,
"required": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "integer"
},
"page_size": {
"description": "The page size determines the number of records to be returned",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
}
},
"type": "object"
}
EdgeMemberAllocationStatus (type)
{
"additionalProperties": false,
"id": "EdgeMemberAllocationStatus",
"module_id": "EdgeClusters",
"properties": {
"allocated_services": {
"description": "List of services allocated on the edge node.",
"items": {
"$ref": "AllocatedService"
},
"readonly": true,
"title": "Services allocated on edge node",
"type": "array"
},
"allocation_pools": {
"description": "Allocation details of pools defined on the edge node.",
"items": {
"$ref": "AllocationPool"
},
"readonly": true,
"title": "Pool Allocation details",
"type": "array"
},
"member_index": {
"description": "System generated index for transport node backed by edge node.",
"readonly": true,
"title": "System generated index for cluster member",
"type": "int"
},
"node_display_name": {
"description": "Display name of edge cluster member. Defaults to ID if not set.",
"readonly": true,
"title": "Identifier to use when displaying cluster member in logs or GUI",
"type": "string"
},
"node_id": {
"description": "System allotted UUID of edge node.",
"readonly": true,
"title": "Unique identifier of edge node",
"type": "string"
}
},
"type": "object"
}
EdgeNode (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Node"
},
"id": "EdgeNode",
"module_id": "FabricNode",
"polymorphic-type-descriptor": {
"type-identifier": "EdgeNode"
},
"properties": {
"allocation_list": {
"description": "List of logical router ids to which this edge node is allocated.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Allocation list",
"type": "array"
},
"deployment_config": {
"$ref": "EdgeNodeDeploymentConfig",
"description": "When this configuration is specified, edge fabric node of deployment_type VIRTUAL_MACHINE will be deployed and registered with MP.",
"required": false,
"title": "Config for automatic deployment of edge node virtual machine."
},
"deployment_type": {
"$ref": "EdgeDeploymentType",
"readonly": true,
"required": false
},
"description": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'description' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_ip_addresses": {
"items": {
"$ref": "IPAddress"
},
"readonly": true,
"required": false,
"title": "Discovered IP Addresses of the fabric node, version 4 or 6",
"type": "array"
},
"display_name": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'display_name' must be used instead. For HostNode, this field defaults to ID if not set. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"required": false,
"title": "ID of the Node maintained on the Node and used to recognize the Node",
"type": "string"
},
"fqdn": {
"readonly": true,
"required": false,
"title": "Fully qualified domain name of the fabric node",
"type": "string"
},
"id": {
"can_sort": true,
"description": "Unique identifier of this resource.",
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.",
"items": {
"$ref": "IPAddress"
},
"required": false,
"title": "IP Addresses of the Node, version 4 or 6",
"type": "array"
},
"node_settings": {
"$ref": "EdgeNodeSettings",
"description": "Reports the current configuration of host name, SSH and servers configured for DNS, syslog, NTP. The settings are configured as part of automatic deployment of edge virtual machine. The settings are editable.",
"required": true,
"title": "Current configuration on edge node."
},
"resource_type": {
"help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'",
"required": true,
"title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'",
"type": "string"
},
"tags": {
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'tags' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
EdgeNodeDeploymentConfig (type)
{
"additionalProperties": false,
"id": "EdgeNodeDeploymentConfig",
"module_id": "FabricNode",
"properties": {
"form_factor": {
"$ref": "EdgeFormFactor",
"default": "MEDIUM",
"required": false
},
"node_user_settings": {
"$ref": "NodeUserSettings",
"description": "Username and password settings for the node. Note - these settings will be honored only during node deployment. Post deployment, CLI must be used for changing the user settings, changes to these parameters will not have any effect.",
"required": true,
"title": "Node user settings"
},
"vm_deployment_config": {
"$ref": "DeploymentConfig",
"required": true
}
},
"type": "object"
}
EdgeNodeRefreshRequestParameters (type)
{
"additionalProperties": false,
"id": "EdgeNodeRefreshRequestParameters",
"module_id": "TransportNodeLcm",
"properties": {
"read_only": {
"default": false,
"description": "If readonly is true, then internal objects like resource reservation, allocation etc are updated. Note that Edge transport node intent is not updated. If it is false or if not set, then internal objects and Edge transport node intent both are updated",
"required": false,
"title": "Read-only flag for Refresh API",
"type": "boolean"
}
},
"title": "Parameters for Edge node refresh request",
"type": "object"
}
EdgeNodeServiceLoggingProperties (type)
{
"extends": {
"$ref": "NodeServiceProperties"
},
"id": "EdgeNodeServiceLoggingProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"logging_level": {
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": true,
"title": "Service logging level",
"type": "string"
}
}
},
"title": "Edge node service properties",
"type": "object"
}
EdgeNodeServiceLoggingReadOnlyProperties (type)
{
"extends": {
"$ref": "NodeServiceProperties"
},
"id": "EdgeNodeServiceLoggingReadOnlyProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"logging_level": {
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"readonly": true,
"required": true,
"title": "Service logging level",
"type": "string"
}
}
},
"title": "Edge node service properties",
"type": "object"
}
EdgeNodeSettings (type)
{
"additionalProperties": false,
"description": "The settings are used during deployment and consequent update of an edge, unless indicated otherwise. These settings are editable for manually deployed edge nodes as well. If using DHCP, you must leave the following fields unset: search_domains, management_port_subnets, dns_servers and default_gateway_addresses. EdgeNodeSettings reports current values configured on the edge node. If the settings lag with actual state on the edge, these may be refreshed at NSX Manager using API POST api/v1/transport-nodes /<transport-node-id>?action=refresh_node_configuration&resource_type= EdgeNode",
"id": "EdgeNodeSettings",
"module_id": "FabricNode",
"properties": {
"advanced_configuration": {
"description": "Array of additional specific properties for advanced or cloud- specific deployments in key-value format.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Advanced configuration",
"type": "array"
},
"allow_ssh_root_login": {
"default": false,
"description": "Allowing root SSH logins is not recommended for security reasons. Edit of this property is not supported when updating transport node. Use the CLI to change this property.",
"required": false,
"title": "Allow root SSH logins.",
"type": "boolean"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPAddress"
},
"required": false,
"title": "DNS servers.",
"type": "array"
},
"enable_ssh": {
"default": false,
"description": "Enabling SSH service is not recommended for security reasons.",
"required": false,
"title": "Enable SSH.",
"type": "boolean"
},
"enable_upt_mode": {
"default": false,
"description": "Enable Uniform Passthrough ( UPT ) on VMXNET 3 devices to improve overall system performance and reduces latency. Caution: This involves restart of the edge dataplane and hence may lead to network disruption. Use GET api/v1/transport-nodes/<transport-node-id>/state to monitor realization of UPT.",
"readonly": false,
"required": false,
"title": "Enable Uniform Passthrough mode.",
"type": "boolean"
},
"hostname": {
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$",
"required": true,
"title": "Host name or FQDN for edge node.",
"type": "string"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPAddress"
},
"required": false,
"title": "NTP servers.",
"type": "array"
},
"search_domains": {
"description": "List of domain names that are used to complete unqualified host names.",
"items": {
"type": "string"
},
"required": false,
"title": "Search domain names.",
"type": "array"
},
"syslog_servers": {
"description": "List of Syslog server configuration.",
"items": {
"$ref": "SyslogConfiguration"
},
"maxItems": 5,
"required": false,
"title": "Syslog servers",
"type": "array"
}
},
"type": "object"
}
EdgeTnRemoteTunnelEndpointState (type)
{
"additionalProperties": false,
"description": "States of remote Tunnel state.",
"id": "EdgeTnRemoteTunnelEndpointState",
"module_id": "PolicyEdgeTransportNode",
"properties": {
"device_name": {
"readonly": true,
"title": "Name of the remote tunnel endpoint",
"type": "string"
},
"label": {
"readonly": true,
"required": false,
"title": "Unique label for this remote tunnel endpoint",
"type": "int"
},
"mac": {
"$ref": "MACAddress",
"readonly": true,
"title": "MAC address"
},
"realized_ips": {
"description": "Tunnel Configured Ip state",
"items": {
"$ref": "RealizedIp"
},
"title": "Tunnel Endpoints configured ip",
"type": "array"
},
"vlan": {
"$ref": "VlanID",
"readonly": true,
"title": "Vlan id"
}
},
"title": "Edge Transport Node remote tunnel endpoint state",
"type": "object"
}
EdgeTnState (type)
{
"additionalProperties": false,
"description": "This field contains the edge vm deployment and tn config state.",
"extends": {
"$ref": "ConfigurationState"
},
"id": "EdgeTnState",
"module_id": "PolicyEdgeTransportNode",
"properties": {
"consolidated_status": {
"$ref": "ConfigState",
"readonly": true,
"title": "Overall state of edge tn state"
},
"deployment_state": {
"$ref": "ConfigurationState",
"description": "This field contains information about Edge VM deployment status. Any VM deployment failure will be reported in this field.",
"readonly": true,
"title": "Edge VM Deployment Status"
},
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"progress_state": {
"$ref": "TransportNodeDeploymentProgressState",
"readonly": true,
"required": false,
"title": "Deployment progress state of transport node realization"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
},
"transport_node_state": {
"$ref": "ConfigurationState",
"description": "This field contains the info of edge tn switch config state.",
"readonly": true,
"title": "Edge Transport Node state"
}
},
"title": "Edge Transport Node Overall State",
"type": "object"
}
EdgeTnTunnelEndpointState (type)
{
"additionalProperties": false,
"description": "States of Tunnel state.",
"id": "EdgeTnTunnelEndpointState",
"module_id": "PolicyEdgeTransportNode",
"properties": {
"datapath_network_id": {
"readonly": true,
"required": false,
"title": "Data path network associated with this virtual\ntunnel endpoint.\n",
"type": "string"
},
"device_name": {
"readonly": true,
"title": "Name of the virtual tunnel endpoint",
"type": "string"
},
"label": {
"readonly": true,
"required": false,
"title": "Unique label for this Endpoint",
"type": "int"
},
"mac": {
"$ref": "MACAddress",
"readonly": true,
"title": "MAC address"
},
"realized_ips": {
"description": "Tunnel Configured Ip state",
"items": {
"$ref": "RealizedIp"
},
"title": "Tunnel Endpoints configured ip",
"type": "array"
},
"tep_group_label": {
"readonly": true,
"title": "Represent the status of tep group label",
"type": "int"
}
},
"title": "EdgeTnTunnelEndpointState state",
"type": "object"
}
EdgeTransportNodeDatapathMemoryPoolUsage (type)
{
"additionalProperties": false,
"description": "Datapath memory pool usage value.",
"id": "EdgeTransportNodeDatapathMemoryPoolUsage",
"module_id": "ApplianceStats",
"properties": {
"description": {
"description": "Description of the memory pool.",
"readonly": true,
"title": "Description of the memory pool",
"type": "string"
},
"name": {
"description": "Name of the datapath memory pool as available on edge node CLI.",
"readonly": true,
"title": "Name of the datapath memory pool",
"type": "string"
},
"usage": {
"description": "Percentage of memory pool in use.",
"readonly": true,
"title": "Percentage of memory pool in use",
"type": "number"
}
},
"title": "Usage of datapath memory pool",
"type": "object"
}
EdgeTransportNodeDatapathMemoryUsage (type)
{
"additionalProperties": false,
"description": "Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage.",
"id": "EdgeTransportNodeDatapathMemoryUsage",
"module_id": "ApplianceStats",
"properties": {
"datapath_heap_usage": {
"description": "Percentage of heap memory in use.",
"readonly": true,
"title": "Percentage of heap memory in use",
"type": "number"
},
"datapath_mem_pools_usage": {
"items": {
"$ref": "EdgeTransportNodeDatapathMemoryPoolUsage",
"description": "Per memory pool percentage in use.",
"readonly": true,
"title": "Per memory pool percentage in use"
},
"type": "array"
},
"highest_datapath_mem_pool_usage": {
"description": "Highest percentage usage value among datapath memory pools.",
"readonly": true,
"title": "Highest percentage usage value among datapath memory pools",
"type": "number"
},
"highest_datapath_mem_pool_usage_names": {
"items": {
"description": "List of datapath memory pool(s) with highest usage.",
"readonly": true,
"title": "Datapath memory pool(s) with highest usage",
"type": "string"
},
"type": "array"
}
},
"title": "Detailed view of the datapath memory usage. Details out the heap and per memory pool usage",
"type": "object"
}
EdgeTransportNodeMemoryUsage (type)
{
"additionalProperties": false,
"description": "Point in time usage of system, datapath, swap and cache memory in edge node.",
"id": "EdgeTransportNodeMemoryUsage",
"module_id": "ApplianceStats",
"properties": {
"cache_usage": {
"description": "Percentage of RAM on the system that can be flushed out to disk.",
"readonly": true,
"title": "Percentage of RAM on the system that can be flushed out to disk",
"type": "number"
},
"datapath_mem_usage_details": {
"$ref": "EdgeTransportNodeDatapathMemoryUsage",
"description": "Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage.",
"readonly": true,
"title": "Detailed view of the datapath memory usage. Details out the heap and per memory pool usage"
},
"datapath_total_usage": {
"description": "Percentage of memory in use by datapath processes which includes RES and hugepage memory.",
"readonly": true,
"title": "Percentage of memory in use by datapath processes",
"type": "number"
},
"swap_usage": {
"description": "Percentage of swap disk in use.",
"readonly": true,
"title": "Percentage of swap disk in use",
"type": "number"
},
"system_mem_usage": {
"description": "Percentage of RAM in use on edge node.",
"readonly": true,
"title": "Percentage of RAM in use on edge node",
"type": "number"
}
},
"title": "Memory usage details of edge node",
"type": "object"
}
EdgeTransportNodeSwitchState (type)
{
"additionalProperties": false,
"description": "States of Tunnel and rtep realized state.",
"id": "EdgeTransportNodeSwitchState",
"module_id": "PolicyEdgeTransportNode",
"properties": {
"remote_tunnel_endpoints": {
"description": "Remote Tunnel Endpoints configuration state.",
"items": {
"$ref": "EdgeTnRemoteTunnelEndpointState"
},
"readonly": true,
"title": "Remote Tunnel Endpoint configuration state",
"type": "array"
},
"switch_name": {
"description": "The name will be unique among all edge tn switches specified in a given Transport Node.",
"readonly": true,
"title": "Edge tn switch name",
"type": "string"
},
"tunnel_endpoints": {
"description": "List of virtual tunnel endpoints which are configured on this switch.",
"items": {
"$ref": "EdgeTnTunnelEndpointState"
},
"readonly": true,
"title": "Tunnel Endpoints configuration state",
"type": "array"
}
},
"title": "EdgeTransportNode switch state",
"type": "object"
}
EdgeTransportNodeType (type)
{
"enum": [
"EDGE_NODE"
],
"id": "EdgeTransportNodeType",
"module_id": "EdgeCommonTypes",
"title": "Supported edge transport node type.",
"type": "string"
}
EdgeUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus"
},
"id": "EdgeUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList",
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus",
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of edge upgrade",
"type": "object"
}
EffectiveIPAddressMemberListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "EffectiveIPAddressMemberListResult",
"module_id": "NSGroup",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPElement"
},
"required": true,
"title": "Paged Collection of effective ip addresses for the given NSGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EffectiveIPInfo (type)
{
"additionalProperties": false,
"id": "EffectiveIPInfo",
"module_id": "GroupingObjectsProviders",
"properties": {
"effective_ips": {
"items": {
"$ref": "IPElement"
},
"required": true,
"type": "array"
},
"site_id": {
"required": true,
"title": "Id of the site to which the effective IPs belong to\n",
"type": "string"
}
},
"title": "List of effective ip address along with site id",
"type": "object"
}
EffectiveMemberResourceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "EffectiveMemberResourceListResult",
"module_id": "NSGroup",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ResourceReference",
"title": "effective members resource list results"
},
"required": true,
"title": "Paged Collection of resources which are the effective members of an NSGroup.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EffectiveMemberTypeListResult (type)
{
"additionalProperties": false,
"id": "EffectiveMemberTypeListResult",
"module_id": "NSGroup",
"properties": {
"result_count": {
"readonly": true,
"required": true,
"title": "Count of the member types in the results array",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSGroupValidResourceType"
},
"required": true,
"title": "Collection of member types for the given NSGroup",
"type": "array"
}
},
"type": "object"
}
EffectiveProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "EffectiveProfileListResult",
"module_id": "ServiceConfig",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSXProfileReference"
},
"required": true,
"title": "Paged Collection of profiles which are applied to an Entity",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EffectiveProfileRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "EffectiveProfileRequestParameters",
"module_id": "ServiceConfig",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"profile_type": {
"required": false,
"title": "Fetch effectivw profiles of the given profile_type",
"type": "string"
},
"resource_id": {
"required": true,
"title": "The resource for which the effective profiles are to be fetched",
"type": "string"
},
"resource_type": {
"$ref": "EffectiveProfileResourceType",
"required": true,
"title": "Type of the resource for which effective profiles are to be fetched"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EffectiveProfileResourceType (type)
{
"description": "This enum defines the valid Resource types to be used in effective profiles API",
"enum": [
"NSGroup",
"LogicalPort",
"VirtualMachine",
"TransportNode",
"LogicalRouter",
"LogicalSwitch"
],
"id": "EffectiveProfileResourceType",
"module_id": "ServiceConfig",
"title": "Valid Resource type in effective profiles API",
"type": "string"
}
EffectiveProfilesResponse (type)
{
"additionalProperties": false,
"id": "EffectiveProfilesResponse",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"profiles_list": {
"items": {
"$ref": "SwitchingProfileTypeIdEntry"
},
"required": false,
"type": "array"
}
},
"title": "Enforcement point request entity",
"type": "object"
}
EgressRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter"
},
"id": "EgressRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "EgressRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"descrption": "Set custom average_bandwidth for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"descrption": "Set custom burst_size for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"descrption": "Set custom peak_bandwidth for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies egress rate properties in Mb/s",
"type": "object"
}
EgressRateShaper (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "QosBaseRateShaper"
},
"id": "EgressRateShaper",
"module_id": "QosSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "EgressRateShaper"
},
"properties": {
"average_bandwidth_mbps": {
"default": 0,
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size_bytes": {
"default": 0,
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth_mbps": {
"default": 0,
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateShaper",
"enum": [
"IngressRateShaper",
"IngressBroadcastRateShaper",
"EgressRateShaper"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies egress rate properties in Mb/s",
"type": "object"
}
EmbeddedResource (type)
{
"abstract": true,
"extends": {
"$ref": "RevisionedResource"
},
"id": "EmbeddedResource",
"module_id": "Common",
"polymorphic-type-descriptor": {
"property-name": "resource_type"
},
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink",
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"description": "Identifier of the resource",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
}
},
"title": "Base class for resources that are embedded in other resources",
"type": "object"
}
EncapsulationType (type)
{
"additionalProperties": false,
"description": "You can choose the encapsulation type of the mirroring, now we support GRE, ERSPAN II and ERSPAN III.",
"enum": [
"GRE",
"ERSPAN_TWO",
"ERSPAN_THREE"
],
"id": "EncapsulationType",
"module_id": "PortMirroring",
"title": "Encapsulation type for L3PortMirrorSession",
"type": "string"
}
Endpoint (type)
{
"description": "An Endpoint object is part of HostSwitch configuration in TransportNode",
"id": "Endpoint",
"module_id": "TransportNode",
"properties": {
"default_gateway": {
"$ref": "IPAddress",
"readonly": true,
"title": "Gateway IP"
},
"device_name": {
"readonly": true,
"title": "Name of the virtual tunnel endpoint",
"type": "string"
},
"ip": {
"$ref": "IPAddress",
"description": "Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool.",
"readonly": true,
"title": "IP Address of this virtual tunnel endpoint"
},
"ipv6": {
"$ref": "IPv6EndPoint",
"nsx_feature": "L2Ipv6",
"readonly": true,
"required": false,
"title": "IPv6 endpoint"
},
"label": {
"readonly": true,
"required": false,
"title": "Unique label for this Endpoint",
"type": "int"
},
"mac": {
"$ref": "MACAddress",
"readonly": true,
"title": "MAC address"
},
"subnet_mask": {
"$ref": "IPAddress",
"readonly": true,
"title": "Subnet mask"
}
},
"title": "Tunnel endpoint configuration",
"type": "object"
}
EndpointPolicy (type)
{
"additionalProperties": false,
"description": "Ordered list of Endpoint Rules ordered by sequence number of the entries. The maximum number of policies is 25.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "EndpointPolicy",
"module_id": "PolicyGuestIntrospection",
"policy_hierarchical_children": [
"ChildEndpointRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"endpoint_rules": {
"items": {
"$ref": "EndpointRule"
},
"required": false,
"title": "Endpoint Rules that are a part of this EndpointPolicy",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"default": 0,
"description": "This field is used to resolve conflicts between maps across domains.",
"maximum": 499,
"minimum": 0,
"required": false,
"title": "Precedence to resolve conflicts across Domains",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Endpoint Rules\n",
"type": "object"
}
EndpointPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "EndpointPolicyListRequestParameters",
"module_id": "PolicyGuestIntrospection",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "EndpointPolicy list request parameters",
"type": "object"
}
EndpointPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "EndpointPolicyListResult",
"module_id": "PolicyGuestIntrospection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EndpointPolicy"
},
"required": true,
"title": "Guest Introspection Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Groups",
"type": "object"
}
EndpointRule (type)
{
"additionalProperties": false,
"description": "Endpoint Rule comes from user configuration. User configures Endpoint Rule to specify what services are applied on the groups.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "EndpointRule",
"module_id": "PolicyGuestIntrospection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 50,
"required": true,
"title": "group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"EndpointRule"
],
"relationshipType": "GI_ENTRY_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"default": 0,
"description": "This field is used to resolve conflicts between multiple entries under EndpointPolicy. It will be system default value when not specified by user.",
"maximum": 499,
"minimum": 0,
"required": false,
"title": "Sequence number of this Entry",
"type": "int"
},
"service_profiles": {
"description": "The policy paths of service profiles are listed here. It pecifies what services are applied on the group. Currently only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": true,
"title": "Names of service profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"EndpointRule"
],
"relationshipType": "GI_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"PolicyServiceProfile"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Endpoint Rule for guest introspection.",
"type": "object"
}
EndpointRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "EndpointRuleListRequestParameters",
"module_id": "PolicyGuestIntrospection",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Endpoint Rule list request parameters",
"type": "object"
}
EndpointRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "EndpointRuleListResult",
"module_id": "PolicyGuestIntrospection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EndpointRule"
},
"required": true,
"title": "Endpoint Rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Endpoint Rules",
"type": "object"
}
EnforcedStatusDetailsNsxT (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status of an intent object on an NSX-T type of enforcement point. This is a detailed view of the Realized Status of an intent object from an NSX-T enforcement point perspective.",
"id": "EnforcedStatusDetailsNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"enforced_status_info": {
"$ref": "EnforcedStatusInfoNsxT",
"description": "Information about the realized status of the intent on this enforcement point. Some very recent changes may be excluded when preparing this information, which is indicated by Pending Changes Info.",
"readonly": true,
"title": "Enforced Realized Status Info"
},
"pending_changes_info": {
"$ref": "PendingChangesInfoNsxT",
"description": "Information about pending changes, if any, that aren't reflected in the Enforced Realized Status.",
"readonly": true,
"title": "Pending Changes Info"
}
},
"title": "NSX-T Enforced Realized Status Details",
"type": "object"
}
EnforcedStatusInfoNsxT (type)
{
"additionalProperties": false,
"description": "Information about the realized status of the intent object on an NSX-T type of enforcement point. Some very recent changes may be excluded when preparing this information, which is indicated by Pending Changes Info. In addition to the realized status across all scopes, this information holds details about enforced realized status per scope.",
"id": "EnforcedStatusInfoNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"enforced_status": {
"$ref": "EnforcedStatusNsxT",
"description": "Consolidated Realized Status of an Intent object across all scopes of an NSX-T type of enforcement point.",
"readonly": true,
"title": "Enforced Realized Status"
},
"enforced_status_per_scope": {
"description": "List of Enforced Realized Status per Scope.",
"items": {
"$ref": "EnforcedStatusPerScopeNsxT"
},
"readonly": true,
"title": "List of Enforced Realized Status per Scope",
"type": "array"
}
},
"title": "NSX-T Enforced Realized Status Information",
"type": "object"
}
EnforcedStatusNsxT (type)
{
"additionalProperties": false,
"description": "NSX-T Enforced Status.",
"id": "EnforcedStatusNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"status": {
"$ref": "RuntimeState",
"description": "Enforced Realized Status.",
"readonly": true,
"title": "Enforced Realized Status"
},
"status_message": {
"description": "Status Message conveying hints depending on the status value.",
"readonly": true,
"title": "Status Message",
"type": "string"
}
},
"title": "NSX-T Enforced Status",
"type": "object"
}
EnforcedStatusPerScopeNsxT (type)
{
"abstract": true,
"additionalProperties": false,
"description": "NSX-T Detailed Realized Status Per Scope.",
"id": "EnforcedStatusPerScopeNsxT",
"module_id": "PolicyRealizationStatus",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Enforced Realized Status Per Scope Resource Type.",
"enum": [
"TransportNodeSpanEnforcedStatus"
],
"readonly": true,
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "NSX-T Enforced Realized Status Per Scope",
"type": "object"
}
EnforcedStatusPerTransportNode (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status Per Transport Node.",
"id": "EnforcedStatusPerTransportNode",
"module_id": "PolicyRealizationStatus",
"properties": {
"display_name": {
"description": "Display name of the transport node.",
"readonly": true,
"title": "Transport Node Display Name",
"type": "string"
},
"enforced_status": {
"$ref": "EnforcedStatusNsxT",
"description": "Realized Status of an Intent object on this Transport Node.",
"readonly": true,
"title": "Enforced Realized Status"
},
"nsx_id": {
"description": "UUID identifying uniquely the Transport Node.",
"readonly": true,
"title": "Transport Node Identifier",
"type": "string"
},
"path": {
"description": "Policy Path referencing the transport node.",
"readonly": true,
"title": "Transport Node Path",
"type": "string"
}
},
"title": "Enforced Realized Status Per Transport Node",
"type": "object"
}
EnforcementDnsForwarderStatistics (type)
{
"additionalProperties": false,
"id": "EnforcementDnsForwarderStatistics",
"module_id": "PolicyVpcStatistics",
"properties": {
"conditional_forwarder_statistics": {
"items": {
"$ref": "ConditionalForwarderStatistics"
},
"readonly": true,
"required": false,
"title": "Statistics for DNS Forwarder Enforcement.",
"type": "array"
},
"enforcement_point_path": {
"required": true,
"title": "The path of enforcement_point",
"type": "string"
},
"queries_answered_locally": {
"required": false,
"title": "The number of queries answered locally",
"type": "integer"
},
"resource_type": {
"required": true,
"title": "The resource type",
"type": "string"
}
},
"type": "object"
}
EnforcementPoint (type)
{
"additionalProperties": false,
"description": "Enforcement point is the endpoint where policy configurations are applied.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "EnforcementPoint",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildClusterControlPlane",
"ChildHostTransportNode",
"ChildHostTransportNodeCollection",
"ChildPolicyEdgeCluster",
"ChildPolicyEdgeHighAvailabilityProfile",
"ChildPolicyEdgeTransportNode",
"ChildPolicyFailureDomain",
"ChildPolicyTransportZone",
"ChildSubCluster"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_enforce": {
"default": true,
"description": "Auto enforce flag suggests whether the policy objects shall be automatically enforced on this enforcement point or not. When this flag is set to true, all policy objects will be automatically enforced on this enforcement point. If this flag is set to false, user shall rely on the usual means of realization, i.e., deployment maps.",
"title": "Auto Enforce Flag",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connection_info": {
"$ref": "EnforcementPointConnectionInfo",
"description": "Connection Info of the Enforcement Point.",
"required": true,
"title": "Enforcement Point Connection Info"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "Version of the Enforcement point.",
"readonly": true,
"title": "Enforcement point Version",
"type": "string"
}
},
"title": "Enforcement Point",
"type": "object"
}
EnforcementPointConnectionInfo (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Contains information required to connect to enforcement point.",
"id": "EnforcementPointConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
}
},
"title": "Enforcement Point Connection Info",
"type": "object"
}
EnforcementPointListRequestParameters (type)
{
"additionalProperties": false,
"description": "Enforcement point list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "EnforcementPointListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Enforcement Point List Request Parameters",
"type": "object"
}
EnforcementPointListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of enforcement points.",
"extends": {
"$ref": "ListResult"
},
"id": "EnforcementPointListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Enforcement Point list Results.",
"items": {
"$ref": "EnforcementPoint"
},
"required": true,
"title": "Enforcement Point List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of EnforcementPoints",
"type": "object"
}
EnforcementPointPathQueryParameter (type)
{
"description": "The path of the enforcement point from which the data needs to be fetched.",
"id": "EnforcementPointPathQueryParameter",
"module_id": "PolicyIDSMetrics",
"nsx_feature": "IDPSFederation",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
EnforcementPointRequest (type)
{
"additionalProperties": false,
"id": "EnforcementPointRequest",
"module_id": "PolicyConnectivity",
"properties": {
"enforcement_point_path": {
"description": "Policy path of enforcement point on request is to be made.",
"title": "Enforcement point path",
"type": "string"
}
},
"title": "Enforcement point request entity",
"type": "object"
}
EntityInstanceCountConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level constraint to restrict the number of instances of an entity type that can be created. Lowering the limit on the number of instances of a given type is allowed even in cases where there are instances more than the specified limit already in the system. In this case, creation of new instances of that type will be disallowed unless the number of instances goes below the limit. One of the main usage of this expression is to implement Quotas in the multi-tenancy context. It allows to limit the number of resources which can be created inside a Project or Vpc. It also forbids consumption of specific resource by putting its entity count to 0. Note that, update/delete operations will continue to be allowed on already created instances.",
"extends": {
"$ref": "ConstraintExpression"
},
"id": "EntityInstanceCountConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "EntityInstanceCountConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"count": {
"description": "Instance count.",
"maximum": 1000000,
"minimum": 0,
"required": true,
"title": "Instance count.",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"required": true,
"title": "Operations supported '<' and '<='.",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_resource_type": {
"description": "Target resource type accepts input as DTO Type or FQDN. It also supports dot format like SecurityPolicy.Rule in a scenario where same DTO type shared across across policy sub tree. For example DTO type Rule shared by both security policy and gateway policy rules. So to specify any constraint for Security policy rule, user can define the target resource type SecurityPolicy.Rule.",
"required": false,
"title": "Resource type of the target entity. This needs to be set for all\ncases where the target does not specify the type.\n",
"type": "string"
}
},
"title": "Represents the leaf level constraint to restrict the number instances of type.",
"type": "object"
}
EntityType (type)
{
"enum": [
"MANAGER",
"CONTROLLER",
"POLICY",
"HTTPS",
"CLUSTER_BOOT_MANAGER",
"DATASTORE",
"GLOBAL_MANAGER",
"ASYNC_REPLICATOR",
"MONITORING",
"IDPS_REPORTING",
"CORFU_NONCONFIG"
],
"id": "EntityType",
"module_id": "ClusterBootManager",
"type": "string"
}
EpochMsTimestamp (type)
{
"id": "EpochMsTimestamp",
"module_id": "Common",
"title": "Timestamp in milliseconds since epoch",
"type": "integer"
}
ErrorClass (type)
{
"additionalProperties": false,
"id": "ErrorClass",
"module_id": "Upgrade",
"properties": {
"error_code": {
"description": "Error code for the error/warning",
"readonly": true,
"required": true,
"title": "Error code",
"type": "integer"
},
"error_message": {
"description": "Error/warning message",
"readonly": true,
"required": true,
"title": "Error/warning message",
"type": "string"
}
},
"type": "object"
}
ErrorInfo (type)
{
"additionalProperties": false,
"id": "ErrorInfo",
"module_id": "InventoryCmObj",
"properties": {
"error_code": {
"description": "Error code of the error.",
"readonly": false,
"required": false,
"title": "Error code",
"type": "int"
},
"error_message": {
"readonly": true,
"required": true,
"title": "Error message",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": true,
"title": "Timestamp when the error occurred"
}
},
"title": "Error information",
"type": "object"
}
ErrorResolverInfo (type)
{
"additionalProperties": false,
"description": "Metadata related to a given error_id",
"id": "ErrorResolverInfo",
"module_id": "ErrorResolver",
"properties": {
"error_id": {
"required": true,
"title": "The error id for which metadata information is needed",
"type": "integer"
},
"resolver_present": {
"required": true,
"title": "Indicates whether there is a resolver associated with the error or not",
"type": "boolean"
},
"user_metadata": {
"$ref": "ErrorResolverUserMetadata",
"required": false,
"title": "User supplied metadata that might be required by the resolver"
}
},
"type": "object"
}
ErrorResolverInfoList (type)
{
"additionalProperties": false,
"id": "ErrorResolverInfoList",
"module_id": "ErrorResolver",
"properties": {
"results": {
"items": {
"$ref": "ErrorResolverInfo"
},
"required": true,
"title": "ErrorResolverInfo list",
"type": "array"
}
},
"title": "Collection of all registered ErrorResolverInfo",
"type": "object"
}
ErrorResolverMetadata (type)
{
"additionalProperties": false,
"description": "Error along with its metadata",
"id": "ErrorResolverMetadata",
"module_id": "ErrorResolver",
"properties": {
"entity_id": {
"required": true,
"title": "The entity/node UUID where the error has occurred.",
"type": "string"
},
"error_id": {
"required": true,
"title": "The error id as reported by the entity where the error occurred.",
"type": "integer"
},
"system_metadata": {
"$ref": "ErrorResolverSystemMetadata",
"required": false,
"title": "This can come from some external system like syslog collector"
},
"user_metadata": {
"$ref": "ErrorResolverUserMetadata",
"required": false,
"title": "User supplied metadata that might be required by the resolver"
}
},
"type": "object"
}
ErrorResolverMetadataList (type)
{
"additionalProperties": false,
"description": "List of errors with their metadata",
"id": "ErrorResolverMetadataList",
"module_id": "ErrorResolver",
"properties": {
"errors": {
"items": {
"$ref": "ErrorResolverMetadata"
},
"required": true,
"title": "List of errors with their corresponding metadata.",
"type": "array"
}
},
"type": "object"
}
ErrorResolverSystemMetadata (type)
{
"additionalProperties": false,
"description": "Metadata fetched from an external system like Syslog or LogInsight.",
"id": "ErrorResolverSystemMetadata",
"module_id": "ErrorResolver",
"properties": {
"value": {
"required": false,
"title": "The value fetched from another system",
"type": "string"
}
},
"type": "object"
}
ErrorResolverUserInputData (type)
{
"additionalProperties": false,
"description": "Corresponds to one property entered by the user",
"id": "ErrorResolverUserInputData",
"module_id": "ErrorResolver",
"properties": {
"data_type": {
"enum": [
"TEXT",
"NUMBER",
"PASSWORD"
],
"required": true,
"title": "The datatype of the given property. Useful for data validation",
"type": "string"
},
"property_name": {
"required": true,
"title": "Name of the property supplied by the user",
"type": "string"
},
"property_value": {
"required": false,
"title": "The value associated with the above property",
"type": "string"
}
},
"type": "object"
}
ErrorResolverUserMetadata (type)
{
"additionalProperties": false,
"description": "User supplied metadata needed for resolving errors",
"id": "ErrorResolverUserMetadata",
"module_id": "ErrorResolver",
"properties": {
"user_input_list": {
"items": {
"$ref": "ErrorResolverUserInputData"
},
"required": false,
"title": "List of user supplied input data.",
"type": "array"
}
},
"type": "object"
}
EsgToRouterMappingOptionSpec (type)
{
"additionalProperties": false,
"description": "Spec for NSX-V ESG to NSX-T Router mapping option.",
"id": "EsgToRouterMappingOptionSpec",
"module_id": "Migration",
"properties": {
"mapping_option": {
"description": "Mapping option can be - - UI - FILE_UPLOAD - NO_MAPPING",
"enum": [
"UI",
"FILE_UPLOAD",
"NO_MAPPING"
],
"readonly": false,
"required": true,
"title": "Mapping option",
"type": "string"
}
},
"title": "Spec for NSX-V ESG to NSX-T Router mapping option",
"type": "object"
}
EsxGlobalOpaqueConfig (type)
{
"extends": {
"$ref": "GlobalConfigs"
},
"id": "EsxGlobalOpaqueConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "EsxGlobalOpaqueConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"opaque_config": {
"items": {
"$ref": "KeyValuePair"
},
"required": true,
"title": "A list of global opaque configuration for ESX hosts.",
"type": "array"
},
"resource_type": {
"$ref": "GlobalConfigType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "ESX global opaque configuration",
"type": "object"
}
EtherTypeNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement"
},
"id": "EtherTypeNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "EtherTypeNSService"
},
"properties": {
"ether_type": {
"required": true,
"title": "Type of the encapsulated protocol",
"type": "integer"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "An NSService element that represents an ethertype protocol",
"type": "object"
}
EtherTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry"
},
"id": "EtherTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "EtherTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ether_type": {
"required": true,
"title": "Type of the encapsulated protocol",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents an ethertype protocol",
"type": "object"
}
EthernetHeader (type)
{
"additionalProperties": false,
"id": "EthernetHeader",
"module_id": "Traceflow",
"properties": {
"dst_mac": {
"description": "The destination MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"required": false,
"title": "Destination MAC address of the Ethernet header",
"type": "string"
},
"eth_type": {
"default": 2048,
"description": "This field defaults to IPv4.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "The value of the type field to be put into the Ethernet header",
"type": "integer"
},
"src_mac": {
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"required": false,
"title": "Source MAC address of the Ethernet header",
"type": "string"
}
},
"type": "object"
}
Evaluation (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Criterion Evaluation is the basic logical condition to evaluate whether the event could be potentially met.",
"id": "Evaluation",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Criterion Evaluation resource type.",
"enum": [
"SourceFieldEvaluation"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Criterion Evaluation",
"type": "object"
}
Event (type)
{
"additionalProperties": false,
"description": "The Event is the criterion or criteria applied to the source and, when met, prompt Policy to run the action. All Reaction Events are constructed with reference to the object, the \"source\", that is logically deemed to be the object upon which the Event in question initially occurred upon. Some example events include: - New object was created. - Change in realization state. - Specific API is called.",
"id": "Event",
"module_id": "PolicyReaction",
"properties": {
"criteria": {
"description": "Criteria applied to the source and, if satisfied, would trigger the action. Criteria is composed of criterions. In order for the Criteria to be met, only one of the criterion must be fulfilled (implicit OR).",
"items": {
"$ref": "Criterion"
},
"title": "Event Criteria",
"type": "array"
},
"source": {
"$ref": "Source",
"description": "Source that is logically deemed to be the \"object\" upon which the Event in question initially occurred upon.",
"required": true,
"title": "Event Source"
}
},
"title": "Reaction Event",
"type": "object"
}
EventListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "EventListResult",
"module_id": "Monitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MonitoringEvent"
},
"readonly": true,
"title": "List of events defined",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EvpnConfig (type)
{
"additionalProperties": false,
"description": "Evpn Configuration.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "EvpnConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advanced_config": {
"$ref": "EvpnConfigAdvancedConfig",
"description": "Advanced configuration for evpn config.",
"required": false,
"title": "Advanced configuration for evpn config"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encapsulation_method": {
"$ref": "EvpnEncapConfig",
"description": "Encapsulation method for EVPN service that is used by the transport layer.",
"required": false,
"title": "Encapsulation method for EVPN."
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mode": {
"default": "DISABLE",
"description": "In INLINE mode, edge nodes participate both in the BGP EVPN control plane route exchange and in data path tunneling between edge nodes and data center gateways. In ROUTE_SERVER mode, edge nodes participate in the BGP EVPN control plane route exchanges only and do not participate in the data forwarding, i.e., the data path tunnels are directly established between the hypervisors and the data center gateways. DISABLE mode disables EVPN service capability.",
"enum": [
"INLINE",
"ROUTE_SERVER",
"DISABLE"
],
"required": false,
"title": "EVPN service mode",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Evpn Configuration",
"type": "object"
}
EvpnConfigAdvancedConfig (type)
{
"additionalProperties": false,
"description": "NSX specific configuration for evpn config",
"id": "EvpnConfigAdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {},
"title": "Advanced configuration for evpn config",
"type": "object"
}
EvpnEncapConfig (type)
{
"additionalProperties": false,
"description": "Encapsulation method for EVPN.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "EvpnEncapConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"evpn_tenant_config_path": {
"required": false,
"title": "EVPN tenant config path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnConfig"
],
"relationshipType": "EVPN_CONFIG_TENANT_CONFIG_RELATIONSHIP",
"rightType": [
"EvpnTenantConfig"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vni_pool_path": {
"required": false,
"title": "vni pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnConfig"
],
"relationshipType": "EVPN_CONFIG_VNIPOOL_CONFIG_RELATIONSHIP",
"rightType": [
"VniPoolConfig"
]
}
]
}
},
"title": "Encapsulation method for EVPN",
"type": "object"
}
EvpnTenantConfig (type)
{
"additionalProperties": false,
"description": "This resource is relevant only when Evpn Service is configured in ROUTE-SERVER mode. The resource defines Vlans to VNIs mappings used by Evpn tenant VMs for overlay VXLAN transmission when attached to vRouter. The resource contains overlay transport_zone_path and vni_pool_path to orchestrate creation of child Logical-Switches.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "EvpnTenantConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mappings": {
"description": "This property specifies a mapping spec of incoming Evpn tenant vlan-ids to VXLAN VNIs used for overlay transmission to Physical-Gateways used by vRouters.",
"items": {
"$ref": "VlanVniRangePair"
},
"maxItems": 2000,
"minItems": 1,
"required": true,
"title": "VLANs to VNIs mapping spec",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_path": {
"description": "Policy path to transport zone. Only overlay transport zone is supported.",
"required": true,
"title": "Policy path to the transport zone",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnTenantConfig"
],
"relationshipType": "EVPN_TENANT_CONFIG_TZ_CONFIG_RELATIONSHIP",
"rightType": []
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vni_pool_path": {
"description": "Policy path to the vni pool used for Evpn in ROUTE-SERVER mode.",
"required": true,
"title": "Policy path to the vni pool",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnTenantConfig"
],
"relationshipType": "EVPN_TENANT_CONFIG_VNIPOOL_CONFIG_RELATIONSHIP",
"rightType": []
}
]
}
},
"title": "Evpn Tenant Configuration for Evpn in ROUTE-SERVER mode.",
"type": "object"
}
EvpnTenantConfigListRequestParameters (type)
{
"additionalProperties": false,
"description": "Evpn Tenant Config list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "EvpnTenantConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Evpn Tenant Config list request parameters",
"type": "object"
}
EvpnTenantConfigListResult (type)
{
"additionalProperties": false,
"description": "Collection of Evpn Tenant Configuration.",
"extends": {
"$ref": "ListResult"
},
"id": "EvpnTenantConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Evpn Tenant Config list results",
"items": {
"$ref": "EvpnTenantConfig"
},
"required": true,
"title": "Evpn Tenant Config list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Evpn Tenant Configuration",
"type": "object"
}
EvpnTunnelEndpointConfig (type)
{
"additionalProperties": false,
"description": "Evpn Tunnel Endpoint Configuration.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "EvpnTunnelEndpointConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_path": {
"required": true,
"title": "edge path",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"local_addresses": {
"items": {
"$ref": "IPv4Address"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "local addresses",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"maximum": 9100,
"minimum": 64,
"required": false,
"title": "MTU",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Evpn Tunnel Endpoint Configuration",
"type": "object"
}
EvpnTunnelEndpointConfigListRequestParameters (type)
{
"additionalProperties": false,
"description": "Evpn Tunnel Endpoint Config list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "EvpnTunnelEndpointConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Evpn Tunnel Endpoint Config list request parameters",
"type": "object"
}
EvpnTunnelEndpointConfigListResult (type)
{
"additionalProperties": false,
"description": "Collection of Evpn Tunnel Endpoint Configuration.",
"extends": {
"$ref": "ListResult"
},
"id": "EvpnTunnelEndpointConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Evpn Tunnel Endpoint Configuration list results",
"items": {
"$ref": "EvpnTunnelEndpointConfig"
},
"required": true,
"title": "Evpn Tunnel Endpoint Configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Evpn Tunnel Endpoint Configuration",
"type": "object"
}
ExcludeList (type)
{
"description": "List of entities where Distributed Firewall will not be enforced. Exclusion List can contain NSGroup(s) or LogicalPort(s) or LogicalSwitch(es) to exclude Distributed Firewall enforcement.",
"extends": {
"$ref": "DSExcludeList"
},
"id": "ExcludeList",
"module_id": "ExcludeList",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_count": {
"description": "Total number of members present in Exclude List.",
"readonly": true,
"required": false,
"title": "Total Member Count",
"type": "integer"
},
"members": {
"description": "List of members in Exclusion List",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 1000,
"readonly": false,
"required": true,
"title": "Member list",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Exclusion List",
"type": "object"
}
ExcludeListRequestParams (type)
{
"id": "ExcludeListRequestParams",
"module_id": "ExcludeList",
"properties": {
"deep_check": {
"default": false,
"description": "Deep check all parents of requested object_id if any of them is in exclude list. If found, makes requested entity as excluded.",
"required": false,
"title": "Check all parents",
"type": "boolean"
},
"object_id": {
"maxLength": 64,
"required": true,
"title": "identifier of the object",
"type": "string"
},
"object_type": {
"$ref": "ExcludeMemberType",
"description": "Used if requested for deep_check. Type allows ability to find its association and parent entities.",
"required": false,
"title": "Type of the object"
}
},
"title": "Parameters for filtering the exclude list",
"type": "object"
}
ExcludeMemberType (type)
{
"description": "Enum of supported excluded member types.",
"enum": [
"NSGroup",
"LogicalPort",
"LogicalSwitch"
],
"id": "ExcludeMemberType",
"module_id": "ExcludeList",
"readonly": true,
"required": false,
"title": "Object type of an entity",
"type": "string"
}
ExcludedMembersList (type)
{
"additionalProperties": false,
"description": "Represents the list of members that need to be excluded",
"id": "ExcludedMembersList",
"module_id": "Policy",
"properties": {
"ip_address_expression": {
"$ref": "IPAddressExpression",
"required": false,
"title": "IP addresses which need to be excluded"
},
"path_expression": {
"$ref": "PathExpression",
"description": "Paths can be only IP address based groups. Upto 50 paths are allowed.",
"required": false,
"title": "Paths which need to be excluded."
}
},
"title": "Represents the list of members that need to be excluded",
"type": "object"
}
ExportRequestParameter (type)
{
"additionalProperties": false,
"description": "This holds the request parameters required to invoke export task.",
"id": "ExportRequestParameter",
"module_id": "PolicyTask",
"properties": {
"draft_path": {
"description": "Policy path of a draft which is to be exported. If not provided, current firewall configuration will then be exported.",
"required": false,
"title": "Policy path of draft",
"type": "string"
},
"passphrase": {
"description": "Passphrase to sign exported files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one non-space special character.",
"required": true,
"sensitive": true,
"title": "Passphrase to sign exported files",
"type": "secure_string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.weak_passprase.message"
}
},
"title": "Export task request parameters",
"type": "object"
}
ExportTask (type)
{
"additionalProperties": false,
"description": "This object holds the information of the export task.",
"extends": {
"$ref": "PolicyTask"
},
"id": "ExportTask",
"module_id": "PolicyTask",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"draft_path": {
"description": "Policy path of a draft if this is an export task to export draft configuration.",
"readonly": true,
"title": "Policy path of a draft",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp",
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"exported_file": {
"description": "Name of the exported file generated after completion of export task.",
"readonly": true,
"title": "Name of the exported file",
"type": "string"
},
"failure_msg": {
"description": "This property holds the reason of the task failure, if any.",
"readonly": true,
"title": "Reason of the task failure",
"type": "string"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus",
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Export task information",
"type": "object"
}
Expression (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the nodes of the expression extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "Expression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression",
"GeoLocationExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each node of the expression",
"type": "object"
}
ExtendDvpgWorkflowSpec (type)
{
"additionalProperties": false,
"description": "Extend DVPG workflow spec.",
"extends": {
"$ref": "WorkflowSpec"
},
"id": "ExtendDvpgWorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "ExtendDvpgWorkflowSpec"
},
"properties": {
"bridge_profile_path": {
"description": "Policy path to L2 Bridge profile. Same bridge profile can be configured on different segments. Each bridge profile on a segment must be unique. It is required if bridge mode is chosen as EDGE_BRIDGE.",
"readonly": false,
"required": false,
"title": "Policy path to L2 Bridge profile",
"type": "string"
},
"bridging_mode": {
"$ref": "BridgingMode",
"default": "EDGE_BRIDGE",
"description": "Bridging mode.",
"readonly": false,
"required": false,
"title": "Bridging mode"
},
"dhcpv4_server_ips": {
"description": "IPs of DHCPv4 servers used by VMs connected to the DVPG in the subnet.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "List of DHCPv4 server IP addresses",
"type": "array"
},
"dhcpv6_server_ips": {
"description": "IPs of DHCPv6 servers used by VMs connected to the DVPG in the subnet.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "List of DHCPv6 server IP addresses",
"type": "array"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"ip_subnets": {
"$ref": "SegmentIpSubnets",
"description": "A SegmentIpSubnets for the overlay segment to which the DVPG will be bridged.",
"readonly": false,
"required": true,
"title": "A SegmentIpSubnets for the overlay segment to which the DVPG will be bridged"
},
"overlay_transport_zone_path": {
"description": "The path of overlay transport zone in which the segment will be auto created. The default overlay-TZ will be used if it is not provided.",
"readonly": false,
"required": false,
"title": "Overlay transport zone path",
"type": "string"
},
"project_id": {
"description": "Project ID.",
"readonly": false,
"required": false,
"title": "Project ID",
"type": "string"
},
"segment_name_for_auto_creation": {
"description": "The segment name with which to auto create a segment for bridging the DVPG. Do not set this property if an existing segment will be used to bridge the DVPG. Only one of this property or the \"segment_path\" property must be set.",
"readonly": false,
"required": false,
"title": "Segment name for auto creation",
"type": "string"
},
"segment_path": {
"description": "The path of an existing segment to bridge the DVPG. Do not set this property if a new segment will be created to bridge the DVPG. Only one of this property or the \"segment_name_for_auto_creation\" property must be set.",
"readonly": false,
"required": false,
"title": "Existing segment path to bridge DVPG",
"type": "string"
},
"type": {
"$ref": "WorkflowSpecType",
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
},
"uplink_teaming_policy_name": {
"description": "The name of switching uplink teaming policy for bridge endpoint. This name corresponds to one of the switching uplink teaming policy names listed in the VLAN transport zone specified by the property \"vlan_transport_zone_path\".",
"readonly": false,
"required": false,
"title": "Uplink teaming policy name",
"type": "string"
},
"vlan_transport_zone_path": {
"description": "The path of VLAN transport zone that represents the underlay L2 domain in which the DVPGs will be bridged to overlay segments. An unique VLAN transport zone should be assigned to each underlay L2 domain when needed for bridging. If two VLANs in two underlay L2 domains are combined together as one L2 broadcast-domain by certain L2 extension, the two underlay L2 domains still should have two different VLAN transport zones assigned to them. If it is not given when the 'bridging_mode' is EDGE_BRIDGE, the VLAN transport zone path in the config spec of the edge node(s) in the bridge profile of 'bridge_profile_path' will be used, or an error will be thrown if a unique VLAN transport zone path cannot be found in the spec of the edge node(s).",
"readonly": false,
"required": false,
"title": "VLAN transport zone path",
"type": "string"
}
},
"title": "Extend DVPG workflow spec",
"type": "object"
}
ExtendedSolutionConfig (type)
{
"description": "Extended Solution Config would contain Vendor specific information required for NXGI partner Service VM.",
"extends": {
"$ref": "ManagedResource"
},
"id": "ExtendedSolutionConfig",
"module_id": "Nxgi",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "List of attributes specific to a partner which needs to be passed to host.",
"items": {
"$ref": "Attribute"
},
"maxItems": 128,
"title": "Servcie attributes",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_id": {
"description": "The service to which the solution config belongs.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Extended Solution Configuration Info",
"type": "object"
}
ExternalAddressBinding (type)
{
"additionalProperties": false,
"id": "ExternalAddressBinding",
"module_id": "PolicyVpcSubnet",
"properties": {
"allocated_external_ip_path": {
"description": "Path of the allocated IP address for using specific external_ip_address.",
"required": false,
"title": "Allocated external IP path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentPort"
],
"relationshipType": "VPC_SUBNET_PORT_IP_ADDRESS_ALLOCATION_RELATIONSHIP",
"rightType": [
"VpcIpAddressAllocation"
]
}
]
},
"external_ip_address": {
"$ref": "IPAddress",
"description": "External IP from external IP block. if not specified system will reserved IP external IP block.",
"readonly": true,
"required": false,
"title": "External IP address"
}
},
"title": "External Address Binding",
"type": "object"
}
ExternalGatewayBfdConfig (type)
{
"additionalProperties": false,
"description": "Configuration for BFD session between host nodes and external gateways. If this configuration is not provided, system defaults are applied.",
"id": "ExternalGatewayBfdConfig",
"module_id": "Policy",
"properties": {
"bfd_profile_path": {
"title": "Policy path to Bfd Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GlobalConfig"
],
"relationshipType": "BFD_CONFIG_GLOBAL_CONFIG_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"enable": {
"default": true,
"description": "Flag to enable BFD session.",
"title": "Enable BFD session",
"type": "boolean"
}
},
"title": "External Bidirectional Flow Detection configuration",
"type": "object"
}
ExternalIDExpression (type)
{
"additionalProperties": false,
"description": "Represents external ID expressions in the form of an array, to support addition of objects like virtual interfaces, virtual machines, CloudNativeServiceInstance BareMetalServer, BareMetalServerInterface to a group.",
"extends": {
"$ref": "Expression"
},
"id": "ExternalIDExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ExternalIDExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_ids": {
"description": "This array can consist of one or more external IDs for the specified member type.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Array of external IDs for the specified member type",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_type": {
"enum": [
"VirtualMachine",
"VirtualNetworkInterface",
"CloudNativeServiceInstance",
"BareMetalServer",
"BareMetalServerInterface"
],
"required": true,
"title": "External ID member type",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression",
"GeoLocationExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "External ID expression node",
"type": "object"
}
ExtraConfig (type) (Deprecated)
{
"deprecated": true,
"description": "Extra config is intended for supporting vendor specific configuration on the data path, it can be set as key value string pairs on either logical switch or logical port. If it was set on logical switch, it will be inherited automatically by logical ports in it. Also logical port setting will override logical switch setting if specific key was dual set on both logical switch and logical port.",
"id": "ExtraConfig",
"module_id": "Switching",
"properties": {
"config_pair": {
"$ref": "UnboundedKeyValuePair",
"required": true,
"title": "Key value pair in string for the configuration"
}
},
"title": "Vendor specific configuration on logical switch or logical port",
"type": "object"
}
ExtraConfigHostSwitchProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "BaseHostSwitchProfile"
},
"id": "ExtraConfigHostSwitchProfile",
"module_id": "ExtraConfigHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ExtraConfigHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extra_configs": {
"items": {
"$ref": "ExtraConfig"
},
"required": false,
"title": "list of extra configs",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "HostSwitchProfileType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for extra configs in host switch",
"type": "object"
}
FIPSGlobalConfig (type)
{
"additionalProperties": false,
"description": "Global configuration",
"id": "FIPSGlobalConfig",
"module_id": "Policy",
"properties": {
"lb_fips_enabled": {
"default": true,
"deprecated": true,
"description": "This is a deprecated property which is always set as true. When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.",
"readonly": true,
"required": false,
"title": "A flag to turn on or turn off the FIPS compliance of load balancer feature.",
"type": "boolean"
},
"tls_fips_enabled": {
"default": false,
"description": "When this flag is set to true FIPS mode will be set on ssl encryptions of TLS inspection feature.",
"readonly": true,
"required": false,
"title": "A flag to turn on or turn off the FIPS compliance of TLS inspection feature.",
"type": "boolean"
}
},
"title": "Global configuration",
"type": "object"
}
FabricHostNode (type)
{
"additionalProperties": false,
"id": "FabricHostNode",
"module_id": "PolicyHostTransportNode",
"properties": {
"compute_collection_id": {
"description": "Id of the compute collection to which discovered node belongs.",
"readonly": true,
"required": false,
"title": "Compute collection id",
"type": "string"
},
"discovered_ip_addresses": {
"items": {
"$ref": "IPAddress"
},
"readonly": true,
"required": false,
"title": "Discovered IP Addresses of the transport node, version 4 or 6",
"type": "array"
},
"discovered_node_id": {
"description": "Id of discovered node which was converted to create this node.",
"readonly": true,
"required": false,
"title": "Discovered node id",
"type": "string"
},
"dpu": {
"description": "Specifies details of data processing units (DPU) present on ESXi Host.",
"items": {
"$ref": "DpuInfo"
},
"readonly": true,
"required": false,
"title": "List of DPU information",
"type": "array"
},
"fqdn": {
"readonly": true,
"required": false,
"title": "Fully qualified domain name of the transport node",
"type": "string"
},
"host_credential": {
"$ref": "HostNodeLoginCredential",
"description": "Login credentials for the host. It is mandatory to provide credentials while adding host to MP to create transport node.",
"required": false,
"title": "Host login credentials"
},
"ip_addresses": {
"description": "IP Addresses of the Node, version 4 or 6.",
"items": {
"$ref": "IPAddress"
},
"required": true,
"title": "IP Addresses of the Node, version 4 or 6",
"type": "array"
},
"maintenance_mode_state": {
"description": "Indicates host node's maintenance mode state. The state is ENTERING when a task to put the host in maintenance-mode is in progress.",
"enum": [
"OFF",
"ENTERING",
"ON"
],
"readonly": true,
"required": false,
"title": "Maintenance mode state",
"type": "string"
},
"managed_by_server": {
"description": "The id of the vCenter server managing the ESXi type HostNode",
"readonly": true,
"required": false,
"title": "Id of vCenter server managing the HostNode",
"type": "string"
},
"os_type": {
"description": "Hypervisor type, for example ESXi or RHEL KVM",
"enum": [
"ESXI",
"RHELKVM",
"RHELSERVER",
"WINDOWSSERVER",
"RHELCONTAINER",
"UBUNTUKVM",
"UBUNTUSERVER",
"HYPERV",
"CENTOSKVM",
"CENTOSSERVER",
"CENTOSCONTAINER",
"SLESKVM",
"SLESSERVER",
"OELSERVER"
],
"required": true,
"title": "Hypervisor OS type",
"type": "string"
},
"os_version": {
"description": "Version of the hypervisor operating system",
"required": false,
"title": "Hypervisor OS version",
"type": "string"
},
"windows_install_location": {
"description": "Specify an installation folder to install the NSX kernel modules for Windows Server. By default, it is C:\\Program Files\\VMware\\NSX\\.",
"required": false,
"title": "Install location of Windows Server on baremetal being managed by NSX",
"type": "string"
}
},
"type": "object"
}
FailedNodeSupportBundleResult (type)
{
"additionalProperties": false,
"id": "FailedNodeSupportBundleResult",
"properties": {
"error_code": {
"readonly": true,
"required": true,
"title": "Error code",
"type": "string"
},
"error_message": {
"readonly": true,
"required": true,
"title": "Error message",
"type": "string"
},
"node_display_name": {
"readonly": true,
"required": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
},
"node_ip": {
"readonly": true,
"required": true,
"title": "IPv4 address of node",
"type": "string"
},
"node_ipv6": {
"readonly": true,
"required": true,
"title": "IPv6 address of node",
"type": "string"
}
},
"type": "object"
}
FailedOrWarningConfig (type)
{
"additionalProperties": false,
"id": "FailedOrWarningConfig",
"properties": {
"controller": {
"title": "Controller Connection State",
"type": "string"
},
"core": {
"items": {
"type": "string"
},
"title": "Core Names",
"type": "array"
},
"dataplane": {
"title": "Dataplane State",
"type": "string"
},
"edge-agent": {
"title": "Edge Agent State",
"type": "string"
},
"manager": {
"title": "Manager Connection State",
"type": "string"
},
"nestdb": {
"title": "NestDB State",
"type": "string"
},
"nsd": {
"title": "Nsd State",
"type": "string"
},
"nsxa-edge-cluster": {
"title": "Edge Cluster State",
"type": "string"
},
"nsxa-lrouter": {
"title": "Logical Router State",
"type": "string"
},
"nsxa-service-router": {
"title": "Service Router State",
"type": "string"
},
"nsxa-state": {
"title": "NSXA State",
"type": "string"
}
},
"title": "Failed or Warning Config",
"type": "object"
}
FailureDomain (type)
{
"additionalProperties": false,
"description": "Failure Domain is engineered to be isolated from failures in other failure domains, and to provide inexpensive, low-latency network connectivity to other failure domains in the same region. We support failure domain only on edge transport node. Like you can consider one rack as one failure domain and place active-standby contexts like logical router, DHCP and MDProxy in two different failure domains (racks). So failure of a single rack (FD) does not impact any services and other rack (FD) will continue to handle traffic. Initially system creates one default failure domain. For any edge transport node, if failure domains is not given, it will be mapped to default system generated failure domain. You can't update preferred_active_edge_services flag for system generated default failure domain. It will be unset which means that failure domain can be used for both active and standby allocation.",
"extends": {
"$ref": "ManagedResource"
},
"id": "FailureDomain",
"module_id": "FailureDomain",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"preferred_active_edge_services": {
"description": "Set preference for edge transport node failure domain which will be considered while doing auto placement of logical router, DHCP and MDProxy on edge node. true: For preemptive failover mode, active edge cluster member allocation preferes this failure domain. false: For preemptive failover mode, standby edge cluster member allocation preferes this failure domain. Default will be unset. It means no explicit preference.",
"required": false,
"title": "Set preference for failure domain",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Failure Domain for edge transport node",
"type": "object"
}
FailureDomainListResult (type)
{
"additionalProperties": false,
"description": "It will have list of failure domains which also includes system generated failure domain.",
"extends": {
"$ref": "ListResult"
},
"id": "FailureDomainListResult",
"module_id": "FailureDomain",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of all failure domains including system generated default failure domain",
"items": {
"$ref": "FailureDomain"
},
"required": true,
"title": "Failure Domain Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Failure Domain queries result",
"type": "object"
}
FastPathLcoreUsageStats (type)
{
"id": "FastPathLcoreUsageStats",
"module_id": "ObservabilityCounters",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
},
"lcore_rank_01_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 1.",
"required": false,
"type": "int"
},
"lcore_rank_01_lcore_usage": {
"description": "Rank 1 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_02_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 2.",
"required": false,
"type": "int"
},
"lcore_rank_02_lcore_usage": {
"description": "Rank 2 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_03_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 3.",
"required": false,
"type": "int"
},
"lcore_rank_03_lcore_usage": {
"description": "Rank 3 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_04_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 4.",
"required": false,
"type": "int"
},
"lcore_rank_04_lcore_usage": {
"description": "Rank 4 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_05_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 5.",
"required": false,
"type": "int"
},
"lcore_rank_05_lcore_usage": {
"description": "Rank 5 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_06_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 6.",
"required": false,
"type": "int"
},
"lcore_rank_06_lcore_usage": {
"description": "Rank 6 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_07_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 7.",
"required": false,
"type": "int"
},
"lcore_rank_07_lcore_usage": {
"description": "Rank 7 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_08_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 8.",
"required": false,
"type": "int"
},
"lcore_rank_08_lcore_usage": {
"description": "Rank 8 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_09_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 9.",
"required": false,
"type": "int"
},
"lcore_rank_09_lcore_usage": {
"description": "Rank 9 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_10_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 10.",
"required": false,
"type": "int"
},
"lcore_rank_10_lcore_usage": {
"description": "Rank 10 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_11_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 11.",
"required": false,
"type": "int"
},
"lcore_rank_11_lcore_usage": {
"description": "Rank 11 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_12_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 12.",
"required": false,
"type": "int"
},
"lcore_rank_12_lcore_usage": {
"description": "Rank 12 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_13_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 13.",
"required": false,
"type": "int"
},
"lcore_rank_13_lcore_usage": {
"description": "Rank 13 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_14_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 14.",
"required": false,
"type": "int"
},
"lcore_rank_14_lcore_usage": {
"description": "Rank 14 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_15_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 15.",
"required": false,
"type": "int"
},
"lcore_rank_15_lcore_usage": {
"description": "Rank 15 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_16_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 16.",
"required": false,
"type": "int"
},
"lcore_rank_16_lcore_usage": {
"description": "Rank 16 Lcore usage.",
"required": false,
"type": "number"
},
"number_of_lcores": {
"description": "number of valid lcores",
"required": false,
"type": "int"
}
},
"type": "object"
}
FastPathStats (type)
{
"id": "FastPathStats",
"module_id": "ObservabilityCounters",
"properties": {
"flow_table_occupancy_0_pct": {
"description": "The number of flow tables in which up to 25% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_25_pct": {
"description": "The number of flow tables in which 25-50% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_50_pct": {
"description": "The number of flow tables in which 50-75% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_75_pct": {
"description": "The number of flow tables in which 75-90% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_90_pct": {
"description": "The number of flow tables in which 90-95% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_95_pct": {
"description": "The number of flow tables in which 95% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_size": {
"description": "The number of flow table entries in a flow table.",
"required": false,
"type": "int"
},
"hits": {
"description": "Number of flow hits.",
"required": false,
"type": "integer"
},
"insertion_errors": {
"description": "The number of flow insertion failures.",
"required": false,
"type": "integer"
},
"miss": {
"description": "Packets that are processed by slowpath because of a flow miss. This has no overlap with the slowpath counters.",
"required": false,
"type": "integer"
},
"num_flow_tables": {
"description": "Num of flow tables on the host.",
"required": false,
"type": "int"
},
"num_flows": {
"description": "Total number of flows in all flow tables.",
"required": false,
"type": "int"
},
"num_flows_created": {
"description": "Total number of flows created.",
"required": false,
"type": "integer"
},
"slowpath": {
"description": "Packets that are always targeted to be processed by slowpath such as broadcast/multicast packets.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
FastPathSysStats (type)
{
"id": "FastPathSysStats",
"module_id": "ObservabilityCounters",
"properties": {
"host_enhanced_fastpath": {
"$ref": "FastPathStats",
"description": "Fast path stats for enhanced datapath module.",
"required": false
},
"host_standard_fastpath": {
"$ref": "FastPathStats",
"description": "Fast path stats for legacy datapath module.",
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
}
},
"type": "object"
}
Fastpath (type)
{
"id": "Fastpath",
"module_id": "ObservabilityCounters",
"properties": {
"rx_drops": {
"description": "Count of rx packet drops of ENS Fastpath / Not applicable for FC Module.",
"required": false,
"type": "integer"
},
"rx_drops_sp": {
"description": "Count of rx pkts drops of slowpath / Not applicable for FC Module.",
"required": false,
"type": "integer"
},
"rx_drops_uplink": {
"description": "Count of rx packet drops of ENS Uplink / Not applicable for FC Module.",
"required": false,
"type": "integer"
},
"tx_drops": {
"description": "Count of tx packet drops of ENS Fastpath / Count of packets dropped at FC lookup of vnic.",
"required": false,
"type": "integer"
},
"tx_drops_sp": {
"description": "Count of tx pkts drops by slowpath / Not applicable for FC Module.",
"required": false,
"type": "integer"
},
"tx_drops_uplink": {
"description": "Count of tx packet drops of ENS Uplink / Count of packets dropped at FC lookup of Uplink.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
FeatureFlagGetRequestParam (type)
{
"additionalProperties": false,
"id": "FeatureFlagGetRequestParam",
"module_id": "PolicyFeatureFlags",
"properties": {
"site_path": {
"required": false,
"title": null,
"type": "string"
}
},
"title": "Full site path. If site path is not provided, result for default NSX+ site will be returned",
"type": "object"
}
FeaturePermission (type)
{
"id": "FeaturePermission",
"module_id": "AAA",
"properties": {
"feature": {
"required": true,
"title": "Feature Id",
"type": "string"
},
"feature_description": {
"title": "Feature Description",
"type": "string"
},
"feature_name": {
"title": "Feature Name",
"type": "string"
},
"is_execute_recommended": {
"readonly": true,
"title": "Is execute recommended",
"type": "boolean"
},
"is_internal": {
"readonly": true,
"title": "Is internal",
"type": "boolean"
},
"permission": {
"enum": [
"crud",
"read",
"execute",
"none"
],
"required": true,
"title": "Permission",
"type": "string"
}
},
"title": "Feature Permission",
"type": "object"
}
FeaturePermissionArray (type)
{
"additionalProperties": false,
"id": "FeaturePermissionArray",
"module_id": "AAA",
"properties": {
"feature_permissions": {
"items": {
"$ref": "FeaturePermission"
},
"required": true,
"title": "Array of FeaturePermission",
"type": "array"
}
},
"type": "object"
}
FeaturePermissionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "FeaturePermissionListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FeaturePermission"
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FeatureSet (type)
{
"additionalProperties": false,
"description": "Represents list of features required to view the widget.",
"id": "FeatureSet",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"feature_list": {
"description": "List of features required for to view widget.",
"items": {
"type": "string"
},
"title": "List of features required for to view wdiget",
"type": "array"
},
"require_all_permissions": {
"description": "Flag for specifying if permission to all features is required If set to false, then if there is permission for any of the feature from feature list, widget will be available.",
"title": "Flag for specifying if permission to all features is required",
"type": "boolean"
}
},
"title": "List of features required to view the widget",
"type": "object"
}
FeatureStackCollectionConfiguration (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "FeatureStackCollectionConfiguration",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"client_type_collection_configurations": {
"description": "The set of client type data collection configurations",
"items": {
"$ref": "ClientTypeCollectionConfiguration"
},
"title": "Client type collection configurations",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"feature_stack_name": {
"description": "The name of the feature stack",
"required": true,
"title": "Feature stack name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "HPM feature stack data collection frequency configuration",
"type": "object"
}
FeatureStackCollectionConfigurationList (type)
{
"id": "FeatureStackCollectionConfigurationList",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"results": {
"description": "The complete set of feature stack data collection configurations",
"items": {
"$ref": "FeatureStackCollectionConfiguration"
},
"readonly": true,
"title": "Feature stack configurations",
"type": "array"
}
},
"title": "Feature stack collection configuration list result",
"type": "object"
}
FeatureType (type)
{
"additionalProperties": false,
"description": "features type used on the node.",
"enum": [
"DISTRIBUTED_FIREWALL",
"DISTRIBUTED_IPFIX",
"DISTRIBUTED_INTELLIGENCE",
"DISTRIBUTED_IDPS",
"GATEWAY_IDPS",
"DISTRIBUTED_MPS",
"GATEWAY_MPS",
"GATEWAY_FIREWALL",
"GATEWAY_TLS",
"NETWORK_DETECTION_RESPONSE",
"DISTRIBUTED_BAREMETAL",
"DISTRIBUTED_IPFIX_BAREMETAL",
"DISTRIBUTED_INTELLIGENCE_BAREMETAL"
],
"id": "FeatureType",
"module_id": "SecurityLicenseUsage",
"readonly": true,
"title": "Features type.",
"type": "string"
}
FeatureUsage (type)
{
"description": "feature usage result item",
"extends": {
"$ref": "Resource"
},
"id": "FeatureUsage",
"module_id": "License",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"capacity_usage": {
"items": {
"$ref": "CapacityUsage"
},
"readonly": true,
"required": true,
"title": "Capacity Usage List",
"type": "array"
},
"feature": {
"readonly": true,
"title": "name of the feature",
"type": "string"
}
},
"type": "object"
}
FeatureUsageCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord"
},
"id": "FeatureUsageCsvRecord",
"module_id": "License",
"properties": {
"ccu_usage_count": {
"readonly": true,
"title": "count of number of concurrent users",
"type": "integer"
},
"core_usage_count": {
"readonly": true,
"title": "Number of CPU cores used by this feature",
"type": "integer"
},
"cpu_usage_count": {
"readonly": true,
"title": "count of number of cpu sockets used by this feature",
"type": "integer"
},
"feature": {
"readonly": true,
"title": "name of the feature",
"type": "string"
},
"vcpu_usage_count": {
"readonly": true,
"title": "count of number of vcpus of public cloud VMs",
"type": "integer"
},
"vm_usage_count": {
"readonly": true,
"title": "count of number of vms used by this feature",
"type": "integer"
}
},
"type": "object"
}
FeatureUsageList (type)
{
"description": "list of feature usage items",
"extends": {
"$ref": "Resource"
},
"id": "FeatureUsageList",
"module_id": "License",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"feature_usage_info": {
"items": {
"$ref": "FeatureUsage"
},
"readonly": true,
"required": true,
"title": "Feature Usage List",
"type": "array"
}
},
"type": "object"
}
FeatureUsageListInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult"
},
"id": "FeatureUsageListInCsvFormat",
"module_id": "License",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "FeatureUsageCsvRecord"
},
"required": false,
"type": "array"
}
},
"type": "object"
}
FeatureUsages (type)
{
"additionalProperties": false,
"id": "FeatureUsages",
"module_id": "SecurityLicenseUsage",
"properties": {
"DISTRIBUTED_BAREMETAL": {
"default": "UNAVAILABLE",
"description": "Distributed Firewall on Bare Metal feature count.",
"readonly": true,
"title": "Distributed Firewall on Bare Metal feature count",
"type": "string"
},
"DISTRIBUTED_FIREWALL": {
"default": "UNAVAILABLE",
"description": "Distributed Firewall feature count.",
"readonly": true,
"title": "Distributed Firewall feature count",
"type": "string"
},
"DISTRIBUTED_IDPS": {
"default": "UNAVAILABLE",
"description": "Distributed IDPS feature count.",
"readonly": true,
"title": "Distributed IDPS feature count",
"type": "string"
},
"DISTRIBUTED_INTELLIGENCE": {
"default": "UNAVAILABLE",
"description": "Distributed Intelligence feature count.",
"readonly": true,
"title": "Distributed Intelligence feature count",
"type": "string"
},
"DISTRIBUTED_INTELLIGENCE_BAREMETAL": {
"default": "UNAVAILABLE",
"description": "Distributed Intelligence on Bare Metal feature count.",
"readonly": true,
"title": "Distributed Intelligence on Bare Metal feature count",
"type": "string"
},
"DISTRIBUTED_IPFIX": {
"default": "UNAVAILABLE",
"description": "Distributed IPFIX feature count.",
"readonly": true,
"title": "Distributed IPFIX feature count",
"type": "string"
},
"DISTRIBUTED_IPFIX_BAREMETAL": {
"default": "UNAVAILABLE",
"description": "Distributed IPFIX on Bare Metal feature count.",
"readonly": true,
"title": "Distributed IPFIX on Bare Metal feature count",
"type": "string"
},
"DISTRIBUTED_MPS": {
"default": "UNAVAILABLE",
"description": "Distributed MPS feature count.",
"readonly": true,
"title": "Distributed MPS feature count",
"type": "string"
},
"GATEWAY_FIREWALL": {
"default": "UNAVAILABLE",
"description": "Gateway stateful firewall feature count",
"readonly": true,
"title": "Gateway stateful firewall feature count",
"type": "string"
},
"GATEWAY_IDPS": {
"default": "UNAVAILABLE",
"description": "Gateway IDPS feature count.",
"readonly": true,
"title": "Gateway IDPS feature count",
"type": "string"
},
"GATEWAY_MPS": {
"default": "UNAVAILABLE",
"description": "Gateway MPS feature count",
"readonly": true,
"title": "Gateway MPS feature count",
"type": "string"
},
"GATEWAY_TLS": {
"default": "UNAVAILABLE",
"description": "Gateway TLS feature count.",
"readonly": true,
"title": "Gateway TLS feature count",
"type": "string"
},
"NETWORK_DETECTION_RESPONSE": {
"default": "UNAVAILABLE",
"description": "Network Detection Response feature count.",
"readonly": true,
"title": "Network Detection Response feature count",
"type": "string"
}
},
"type": "object"
}
FederationConfig (type)
{
"additionalProperties": false,
"description": "Global Manager federation configuration. This configuration is distributed to all Sites participating in federation.",
"id": "FederationConfig",
"module_id": "PolicySiteGM",
"properties": {
"site_config": {
"items": {
"$ref": "SiteFederationConfig"
},
"readonly": true,
"title": "Federation configurations of all Sites",
"type": "array"
}
},
"title": "Global Manager federation configuration",
"type": "object"
}
FederationConfiguration (type)
{
"additionalProperties": false,
"description": "Federation configuration.",
"id": "FederationConfiguration",
"module_id": "SiteManagerModule",
"properties": {
"epoch": {
"required": true,
"title": "Epoch",
"type": "integer"
},
"id": {
"required": true,
"title": "Federation id",
"type": "string"
},
"sites": {
"items": {
"$ref": "FederationSite"
},
"required": true,
"title": "Sites",
"type": "array"
}
},
"title": "Federation configuration",
"type": "object"
}
FederationConnectivityConfig (type)
{
"additionalProperties": false,
"description": "Additional configuration required for federation.",
"id": "FederationConnectivityConfig",
"module_id": "PolicyConnectivity",
"properties": {
"global_overlay_id": {
"description": "Global id for by Layer3 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global 24-bit id",
"type": "integer"
}
},
"title": "Federation connectivity configuration",
"type": "object"
}
FederationGatewayConfig (type)
{
"additionalProperties": false,
"description": "Additional gateway configuration required for federation",
"extends": {
"$ref": "FederationConnectivityConfig"
},
"id": "FederationGatewayConfig",
"module_id": "PolicyConnectivity",
"properties": {
"global_overlay_id": {
"description": "Global id for by Layer3 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global 24-bit id",
"type": "integer"
},
"inter_site_transit_vlan_id": {
"nsx_feature": "FedVrf",
"readonly": true,
"required": false,
"title": "inter site transit vlan id\n",
"type": "int"
},
"site_allocation_indices": {
"description": "Indicies for cross site allocation for edge cluster and its members referred by gateway.",
"items": {
"$ref": "SiteAllocationIndexForEdge"
},
"readonly": true,
"title": "Indicies for cross site allocation\n",
"type": "array"
},
"transit_segment_id": {
"description": "Global UUID for transit segment id to be used by Layer2 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global id for transit segment",
"type": "string"
}
},
"title": "Federation gateway configuration",
"type": "object"
}
FederationQueueInfo (type)
{
"description": "Provides insights into details of a specific queue in the flows. For example Global Manager to Local Manager flow, there is a queue on the Global Manager for sending and a queue on Local Manager for receiving.",
"id": "FederationQueueInfo",
"module_id": "FederationObservability",
"properties": {
"current_size": {
"read_only": true,
"title": "Number of messages in the queue",
"type": "integer"
},
"max_size": {
"read_only": true,
"title": "Maixmum capacity of the queue",
"type": "integer"
},
"name": {
"read_only": true,
"title": "Queue name",
"type": "string"
},
"namespace": {
"description": "Every persistent queue has name and namespace. For more debugging like dumping queue, namespace is needed.",
"read_only": true,
"title": "Queue namespace",
"type": "string"
},
"type": {
"enum": [
"TRANSMITTER",
"RECEIVER"
],
"read_only": true,
"title": "Queue type - sender or receiver side",
"type": "string"
}
},
"title": "Details about a specific queue in the flow",
"type": "object"
}
FederationSite (type)
{
"additionalProperties": false,
"description": "Site information.",
"id": "FederationSite",
"module_id": "SiteManagerModule",
"properties": {
"active_gm": {
"enum": [
"ACTIVE",
"STANDBY",
"NONE",
"INVALID"
],
"required": true,
"title": "Does site have active GM",
"type": "string"
},
"aph_list": {
"items": {
"$ref": "AphInfo"
},
"required": true,
"title": "Aph services in the site",
"type": "array"
},
"cert_hash": {
"required": false,
"title": "Hash of the trustManagerCert",
"type": "string"
},
"cluster_id": {
"required": false,
"title": "Cluster id",
"type": "string"
},
"config_version": {
"required": false,
"title": "Site config version",
"type": "integer"
},
"id": {
"required": true,
"title": "Id of the site",
"type": "string"
},
"is_federated": {
"required": true,
"title": "Is site federated",
"type": "boolean"
},
"is_local": {
"required": true,
"title": "Is site local",
"type": "boolean"
},
"name": {
"required": true,
"title": "Name of the site",
"type": "string"
},
"node_type": {
"enum": [
"GM",
"LM",
"GM_AND_LM"
],
"required": true,
"title": "Type of node",
"type": "string"
},
"site_version": {
"required": true,
"title": "Version of the site",
"type": "string"
},
"split_brain": {
"required": false,
"title": "Split brain",
"type": "boolean"
},
"system_id": {
"required": true,
"title": "System id",
"type": "integer"
},
"trust_manager_cert": {
"required": false,
"title": "Cert string from trust manager",
"type": "string"
},
"vip_ip": {
"required": false,
"title": "Vip ip",
"type": "string"
}
},
"title": "Site information",
"type": "object"
}
FederationSiteMigrationState (type)
{
"additionalProperties": false,
"id": "FederationSiteMigrationState",
"module_id": "Migration",
"properties": {
"site_migration_state": {
"description": "Key-value pair of federation site-id and its migration-state i.e. 'ENABLED' or 'DISABLED'.",
"items": {
"$ref": "KeyValuePair"
},
"readonly": false,
"required": false,
"title": "Federation site-id and it's migration state map",
"type": "array"
}
},
"type": "object"
}
FederationStatus (type)
{
"id": "FederationStatus",
"module_id": "SiteManagerModule",
"properties": {
"active_standby_sync_statuses": {
"items": {
"$ref": "ActiveStandbySyncStatus"
},
"required": true,
"title": "Status of synchronization between active and standby sites.",
"type": "array"
},
"remote_connections": {
"items": {
"$ref": "SiteStatus"
},
"title": "Site connection status",
"type": "array"
}
},
"type": "object"
}
Feedback (type)
{
"additionalProperties": false,
"description": "Feedback details.",
"id": "Feedback",
"module_id": "OverlayAdoption",
"properties": {
"id": {
"description": "Feedback ID.",
"readonly": true,
"required": false,
"title": "Feedback ID",
"type": "string"
},
"message": {
"description": "Feedback message.",
"readonly": true,
"required": false,
"title": "Feedback message",
"type": "string"
},
"severity": {
"$ref": "ColorCode",
"description": "Feedback severity.",
"readonly": true,
"required": false,
"title": "Feedback severity"
}
},
"title": "Feedback details",
"type": "object"
}
FeedbackListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "FeedbackListRequestParameters",
"module_id": "Migration",
"properties": {
"category": {
"readonly": false,
"required": false,
"title": "Category on which feedback request should be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"hash": {
"readonly": false,
"required": false,
"title": "Hash based on which feedback request should be filtered",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_layer": {
"description": "Network layer for which feedback is generated. This field is mandatory in BYOT modes.",
"enum": [
"L2",
"L3_L7"
],
"readonly": false,
"required": false,
"title": "Network layer for which feedback is generated",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"state": {
"default": "ALL",
"enum": [
"ALL",
"RESOLVED",
"UNRESOLVED"
],
"readonly": false,
"required": false,
"title": "Filter based on current state of the feedback request",
"type": "string"
},
"sub_category": {
"readonly": false,
"required": false,
"title": "Sub category based on which feedback request should be filtered",
"type": "string"
}
},
"type": "object"
}
FeedbackListResult (type)
{
"additionalProperties": false,
"description": "Feedback list.",
"extends": {
"$ref": "ListResult"
},
"id": "FeedbackListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of feedbacks.",
"items": {
"$ref": "Feedback"
},
"readonly": true,
"required": true,
"title": "Paged collection of feedbacks",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Feedback list",
"type": "object"
}
FeedbackResponseRequestParameters (type)
{
"additionalProperties": false,
"id": "FeedbackResponseRequestParameters",
"module_id": "Migration",
"properties": {
"network_layer": {
"description": "Network layer for which feedback is generated. This field is mandatory in BYOT modes.",
"enum": [
"L2",
"L3_L7"
],
"readonly": false,
"required": false,
"title": "Network layer for which feedback is generated",
"type": "string"
}
},
"type": "object"
}
FeedbackSummaryListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "FeedbackSummaryListRequestParameters",
"module_id": "Migration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_layer": {
"description": "Network layer for which feedback is generated. This field is mandatory in BYOT modes.",
"enum": [
"L2",
"L3_L7"
],
"readonly": false,
"required": false,
"title": "Network layer for which feedback is generated",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FeedbacksRequestParameters (type)
{
"description": "Feedback list request parameters.",
"id": "FeedbacksRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"workflow_resource": {
"$ref": "WorkflowResource",
"description": "Workflow resource.",
"readonly": false,
"required": true,
"title": "Workflow resource"
},
"workflow_type": {
"$ref": "WorkflowType",
"description": "Workflow type.",
"readonly": false,
"required": true,
"title": "Workflow type"
}
},
"title": "Feedback list request parameters",
"type": "object"
}
FieldSanityConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the field value constraint to constrain specified field value based on defined sanity checks. Example - For DNS.upstream_servers, all the IP addresses must either be public or private. { \"target\": { \"target_resource_type\": \"DnsForwarderZone\", \"attribute\": \"upstreamServers\", \"path_prefix\": \"/infra/dns-forwarder-zones/\" }, \"constraint_expression\": { \"resource_type\": \"FieldSanityConstraintExpression\", \"operator\": \"OR\", \"checks\": [\"ALL_PUBLIC_IPS\", \"ALL_PRIVATE_IPS\"] } }",
"extends": {
"$ref": "ConstraintExpression"
},
"id": "FieldSanityConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "FieldSanityConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"checks": {
"description": "List of sanity checks.",
"items": {
"enum": [
"ALL_PUBLIC_IPS",
"ALL_PRIVATE_IPS",
"ALL_IPV6_CIDRS",
"ALL_IPV6_IPS",
"ALL_IPV4_CIDRS",
"ALL_IPV4_IPS"
],
"type": "string"
},
"required": true,
"title": "Array of sanity checks to be performed on field value",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"enum": [
"OR",
"AND"
],
"required": true,
"title": "A conditional operator",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the field value sanity constraint",
"type": "object"
}
FieldSetting (type)
{
"additionalProperties": false,
"description": "Field Setting.",
"id": "FieldSetting",
"module_id": "PolicyReaction",
"properties": {
"field_pointer": {
"description": "Field Pointer.",
"required": true,
"title": "Field Pointer",
"type": "string"
},
"value": {
"$ref": "FieldSettingValue",
"description": "Value that the field must be set to.",
"required": true,
"title": "Value"
}
},
"title": "FieldSetting",
"type": "object"
}
FieldSettingValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Field Setting Value.",
"id": "FieldSettingValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Field Setting Value resource type.",
"enum": [
"ConstantFieldValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Field Setting Value",
"type": "object"
}
FieldsFilterData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LiveTraceFilterData"
},
"id": "FieldsFilterData",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "FieldsFilterData"
},
"properties": {
"ip_info": {
"$ref": "IpInfo",
"deprecated": true,
"description": "This property is deprecated. Please use the property network_info instead.",
"required": false,
"title": "IP address information"
},
"network_info": {
"$ref": "NetworkInfo",
"description": "Network layer information.",
"required": false,
"title": "Network layer information"
},
"resource_type": {
"default": "FieldsFilterData",
"enum": [
"FieldsFilterData",
"PlainFilterData"
],
"required": true,
"title": "Filter type",
"type": "string"
},
"transport_info": {
"$ref": "TransportInfo",
"description": "Transport layer information.",
"required": false,
"title": "Transport layer information"
}
},
"type": "object"
}
FieldsPacketData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PacketData"
},
"id": "FieldsPacketData",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "FieldsPacketData"
},
"properties": {
"arp_header": {
"$ref": "ArpHeader",
"required": false,
"title": "The ARP header"
},
"eth_header": {
"$ref": "EthernetHeader",
"required": false,
"title": "The ethernet header"
},
"frame_size": {
"default": 128,
"description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.",
"maximum": 1000,
"minimum": 60,
"required": false,
"title": "Requested total size of the (logical) packet in bytes",
"type": "integer"
},
"ip_header": {
"$ref": "Ipv4Header",
"required": false,
"title": "The IPv4 header"
},
"ipv6_header": {
"$ref": "Ipv6Header",
"required": false,
"title": "The IPv6 header"
},
"payload": {
"description": "Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload contains any data the user wants to put after the transport header.",
"maxLength": 1336,
"required": false,
"title": "RFC3548 compatible base64-encoded payload",
"type": "string"
},
"resource_type": {
"default": "FieldsPacketData",
"enum": [
"BinaryPacketData",
"FieldsPacketData"
],
"required": true,
"title": "Packet configuration",
"type": "string"
},
"routed": {
"description": "When this flag is set, traceflow packet will have its destination overwritten as the gateway address of the logical router to which the source logical switch is connected. More specifically: - For ARP request, the target IP will be overwritten as gateway IP if the target IP is not in the same subnet of gateway. - For ARP response, the target IP and destination MAC will be overwritten as gateway IP/MAC respectively, if the target IP is not in the same subnet of gateway. - For IP packet, the destination MAC will be overwritten as gateway MAC. However, this flag will not be effective when injecting the traceflow packet to a VLAN backed port. This is because the gateway in this case is a physical gateway that is outside the scope of NSX. Therefore, users need to manually populate the gateway MAC address. If the user still sets this flag in this case, a validation error will be thrown. The scenario where a user injects a packet with a VLAN tag into a parent port is referred to as the traceflow container case. Please note that the value of `routed` depends on the connected network of the child segment rather than the connected network of segment of the parent port in this case. Here is the explanation: The parent port in this context is the port on a segment which is referred to by a SegmentConnectionBindingMap. The bound segment of the SegmentConnectionBindingMap is the child segment. The user-crafted traceflow packet will be directly forwarded to the corresponding child segment of the parent port without interacting with any layer 2 forwarding/layer 3 routing in this scenario. The crafted packet will follow the forwarding/routing polices of the child segment's connected network. For example, if a user injects a crafted packet to port_p, and the segment (seg_p) of port_p is referred to by the binding map m1, where m1 is bound to segment seg_c, and the destination port (port_d) of the packet is the VM vNIC connected to seg_p. Although port_p and port_d are on the same segment, the 'routed' value should be set to true if the user expects the crafted packet to be correctly delivered to the destination. This is because the child segments seg_c and seg_d are on different segments and require router interaction to communicate.",
"required": false,
"title": "Awareness of logical routing",
"type": "boolean"
},
"transport_header": {
"$ref": "TransportProtocolHeader",
"description": "This field contains a protocol that is above IP. It is not restricted to the 'transport' defined by the OSI model (e.g., ICMP is supported).",
"required": false,
"title": "The transport header"
},
"transport_type": {
"default": "UNICAST",
"description": "This type takes effect only for IP packet.",
"enum": [
"BROADCAST",
"UNICAST",
"MULTICAST",
"UNKNOWN"
],
"required": false,
"title": "Transport type of the traceflow packet",
"type": "string"
}
},
"type": "object"
}
FileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "FileProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"created_epoch_ms": {
"required": true,
"title": "File creation time in epoch milliseconds",
"type": "integer"
},
"modified_epoch_ms": {
"required": true,
"title": "File modification time in epoch milliseconds",
"type": "integer"
},
"name": {
"pattern": "^[^/]+$",
"required": true,
"title": "File name",
"type": "string"
},
"path": {
"readonly": true,
"title": "File path",
"type": "string"
},
"size": {
"required": true,
"title": "Size of the file in bytes",
"type": "integer"
}
},
"title": "File properties",
"type": "object"
}
FilePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "FilePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FileProperties"
},
"required": true,
"title": "File property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "File properties query results",
"type": "object"
}
FileThumbprint (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource"
},
"id": "FileThumbprint",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"name": {
"pattern": "^[^/]+$",
"required": true,
"title": "File name",
"type": "string"
},
"sha1": {
"deprecated": true,
"deprecation_advice": "Deprecated by EAL4. Please use the sha256 thumbprint instead.",
"required": true,
"title": "File's SHA1 thumbprint",
"type": "string"
},
"sha256": {
"required": true,
"title": "File's SHA256 thumbprint",
"type": "string"
}
},
"title": "File thumbprint",
"type": "object"
}
FileTransferAuthenticationScheme (type)
{
"additionalProperties": false,
"id": "FileTransferAuthenticationScheme",
"module_id": "BackupConfiguration",
"properties": {
"identity_file": {
"sensitive": true,
"title": "SSH private key data",
"type": "secure_string"
},
"password": {
"sensitive": true,
"title": "Password to authenticate with",
"type": "secure_string"
},
"scheme_name": {
"enum": [
"PASSWORD",
"KEY"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"pattern": "^([a-zA-Z][a-zA-Z0-9-.]*[a-zA-Z]\\\\\\){0,1}\\w[\\w.-]+$",
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"title": "Remote server authentication details",
"type": "object"
}
FileTransferProtocol (type)
{
"additionalProperties": false,
"id": "FileTransferProtocol",
"module_id": "BackupConfiguration",
"properties": {
"authentication_scheme": {
"$ref": "FileTransferAuthenticationScheme",
"required": true,
"title": "Scheme to authenticate if required"
},
"protocol_name": {
"default": "sftp",
"enum": [
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"description": "The expected SSH fingerprint of the server. If the server's fingerprint does not match this fingerprint, the connection will be terminated. Only ECDSA fingerprints hashed with SHA256 are supported. To obtain the host's ssh fingerprint, you should connect via some method other than SSH to obtain this information. You can use one of these commands to view the key's fingerprint: 1. ssh-keygen -l -E sha256 -f ssh_host_ecdsa_key.pub 2. awk '{print $2}' ssh_host_ecdsa_key.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64 | sed 's/.//44g' | awk '{print \"SHA256:\"$1}'",
"pattern": "^SHA256:.*$",
"required": true,
"title": "SSH fingerprint of server",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.fingerprint_pattern.message"
}
},
"title": "Protocol to transfer backup file to remote server",
"type": "object"
}
FileType (type)
{
"enum": [
"DOCUMENT",
"EXECUTABLE",
"MEDIA",
"ARCHIVE",
"DATA",
"SCRIPT",
"OTHER"
],
"id": "FileType",
"module_id": "PolicyAntiMalware",
"title": "MalwarePrevention File type",
"type": "string"
}
Filter (type)
{
"id": "Filter",
"module_id": "AggSvcL2Types",
"properties": {
"name": {
"required": true,
"title": "The name of the filter.",
"type": "string"
},
"value": {
"required": true,
"title": "The value of the filter.",
"type": "string"
}
},
"type": "object"
}
FilterRequest (type)
{
"additionalProperties": false,
"description": "Filter request parameters",
"id": "FilterRequest",
"module_id": "Search",
"properties": {
"case_sensitive": {
"default": true,
"description": "Set this flag to true to make filtering case-sensitive.",
"required": false,
"title": "Flag to indicate whether filtering is case-sensitive or not",
"type": "boolean"
},
"field_names": {
"description": "Comma separated fields to be filtered on",
"required": true,
"title": "Field Names",
"type": "string"
},
"value": {
"description": "Filter value",
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "Filter request",
"type": "object"
}
FilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for filter widget. This is abstract representation of filter widget.",
"extends": {
"$ref": "WidgetConfiguration"
},
"id": "FilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "FilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource"
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue"
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet",
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon"
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend",
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration"
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Filter widget Configuration",
"type": "object"
}
FipsGlobalConfig (type)
{
"description": "Policy api will overwrite the fipsGlobalConfig set using MP api. Always use https://<policyIp>/policy/api/v1/infra/global-config to update fips configuration.",
"extends": {
"$ref": "GlobalConfigs"
},
"id": "FipsGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "FipsGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lb_fips_enabled": {
"default": true,
"deprecated": true,
"description": "This is a deprecated property which is always set as true. When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.",
"readonly": true,
"title": "A flag to turn on or turn off the FIPS compliance of load balancer feature.",
"type": "boolean"
},
"resource_type": {
"$ref": "GlobalConfigType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for FIPS compliance settings",
"type": "object"
}
FireWallServiceAssociationListResult (type)
{
"extends": {
"$ref": "ServiceAssociationListResult"
},
"id": "FireWallServiceAssociationListResult",
"module_id": "GroupingObjectsProviders",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Firewall rule list result with pagination support.",
"items": {
"$ref": "FirewallRule"
},
"readonly": true,
"required": true,
"title": "Firewall rule list result",
"type": "array"
},
"service_type": {
"enum": [
"FireWallServiceAssociationListResult",
"IpfixServiceAssociationListResult"
],
"required": true,
"type": "string"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallCategory (type)
{
"description": "Statistic category for the type of rules in a section, like Layer2 Distributed Firewall, Layer3 DFW.",
"enum": [
"L2DFW",
"L3DFW",
"L3BRIDGEPORTFW",
"L3LOGICALROUTERFW"
],
"id": "FirewallCategory",
"module_id": "Firewall",
"readonly": true,
"required": false,
"title": "Firewall Category",
"type": "string"
}
FirewallConfiguration (type)
{
"additionalProperties": false,
"description": "For Multi-tenancy, only disable_auto_draft field applies, the other fields have no effect.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "FirewallConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disable_auto_drafts": {
"default": false,
"description": "To deactivate auto drafts, set it to true. By default, auto drafts are enabled.",
"title": "Auto draft deactivate flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_firewall": {
"default": true,
"description": "If set to true, Firewall is enabled.",
"title": "Firewall enable flag",
"type": "boolean"
},
"global_addrset_mode_enabled": {
"default": true,
"description": "When this flag is set to true, global address set is enabled in Distributed Firewall.",
"title": "A flag to indicate if global address set is enabled in DFW",
"type": "boolean"
},
"global_macset_optimization_mode_enabled": {
"default": false,
"description": "MACSet optimization is turned on when this flag is set to true. By default it is set to false.",
"title": "Global MACSet Optimization Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"DfwFirewallConfiguration"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Firewall related configurations",
"type": "object"
}
FirewallContextType (type)
{
"description": "Types of firewall contexts.",
"enum": [
"transport_nodes",
"logical_routers",
"bridge_ports"
],
"id": "FirewallContextType",
"module_id": "FirewallStatus",
"title": "Firewall Context Type",
"type": "string"
}
FirewallCpuMemThresholdsProfile (type)
{
"description": "A profile holding CPU and memory threshold configuration.",
"extends": {
"$ref": "BaseFirewallProfile"
},
"id": "FirewallCpuMemThresholdsProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallCpuMemThresholdsProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cpu_threshold_percentage": {
"default": 90,
"description": "CPU utilization threshold percentage to monitor and report for distributed firewall.",
"maximum": 100,
"minimum": 10,
"readonly": false,
"required": true,
"title": "CPU utilization threshold percentage",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mem_threshold_percentage": {
"default": 90,
"description": "Heap memory threshold percentage to monitor and report for distributed firewall.",
"maximum": 100,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Heap memory threshold utilization percentage",
"type": "integer"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Firewall CPU and memory threshold profile",
"type": "object"
}
FirewallDnsProfile (type)
{
"description": "A profile holding DNS configuration which allows firewall to use DNS response packets and manage firewall cache. e.g. TTL used to expire snooped entries from cache.",
"extends": {
"$ref": "BaseFirewallProfile"
},
"id": "FirewallDnsProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallDnsProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_ttl_config": {
"$ref": "DnsTtlConfig",
"description": "Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.",
"required": false,
"title": "DNS TTL config"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Firewall DNS profile",
"type": "object"
}
FirewallFilterByRequestParameters (type)
{
"additionalProperties": false,
"id": "FirewallFilterByRequestParameters",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"enforcement_point_path": {
"description": "Path of the enforcement point from where the result need to be fetched. If not provided, default enforcement point will be considered. It is mandatory parameter on global manager.",
"required": false,
"title": "Path of the enforcement point",
"type": "string"
},
"parent_path": {
"description": "The path of the parent object of entities that are need to be filtered based in the given criteria. Parent path is required for filtering rules of particular policy.",
"required": false,
"title": "Path of the parent object of the entities",
"type": "string"
},
"scope": {
"description": "All those firewall entities, policies/rules, will be returned whose scope value satisfies the given criteria. The value for scope can be, - virtual machine id or - logical router id. Based on the given scope value, the entities will be filtered.",
"required": true,
"title": "Scope filter criteria",
"type": "string"
}
},
"title": "Request parameters for filtering entities based on the given criteria",
"type": "object"
}
FirewallFloodProtectionProfile (type)
{
"description": "A profile holding protection configuration for SYN flood, UDP flood, ICMP flood and other flood attack.",
"extends": {
"$ref": "BaseFirewallProfile"
},
"id": "FirewallFloodProtectionProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallFloodProtectionProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_rst_spoofing": {
"default": false,
"description": "The flag to indicate RST spoofing is enabled or not. This option does not apply to EDGE components. This can be enabled only if syncache is enabled.",
"readonly": false,
"title": "Flag to indicate RST spoofing is enabled or not",
"type": "boolean"
},
"enable_syncache": {
"default": false,
"description": "The flag to indicate syncache is enabled or not. This option does not apply to EDGE components.",
"readonly": false,
"title": "Flag to indicate syncache is enabled or not",
"type": "boolean"
},
"icmp_active_flow_limit": {
"description": "The maximum limit of active icmp connections. If this property is omitted, or set to null, then there is no limit on active icmp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.",
"maximum": 1000000,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active icmp connections",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"nat_active_conn_limit": {
"default": 4294967295,
"description": "The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource.",
"maximum": 4294967295,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active NAT connections",
"type": "integer"
},
"other_active_conn_limit": {
"description": "The maximum limit of other active connections besides udp, icmp and half open tcp connections. If this property is omitted, or set to null, then there is no limit on other active connections besides udp, icmp and tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.",
"maximum": 1000000,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of other active connections besides udp, icmp and tcp half open connections",
"type": "integer"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "The maximum limit of tcp half open connections. If this property is omitted, or set to null, then there is no limit on active tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (1,000,000) on the specific components.",
"maximum": 1000000,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of half open tcp connections",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "The maximum limit of active udp connections. If this property is omitted, or set to null, then there is no limit on active udp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (100,000) on the specific component.",
"maximum": 1000000,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active udp connections",
"type": "integer"
}
},
"title": "Firewall flood protection profile",
"type": "object"
}
FirewallGlobalConfig (type)
{
"extends": {
"$ref": "GlobalConfigs"
},
"id": "FirewallGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_addrset_mode_enabled": {
"default": true,
"description": "When this flag is set to true, global address set is enabled in Distributed Firewall.",
"title": "A flag to indicate if global address set is enabled in DFW",
"type": "boolean"
},
"global_fastpath_mode_enabled": {
"default": true,
"deprecated": true,
"description": "This property is deprecated. The fast path mode is always enabled in Distributed Firewall.",
"title": "A flag to indicate if fast path searching is enabled in DFW",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "GlobalConfigType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for Distributed Firewall",
"type": "object"
}
FirewallIdentitySearchFilterValue (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FirewallIdentityStoreListRequestParameters"
},
"id": "FirewallIdentitySearchFilterValue",
"module_id": "PolicyIdentity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"filter_value": {
"description": "Search filter value is a substring match pattern only which the target entity contains. It is case insentive and doesn't allow wildcard.",
"required": true,
"title": "Name search filter value",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Searching domain entities using a matching filter value",
"type": "object"
}
FirewallIdentityStoreLdapServerTestParameters (type)
{
"id": "FirewallIdentityStoreLdapServerTestParameters",
"module_id": "PolicyIdentity",
"properties": {
"action": {
"description": "Type of LDAP server test to perform.",
"enum": [
"CONNECTIVITY"
],
"required": true,
"title": "LDAP server test requested",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Parameters for performing LDAP server test",
"type": "object"
}
FirewallIdentityStoreListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "FirewallIdentityStoreListRequestParameters",
"module_id": "PolicyIdentity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Firewall identity store list request parameters",
"type": "object"
}
FirewallIdentityStoreSyncRequest (type)
{
"extends": {
"$ref": "PolicyIdfwEnforcementPointRequestParameters"
},
"id": "FirewallIdentityStoreSyncRequest",
"module_id": "PolicyIdentity",
"properties": {
"action": {
"description": "Sync type could be either FULL sync or DELTA sync. The full sync fetches all the objects under the configured sync nodes while delta sync will get the changed objects from previous sync time. FULL_SYNC - Perform a full synchronization, where the local state of all AD objects is updated. DELTA_SYNC - Perform a delta synchronization, where local AD objects that have changed since the last synchronization are updated. STOP_SYNC - Stop the synchronization process.",
"enum": [
"FULL_SYNC",
"DELTA_SYNC",
"STOP_SYNC"
],
"required": true,
"title": "Sync type requested",
"type": "string"
},
"delay": {
"default": 0,
"description": "The delay can be added to execute the sync action in the future.",
"minimum": 0,
"required": false,
"title": "Request to execute the sync with some delay in seconds",
"type": "integer"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Firewall identity store synchronization request",
"type": "object"
}
FirewallInsertParameters (type)
{
"extends": {
"$ref": "DSInsertParameters"
},
"id": "FirewallInsertParameters",
"module_id": "Firewall",
"properties": {
"id": {
"maxLength": 64,
"required": false,
"title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where rule/section need to be added. All the params take rule/section Id.",
"type": "object"
}
FirewallListRequestParameters (type)
{
"description": "Pagination and Filtering parameters to get only a subset of sections/rules.",
"extends": {
"$ref": "DSListRequestParameters"
},
"id": "FirewallListRequestParameters",
"module_id": "Firewall",
"properties": {
"applied_tos": {
"description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "AppliedTo's referenced by this section or section's Distributed Service Rules .",
"type": "string"
},
"context_profiles": {
"description": "The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.",
"title": "Limits results to sections having rules with specific Context Profiles.",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"deep_search": {
"default": false,
"description": "This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.",
"required": false,
"title": "Toggle to search with direct or indirect references.",
"type": "boolean"
},
"destinations": {
"description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Destinations referenced by this section's Distributed Service Rules .",
"type": "string"
},
"extended_sources": {
"description": "The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.",
"title": "Limits results to sections having rules with specific Extended Sources.",
"type": "string"
},
"filter_type": {
"default": "FILTER",
"description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.",
"enum": [
"FILTER",
"SEARCH"
],
"required": false,
"title": "Filter type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"search_invalid_references": {
"default": false,
"description": "Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).",
"required": false,
"title": "Return invalid references in results.",
"type": "boolean"
},
"services": {
"description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "NSService referenced by this section's Distributed Service Rules .",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sources": {
"description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Sources referenced by this section's Distributed Service Rules .",
"type": "string"
}
},
"title": "Parameters to filter list of sections/rules.",
"type": "object"
}
FirewallProfileListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters"
},
"id": "FirewallProfileListParameters",
"module_id": "FirewallProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"description": "Profile resource type",
"readonly": false,
"required": true,
"title": "Profile resource type",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallProfileListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "FirewallProfileListResult",
"module_id": "FirewallProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of firewall profiles.",
"items": {
"$ref": "BaseFirewallProfile"
},
"readonly": true,
"required": false,
"title": "List of the firewall profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallRule (type)
{
"extends": {
"$ref": "DSRule"
},
"id": "FirewallRule",
"module_id": "Firewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink",
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"action": {
"description": "Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DETECT - Detect IDS Signatures. ALLOW_CONTINUE - Allows rules to jump from this rule. Action on matching rules in the destination category will decide next step. Application is default destination until new categories are supported to jump to. DETECT_PREVENT - Detect and Prevent IDS Signatures.",
"enum": [
"ALLOW",
"DROP",
"REJECT",
"REDIRECT",
"DO_NOT_REDIRECT",
"DETECT",
"ALLOW_CONTINUE",
"DETECT_PREVENT"
],
"readonly": false,
"required": true,
"title": "Action",
"type": "string"
},
"applied_tos": {
"description": "List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"context_profiles": {
"description": "NS Profile object which accepts attributes and sub-attributes of various network services (ex. L7 AppId, domain name, encryption algorithm) as key value pairs.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"title": "Context Profiles",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of the destinations. Null will be treated as any.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Destination List",
"type": "array"
},
"destinations_excluded": {
"default": false,
"description": "Negation of the destination.",
"readonly": false,
"required": false,
"title": "Negation of destination",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"readonly": false,
"required": false,
"title": "Rule direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.",
"readonly": false,
"required": false,
"title": "Rule enable/disable flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extended_sources": {
"description": "List of NSGroups that have end point attributes like AD Groups(SID), process name, process hash etc. For Flash release, only NSGroups containing AD Groups are supported.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"title": "Extended Sources",
"type": "array"
},
"id": {
"description": "Identifier of the resource",
"readonly": true,
"required": false,
"type": "string"
},
"ip_protocol": {
"default": "IPV4_IPV6",
"description": "Type of IP packet that should be matched while enforcing the rule.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "Flag to indicate whether rule is default.",
"readonly": true,
"required": false,
"title": "Default rule",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"notes": {
"description": "User notes specific to the rule.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Notes",
"type": "string"
},
"priority": {
"description": "Priority of the rule.",
"readonly": true,
"required": false,
"title": "Rule priority",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_tag": {
"description": "User level field which will be printed in CLI and packet logs.",
"maxLength": 32,
"readonly": false,
"required": false,
"title": "Tag",
"type": "string"
},
"section_id": {
"description": "Section Id of the section to which this rule belongs to.",
"readonly": true,
"required": false,
"title": "Section Id",
"type": "string"
},
"services": {
"description": "List of the services. Null will be treated as any.",
"items": {
"$ref": "FirewallService"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Service List",
"type": "array"
},
"sources": {
"description": "List of sources. Null will be treated as any.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Source List",
"type": "array"
},
"sources_excluded": {
"default": false,
"description": "Negation of the source.",
"readonly": false,
"required": false,
"title": "Negation of source",
"type": "boolean"
}
},
"type": "object"
}
FirewallRuleList (type)
{
"id": "FirewallRuleList",
"module_id": "Firewall",
"properties": {
"rules": {
"description": "List of firewall rules in the section. Only homogenous rules are supported.",
"items": {
"$ref": "FirewallRule"
},
"maxItems": 1000,
"required": true,
"title": "List of the firewall rules",
"type": "array"
}
},
"type": "object"
}
FirewallRuleListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "FirewallRuleListResult",
"module_id": "Firewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Firewall rule list result with pagination support.",
"items": {
"$ref": "FirewallRule"
},
"readonly": true,
"required": true,
"title": "Firewall rule list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallSection (type)
{
"extends": {
"$ref": "DSSection"
},
"id": "FirewallSection",
"module_id": "Firewall",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"autoplumbed": {
"default": false,
"description": "This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.",
"readonly": true,
"required": false,
"title": "Tells if a section is auto-plumbed or not",
"type": "boolean"
},
"category": {
"description": "Category from policy framework.",
"readonly": true,
"title": "Section category",
"type": "string"
},
"comments": {
"description": "Comments for section lock/unlock.",
"readonly": true,
"required": false,
"title": "Section lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforced_on": {
"description": "This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.",
"readonly": true,
"required": false,
"title": "Firewall Section Enforcement type",
"type": "string"
},
"firewall_schedule": {
"$ref": "ResourceReference",
"description": "Reference of the firewall schedule during which this section will be valid.",
"required": false,
"title": "Firewall Schedule Reference"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.",
"readonly": true,
"required": false,
"title": "Default section flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the section.",
"readonly": true,
"required": false,
"title": "Lock modified by user",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp",
"description": "Section locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Section locked/unlocked time"
},
"locked": {
"default": false,
"description": "Section is locked/unlocked.",
"readonly": true,
"required": false,
"title": "Section Locked",
"type": "boolean"
},
"priority": {
"description": "Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.",
"readonly": true,
"required": false,
"title": "Section priority",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"section_type": {
"description": "Type of the rules which a section can contain. Only homogeneous sections are supported.",
"enum": [
"LAYER2",
"LAYER3",
"L3REDIRECT",
"IDS"
],
"readonly": false,
"required": true,
"title": "Section Type",
"type": "string"
},
"stateful": {
"description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.",
"readonly": false,
"required": true,
"title": "Stateful nature of the distributed service rules in the section.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"default": false,
"description": "If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.",
"required": false,
"title": "TCP Strict",
"type": "boolean"
}
},
"type": "object"
}
FirewallSectionFilterParameters (type)
{
"description": "Pagination and Filtering parameters to get only a subset of sections.",
"extends": {
"$ref": "FirewallListRequestParameters"
},
"id": "FirewallSectionFilterParameters",
"module_id": "Firewall",
"properties": {
"applied_tos": {
"description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "AppliedTo's referenced by this section or section's Distributed Service Rules .",
"type": "string"
},
"context_profiles": {
"description": "The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.",
"title": "Limits results to sections having rules with specific Context Profiles.",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"deep_search": {
"default": false,
"description": "This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.",
"required": false,
"title": "Toggle to search with direct or indirect references.",
"type": "boolean"
},
"destinations": {
"description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Destinations referenced by this section's Distributed Service Rules .",
"type": "string"
},
"enforced_on": {
"$ref": "AttachmentTypeQueryString",
"description": "Used to filter out results based on enforcement point of the section. If this parameter is BRIDGEENDPOINT, then return firewall sections enfored on logical port with attachment type bridgeendpoint. For LOGICALROUTER, then firewall sections enforced on Logical Router are returned. For VIF, other firewall sections are returned. Other values are not supported.",
"required": false,
"title": "Limit result to sections having a specific kind of enforcement point"
},
"exclude_applied_to_type": {
"$ref": "DSAppliedToType",
"description": "Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.",
"required": false,
"title": "Limit result to sections not having a specific AppliedTo type"
},
"extended_sources": {
"description": "The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.",
"title": "Limits results to sections having rules with specific Extended Sources.",
"type": "string"
},
"filter_type": {
"default": "FILTER",
"description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.",
"enum": [
"FILTER",
"SEARCH"
],
"required": false,
"title": "Filter type",
"type": "string"
},
"include_applied_to_type": {
"$ref": "DSAppliedToType",
"description": "Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter.Section filter only takes a single value for this param.",
"required": false,
"title": "Limit result to sections having a specific AppliedTo type"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"locked": {
"description": "Used to filter out locked or unlocked sections.",
"required": false,
"title": "Limit results to sections which are locked/unlocked",
"type": "boolean"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"search_invalid_references": {
"default": false,
"description": "Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).",
"required": false,
"title": "Return invalid references in results.",
"type": "boolean"
},
"search_scope": {
"description": "This parameter can be used to limit the search scope to certain firewalls. It can be the value of an appliedTo of a bridge port firewall or an edge firewal. Results will include sections only from that bridge port firewall or edge firewall. For example, if the identifier of a bridge port is given, the search result will only contain the sections of that bridge port firewall. If the identifier of logical router is given, the search result will only contain the sections of that edge firewall.",
"required": false,
"title": "Limit result to sections of a specific enforcement point",
"type": "string"
},
"services": {
"description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "NSService referenced by this section's Distributed Service Rules .",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sources": {
"description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Sources referenced by this section's Distributed Service Rules .",
"type": "string"
},
"type": {
"default": "LAYER3",
"description": "Section Type with values layer2 or layer3",
"enum": [
"LAYER2",
"LAYER3"
],
"required": false,
"title": "Section Type",
"type": "string"
}
},
"title": "Parameters to filter section from list of sections",
"type": "object"
}
FirewallSectionListResult (type)
{
"extends": {
"$ref": "DSSectionListResult"
},
"id": "FirewallSectionListResult",
"module_id": "Firewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the firewall sections. The list has to be homogenous.",
"items": {
"$ref": "FirewallSection"
},
"readonly": true,
"required": true,
"title": "Section list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallSectionLock (type)
{
"id": "FirewallSectionLock",
"module_id": "Firewall",
"properties": {
"comments": {
"description": "Comments for section lock/unlock.",
"maxLength": 4096,
"minLength": 4,
"readonly": false,
"required": true,
"title": "Comments",
"type": "string"
},
"section_revision": {
"description": "Revision of the section.",
"readonly": false,
"required": true,
"title": "Section revision",
"type": "integer"
}
},
"type": "object"
}
FirewallSectionRuleList (type)
{
"extends": {
"$ref": "FirewallSection"
},
"id": "FirewallSectionRuleList",
"module_id": "Firewall",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"autoplumbed": {
"default": false,
"description": "This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.",
"readonly": true,
"required": false,
"title": "Tells if a section is auto-plumbed or not",
"type": "boolean"
},
"category": {
"description": "Category from policy framework.",
"readonly": true,
"title": "Section category",
"type": "string"
},
"comments": {
"description": "Comments for section lock/unlock.",
"readonly": true,
"required": false,
"title": "Section lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforced_on": {
"description": "This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.",
"readonly": true,
"required": false,
"title": "Firewall Section Enforcement type",
"type": "string"
},
"firewall_schedule": {
"$ref": "ResourceReference",
"description": "Reference of the firewall schedule during which this section will be valid.",
"required": false,
"title": "Firewall Schedule Reference"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.",
"readonly": true,
"required": false,
"title": "Default section flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the section.",
"readonly": true,
"required": false,
"title": "Lock modified by user",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp",
"description": "Section locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Section locked/unlocked time"
},
"locked": {
"default": false,
"description": "Section is locked/unlocked.",
"readonly": true,
"required": false,
"title": "Section Locked",
"type": "boolean"
},
"priority": {
"description": "Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.",
"readonly": true,
"required": false,
"title": "Section priority",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"rules": {
"description": "List of firewall rules in the section. Only homogenous rules are supported.",
"items": {
"$ref": "FirewallRule"
},
"maxItems": 1000,
"readonly": false,
"required": true,
"title": "List of the firewall rules",
"type": "array"
},
"section_type": {
"description": "Type of the rules which a section can contain. Only homogeneous sections are supported.",
"enum": [
"LAYER2",
"LAYER3",
"L3REDIRECT",
"IDS"
],
"readonly": false,
"required": true,
"title": "Section Type",
"type": "string"
},
"stateful": {
"description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.",
"readonly": false,
"required": true,
"title": "Stateful nature of the distributed service rules in the section.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"default": false,
"description": "If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.",
"required": false,
"title": "TCP Strict",
"type": "boolean"
}
},
"type": "object"
}
FirewallSectionState (type)
{
"extends": {
"$ref": "DSSectionState"
},
"id": "FirewallSectionState",
"module_id": "Firewall",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Pending changes to be realized.",
"items": {
"$ref": "PendingChange"
},
"maxItems": 100,
"required": true,
"title": "List of pending changes",
"type": "array"
},
"revision_desired": {
"description": "This attribute represents revision number of section's desired state.",
"readonly": true,
"required": false,
"title": "Section's desired state revision number",
"type": "integer"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
FirewallSectionsSummary (type)
{
"extends": {
"$ref": "Resource"
},
"id": "FirewallSectionsSummary",
"module_id": "FirewallSummary",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"rule_count": {
"description": "Total number of rules in the section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"section_count": {
"description": "Total number of sections for the section type.",
"readonly": true,
"required": false,
"title": "Section count",
"type": "integer"
},
"section_type": {
"$ref": "FirewallCategory",
"description": "Type of rules which a section can contain.",
"readonly": true,
"required": false,
"title": "Section Type"
}
},
"type": "object"
}
FirewallSectionsSummaryList (type)
{
"id": "FirewallSectionsSummaryList",
"module_id": "FirewallSummary",
"properties": {
"last_compute_time": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": false,
"title": "Timestamp of the last computation, in epoch milliseconds."
},
"sections_summary": {
"description": "List of firewall sections summary.",
"items": {
"$ref": "FirewallSectionsSummary"
},
"readonly": true,
"required": false,
"title": "List of the firewall sections summary",
"type": "array"
}
},
"type": "object"
}
FirewallService (type)
{
"extends": {
"$ref": "DSService"
},
"id": "FirewallService",
"module_id": "Firewall",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"service": {
"$ref": "NSServiceElement",
"description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.",
"readonly": false,
"required": false,
"title": "Distributed Service Network and Security Service element"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"type": "object"
}
FirewallSessionTimerProfile (type)
{
"description": "A profile holding TCP, UDP and ICMP session timeout configuration.",
"extends": {
"$ref": "BaseFirewallProfile"
},
"id": "FirewallSessionTimerProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallSessionTimerProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_error_reply": {
"default": 10,
"description": "The timeout value for the connection after an ICMP error came back in response to an ICMP packet. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after ICMP error",
"type": "integer"
},
"icmp_first_packet": {
"default": 20,
"description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "First packet connection timeout",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_closed": {
"default": 20,
"description": "The timeout value of connection in seconds after one endpoint sends an RST. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after RST",
"type": "integer"
},
"tcp_closing": {
"default": 120,
"description": "The timeout value of connection in seconds after the first FIN has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after first TN",
"type": "integer"
},
"tcp_established": {
"default": 43200,
"description": "The timeout value of connection in seconds once the connection has become fully established. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 120,
"readonly": false,
"required": true,
"title": "Connection timeout",
"type": "integer"
},
"tcp_finwait": {
"default": 45,
"description": "The timeout value of connection in seconds after both FINs have been exchanged and connection is closed. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after FINs exchanged",
"type": "integer"
},
"tcp_first_packet": {
"default": 120,
"description": "The timeout value of connection in seconds after the first packet has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after first packet",
"type": "integer"
},
"tcp_opening": {
"default": 30,
"description": "The timeout value of connection in seconds after a second packet has been transferred. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after second packet",
"type": "integer"
},
"udp_first_packet": {
"default": 60,
"description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after first packet",
"type": "integer"
},
"udp_multiple": {
"default": 60,
"description": "The timeout value of connection in seconds if both hosts have sent packets. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after hosts sent packet",
"type": "integer"
},
"udp_single": {
"default": 30,
"description": "The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timeout for destination",
"type": "integer"
}
},
"title": "Firewall Session timeout profile",
"type": "object"
}
FirewallStats (type)
{
"extends": {
"$ref": "Resource"
},
"id": "FirewallStats",
"module_id": "FirewallStatsRule",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"byte_count": {
"description": "Aggregated number of bytes processed by the rule.",
"readonly": true,
"required": false,
"title": "Bytes count",
"type": "integer"
},
"hit_count": {
"description": "Aggregated number of hits received by the rule.",
"readonly": true,
"required": false,
"title": "Hits count",
"type": "integer"
},
"l7_accept_count": {
"description": "Aggregated number of L7 Profile Accepted counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Accept count",
"type": "integer"
},
"l7_reject_count": {
"description": "Aggregated number of L7 Profile Rejected counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject count",
"type": "integer"
},
"l7_reject_with_response_count": {
"description": "Aggregated number of L7 Profile Rejected with Response counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject with response count",
"type": "integer"
},
"max_popularity_index": {
"description": "Maximum value of popularity index of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "The maximum popularity index",
"type": "integer"
},
"max_session_count": {
"description": "Maximum value of sessions count of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Maximum sessions count",
"type": "integer"
},
"packet_count": {
"description": "Aggregated number of packets processed by the rule.",
"readonly": true,
"required": false,
"title": "Packets count",
"type": "integer"
},
"popularity_index": {
"description": "This is calculated by sessions count divided by age of the rule.",
"readonly": true,
"required": false,
"title": "The index of the popularity of firewall rule",
"type": "integer"
},
"rule_id": {
"description": "Rule Identifier of the Firewall rule. This is a globally unique number.",
"readonly": true,
"required": false,
"title": "Firewall rule Id",
"type": "string"
},
"session_count": {
"description": "Aggregated number of sessions processed by the rule.",
"readonly": true,
"required": false,
"title": "Sessions count",
"type": "integer"
},
"total_session_count": {
"description": "Aggregated number of sessions processed by the all firewall rules. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Total sessions count",
"type": "integer"
}
},
"type": "object"
}
FirewallStatsList (type)
{
"id": "FirewallStatsList",
"module_id": "FirewallStatsRule",
"properties": {
"result_count": {
"description": "Total count for firewall rule statistics in results set",
"readonly": true,
"required": true,
"title": "Firewall rules stats count",
"type": "integer"
},
"results": {
"description": "List of rule statistics",
"items": {
"$ref": "FirewallStats"
},
"maxItems": 1000,
"readonly": true,
"required": false,
"title": "Firewall rules stats",
"type": "array"
},
"section_id": {
"description": "Corresponding firewall section identifier for list of rule statistics",
"readonly": true,
"required": true,
"title": "Firewall section ID",
"type": "string"
}
},
"type": "object"
}
FirewallStatus (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "FirewallStatus",
"module_id": "FirewallStatus",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"context": {
"$ref": "FirewallContextType",
"description": "Types of firewall contexts.",
"readonly": false,
"required": true,
"title": "Firewall Context Type"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_status": {
"$ref": "FirewallStatusType",
"description": "Firewall status for a fabric entity or in global context where firewall is supported.",
"readonly": false,
"required": true,
"title": "Firewall Status Type"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_statuses": {
"description": "List of firewall status on various target logical resources. This will override the global status of corresponding firewall context (e.g it will override the gloabal status of logical_routers).",
"items": {
"$ref": "TargetResourceStatus"
},
"readonly": false,
"required": false,
"title": "List of target resource status",
"type": "array"
}
},
"title": "Firewall Status Response",
"type": "object"
}
FirewallStatusListResult (type)
{
"description": "List of firewall statuses for a context or all context",
"extends": {
"$ref": "ListResult"
},
"id": "FirewallStatusListResult",
"module_id": "FirewallStatus",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FirewallStatus"
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Firewall Statuses",
"type": "object"
}
FirewallStatusType (type)
{
"description": "Types of firewall statuses representing state of DFW for a context type (e.g. transport_nodes).",
"enum": [
"DISABLED",
"ENABLED"
],
"id": "FirewallStatusType",
"module_id": "FirewallStatus",
"title": "Firewall Status Type",
"type": "string"
}
FirstNSampling (type)
{
"extends": {
"$ref": "SamplingArgument"
},
"id": "FirstNSampling",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "FirstNSampling"
},
"properties": {
"match_number": {
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "Number of packets to be sampled",
"type": "integer"
},
"sampling_type": {
"enum": [
"FirstNSampling",
"PacketNumberSampling",
"IntervalSampling"
],
"required": true,
"title": "Sampling type",
"type": "string"
}
},
"type": "object"
}
FloodProtectionProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "A profile holding TCP, UDP and ICMP and other protcol connection limits.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "FloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Flood Protection profile",
"type": "object"
}
FloodProtectionProfileBindingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "FloodProtectionProfileBindingListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FloodProtectionProfileBindingMap"
},
"required": true,
"title": "Flood protection profile binding maps list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of flood protection profile binding maps",
"type": "object"
}
FloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Flood Protection profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap"
},
"id": "FloodProtectionProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FloodProtectionProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Flood Protection Profile binding map",
"type": "object"
}
FloodProtectionProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "FloodProtectionProfileListRequestParameters",
"module_id": "PolicyProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Flood Protection profile list request parameters",
"type": "object"
}
FloodProtectionProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "FloodProtectionProfileListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FloodProtectionProfile"
},
"required": true,
"title": "Flood protection profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of flood protection profiles",
"type": "object"
}
FloodProtectionProfileResourceType (type)
{
"additionalProperties": false,
"description": "GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways. DistributedFloodProtectionProfile is used for all Transport Nodes.",
"enum": [
"GatewayFloodProtectionProfile",
"DistributedFloodProtectionProfile"
],
"id": "FloodProtectionProfileResourceType",
"module_id": "PolicyProfile",
"title": "Resource types of flood protection profiles",
"type": "string"
}
FlowCacheStatistics (type)
{
"additionalProperties": false,
"description": "Provides the following statistics for flow cache since the time the edge dataplane is UP: - Number of active entries. - Number of cache entry insertions. - Number of bucket collisions when the entry insertion happens to a bucket which is full. - Number of key collisions when the entry to be inserted has a key colliding with that of an existing entry. - Number of cache hits, hit_rate, misses and skips. - Number of packets that cannot be cached. - Number of maximum entries with respect to size.",
"id": "FlowCacheStatistics",
"properties": {
"active": {
"description": "The number of current active entries in the flow cache.",
"title": "Active",
"type": "string"
},
"bucket_collisions": {
"description": "The total number of times when during an entry insertion, the corresponding bucket is full with unexpired entries. This collision will result in a flow cache miss. This is valid only for mega flow cache. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Bucket collisions",
"type": "string"
},
"dont_cache": {
"description": "The total number of packets that cannot be cached. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Dont cache",
"type": "string"
},
"hit_rate": {
"description": "The rate at which the packets matching the flow cache are forwarded. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Hit rate",
"type": "string"
},
"hits": {
"description": "The total number of packets forwarded due to matching flow cache entry. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Hits",
"type": "string"
},
"insertions": {
"description": "The total number of times a new flow cache entry is added. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Insertions",
"type": "string"
},
"key_collisions": {
"description": "The total number of times a newly inserted entry has a key colliding with that of an existing entry. In this case, the new entry will replace the existing entry. This is only valid for mega flow cache. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Key collisions",
"type": "string"
},
"max_seen_percentage": {
"description": "The percentage of maximum entries in a flow cache with respect to total size. This is collected from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Max seen percentage",
"type": "string"
},
"misses": {
"description": "The total number of packets passed on to the next layer due to cache miss. The next layer can be either slow path (in case of megaflow cache) or megaflow cache (in case of microflow cache). The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Misses",
"type": "string"
},
"skipped": {
"description": "The total number of packet misses due to unsupported packet type or the cache is disabled. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.",
"title": "Skipped",
"type": "string"
}
},
"title": "Flow cache statistics",
"type": "object"
}
FlowInfo (type)
{
"description": "Provides details of config flow in federation Federation has the following flows - Global Manager to Local Manager (GM -> LM) - Local Manager to Glocal Manager (LM -> GM) - Global Manager Active to Glocal Manager Standby (GM -> GM) - Local Manager to Local Manager (LM -> LM)",
"id": "FlowInfo",
"module_id": "FederationObservability",
"properties": {
"cross_site_flow_info": {
"$ref": "CrossSiteFlowInfo",
"read_only": true,
"title": "Corss site flow information for the flow"
},
"flow_type": {
"enum": [
"GM_TO_LM",
"LM_TO_GM",
"GM_TO_GM",
"LM_TO_LM",
"GM_WORK_QUEUE",
"GM_DELETE_QUEUE"
],
"read_only": true,
"title": "Flow identifier",
"type": "string"
},
"id": {
"read_only": true,
"title": "System identifier for the flow",
"type": "string"
},
"queue_infos": {
"description": "Every flow will have transmitter and receiver queues.",
"items": {
"$ref": "FederationQueueInfo"
},
"read_only": true,
"title": "Queue information for the flow",
"type": "array"
}
},
"title": "Details of config flow",
"type": "object"
}
Flows (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "Flows",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Flow information",
"items": {
"$ref": "FlowInfo"
},
"title": "Flow information",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Flows",
"type": "object"
}
Footer (type)
{
"additionalProperties": false,
"description": "Footer of a widget that provides additional information or allows an action such as clickable url for navigation. An example usage of footer is provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"id": "Footer",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"actions": {
"description": "Action to be performed at the footer of a widget. An action at the footer can be simple text description or a hyperlink to a UI page. Action allows a clickable url for navigation. An example usage of footer action is provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "FooterAction"
},
"minItems": 0,
"title": "Footer Actions",
"type": "array"
},
"condition": {
"description": "If the condition is met then the footer will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
}
},
"title": "Widget Footer",
"type": "object"
}
FooterAction (type)
{
"additionalProperties": false,
"description": "Action specified at the footer of a widget to provide additional information or to provide a clickable url for navigation. An example usage of footer action is provided under the 'example_request' section of 'CreateWidgetConfiguration' API.",
"id": "FooterAction",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"dock_to_container_footer": {
"default": true,
"description": "If true, the footer will appear in the underlying container that holds the widget.",
"title": "Dock the footer at container",
"type": "boolean"
},
"label": {
"$ref": "Label",
"description": "Label to be displayed against the footer action.",
"required": true,
"title": "Label for action"
},
"url": {
"description": "Hyperlink to the UI page that provides details of action.",
"maxLength": 1024,
"title": "Clickable hyperlink, if any",
"type": "string"
}
},
"title": "Widget Footer Action",
"type": "object"
}
ForceRevisionCheckRequestParameter (type)
{
"description": "Forces revision check before updating",
"id": "ForceRevisionCheckRequestParameter",
"module_id": "Policy",
"properties": {
"enforce_revision_check": {
"default": false,
"description": "If this is set to true, each child object in the request needs to have _revision property set correctly. System will honor the revision numbers while updating the resources.",
"readonly": false,
"required": false,
"title": "Force revision check",
"type": "boolean"
}
},
"title": "Parameter to enforce revision check before updating objects",
"type": "object"
}
FormFactorDetail (type)
{
"additionalProperties": false,
"description": "Form factor contains, resources required to deploy NSX Application Platform deployment and available features for a given form factor.",
"id": "FormFactorDetail",
"module_id": "PolicyCloudNative",
"properties": {
"node_resources": {
"$ref": "NodeResources",
"description": "Required node resources to deploy NSX Application Platform deployment.",
"title": "Node resources"
},
"supported_features": {
"description": "Features supported in this form factor.",
"items": {
"type": "string"
},
"title": "Supported features",
"type": "array"
}
},
"title": "Detail about form factor",
"type": "object"
}
FormFactorType (type)
{
"description": "Form factor types. standard - Deployment with standard configuration. advanced - Deployment with advanced configuration. evaluation - Deployment with evaluation configuration.",
"enum": [
"standard",
"advanced",
"evaluation"
],
"id": "FormFactorType",
"module_id": "PolicyCloudNative",
"title": "Form factor types",
"type": "string"
}
FormFactors (type)
{
"additionalProperties": false,
"description": "Different form factor for deployment.",
"id": "FormFactors",
"module_id": "PolicyCloudNative",
"properties": {
"advanced": {
"$ref": "FormFactorDetail",
"description": "Advanced form factor to deploy charts.",
"title": "Advanced form factor"
},
"evaluation": {
"$ref": "FormFactorDetail",
"description": "Evaluation form factor to deploy charts.",
"title": "Evaluation form factor"
},
"standard": {
"$ref": "FormFactorDetail",
"description": "Standard form factor to deploy charts.",
"title": "Standard form factor"
}
},
"title": "NSX Application Platform deployment platform form factors",
"type": "object"
}
ForwardStatsOutlier (type)
{
"description": "Outlier for forward packet statistics",
"id": "ForwardStatsOutlier",
"module_id": "ConsistencyCheck",
"properties": {
"deviation": {
"description": "Number of standard deviations away from the mean",
"readonly": true,
"required": true,
"title": "Number of standard deviations away from the mean",
"type": "number"
},
"observed_until": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp till the forward packet drop rate, i.e. forward outlier was detected",
"readonly": true,
"required": true,
"title": "Timestamp till the forward packet drop rate, i.e. forward outlier was detected"
},
"pnic_rx_pps": {
"description": "Average packets being received per second for physical nic across the cluster",
"readonly": true,
"required": true,
"title": "Average packets being received per second for physical nic across the cluster",
"type": "number"
},
"pnic_tx_pps": {
"description": "Average packets being transmitted per second for physical nic across the cluster",
"readonly": true,
"required": true,
"title": "Average packets being transmitted per second for physical nic across the cluster",
"type": "number"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the forward packet drop rate, i.e. forward outlier was detected",
"readonly": true,
"required": true,
"title": "Timestamp when the forward packet drop rate, i.e. forward outlier was detected"
},
"vnic_rx_pps": {
"description": "Average packets being received per second for virtual nic across the cluster",
"readonly": true,
"required": true,
"title": "Average packets being received per second for virtual nic across the cluster",
"type": "number"
},
"vnic_tx_pps": {
"description": "Average packets being transmitted per second for virtual nic across the cluster",
"readonly": true,
"required": true,
"title": "Average packets being transmitted per second for virtual nic across the cluster",
"type": "number"
}
},
"title": "Outlier for forward packet statistics",
"type": "object"
}
ForwarderZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "ForwarderZone",
"module_id": "DnsForwarder",
"properties": {
"source_ip": {
"$ref": "IPv4Address",
"description": "The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used.",
"required": false,
"title": "Source ip of the forwarder"
},
"upstream_servers": {
"description": "Ip address of the upstream DNS servers the DNS forwarder accesses.",
"items": {
"$ref": "IPv4Address"
},
"maxItems": 3,
"minItems": 1,
"required": true,
"title": "Ips of upsteam DNS servers",
"type": "array"
}
},
"type": "object"
}
ForwardingMode (type)
{
"enum": [
"IPV4_ONLY",
"IPV6_ONLY",
"IPV4_AND_IPV6"
],
"id": "ForwardingMode",
"module_id": "Switching",
"nsx_feature": "L2Ipv6",
"type": "string"
}
FpCounters (type)
{
"id": "FpCounters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"rx_bytes": {
"description": "Count of rx bytes of ENS-Fastpath/FC-lookup.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_drops": {
"description": "Count of rx packet drops of ENS Fastpath / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_drops_sp": {
"description": "Count of rx pkts drops of slowpath / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_drops_uplink": {
"description": "Count of rx packet drops of ENS Uplink / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_pkts": {
"description": "Count of rx packets of ENS Fastpath / Count of rx packets at FC lookup of vnic.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_pkts_sp": {
"description": "Count of rx pkt of slowpath / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_pkts_uplink": {
"description": "Count of rx packets of ENS Uplink / Count of rx packets at FC lookup of Uplink.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_bytes": {
"description": "Count of tx bytes of ENS/FC Fastpath",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_drops": {
"description": "Count of tx packet drops of ENS Fastpath / Count of packets dropped at FC lookup of vnic",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_drops_sp": {
"description": "Count of tx pkts drops by slowpath / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_drops_uplink": {
"description": "Count of tx packet drops of ENS Uplink / Count of packets dropped at FC lookup of Uplink.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_pkts": {
"description": "Count of tx packets of ENS Fastpath / Count of packets going through FC fastpath at vnic.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_pkts_sp": {
"description": "Count of tx pkts of ENS/FC slowpath",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_pkts_uplink": {
"description": "Count of tx packets of ENS Uplink / Count of packets going through FC fastpath at Uplink.",
"readonly": true,
"required": false,
"type": "integer"
}
},
"type": "object"
}
FqdnAnalysisConfig (type)
{
"additionalProperties": false,
"description": "The type contains information about the configuration of the FqdnAnalysis feature for a specific node.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "FqdnAnalysisConfig",
"module_id": "PolicyUrlCategorization",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Property which specifies the enabling/disabling of the feature.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "FQDN Analysis feature configuration entity",
"type": "object"
}
FromEsxiVmknic (type)
{
"description": "If this type of IP assignment is chosen, then the management vmkernel nic of ESXi will be configured as a virtual tunnel endpoint. The existing IP assigned to the management vmkernel nic will be used to form an overlay traffic tunnel between ESXi hosts. This type of IP assignment can be used only if the ESXi management vmkernel nic is connected to a DVPort that belongs to VDS referenced in the StandardHostSwitch.",
"extends": {
"$ref": "IpAssignmentSpec"
},
"id": "FromEsxiVmknic",
"module_id": "TransportNode",
"nsx_feature": "TepOnSharedVmknic",
"polymorphic-type-descriptor": {
"type-identifier": "FromEsxiVmknic"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpPoolSpec",
"StaticIpListSpec",
"AssignedByDhcp",
"StaticIpMacListSpec",
"NoIpv4",
"FromEsxiVmknic"
],
"required": true,
"type": "string"
}
},
"title": "Use IP assigned to an existing ESXi vmknic.",
"type": "object"
}
FullSyncInfo (type)
{
"description": "Represents details of the last full sync if full sync is not running, otherwise returns the status of current full sync.",
"id": "FullSyncInfo",
"module_id": "FederationObservability",
"properties": {
"data_streaming_from_source_end_time": {
"read_only": true,
"title": "End time of streaming full state from source",
"type": "integer"
},
"data_streaming_from_source_progress": {
"read_only": true,
"title": "Details about full sync on sender side",
"type": "string"
},
"data_streaming_from_source_start_time": {
"read_only": true,
"title": "Start time of streaming full state from source",
"type": "integer"
},
"end_time": {
"read_only": true,
"title": "Full sync end time",
"type": "integer"
},
"errors": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
},
"fullSyncId": {
"read_only": true,
"title": "Full sync id",
"type": "string"
},
"reason": {
"read_only": true,
"title": "Description of full sync reason",
"type": "string"
},
"reason_code": {
"description": "Full sync can happen for various internal reasons, as well user can request for one. The code provides the classification of possible reasons to start a full sync.",
"enum": [
"QUEUE_OVERFLOW_ON_TRANSMITTER",
"QUEUE_OVERFLOW_ON_RECEIVER",
"CONNECTION_RESTORED",
"LM_ONBOARDED",
"GM_SWITCHOVER",
"RESTORED_GM_FROM_BACKUP",
"RESTORED_LM_FROM_BACKUP",
"BROWNFIELD_CONFIG_MIGRATION_FROM_LM_TO_GM",
"GM_REQUESTED_OVERSIZED_PAYLOAD",
"GM_REQUESTED_SITE_ONBOARDING",
"GM_REQUESTED_OTHER",
"LM_REQUSTED_OVERSIZED_PAYLOAD",
"LM_REQUESTED_OTHER",
"USER_REQUSTED",
"OTHER_AR_INTERNAL",
"POST_UPGRADE_GM",
"POST_UPGRADE_LM",
"UNKNOWN"
],
"read_only": true,
"title": "Reason code for full sync",
"type": "string"
},
"receiver_end_time": {
"read_only": true,
"title": "End time of completing applying full state on receiver side",
"type": "integer"
},
"receiver_start_time": {
"read_only": true,
"title": "Start time of applying full state on receiver side",
"type": "integer"
},
"receiver_state": {
"description": "This is optional information, provides useful insights on receiver side once async channel hands over full state data to receiver.",
"read_only": true,
"title": "Internal receiver state",
"type": "string"
},
"receiver_time_to_apply_in_millis": {
"read_only": true,
"title": "Time taken by application receiver to apply the full state received",
"type": "integer"
},
"stage": {
"description": "This provides the insights into current full sync stage if in progress.",
"enum": [
"NOT_STARTED",
"REQUESTED_FULL_STATE_FROM_SOURCE",
"TRANSFERRING_FULL_STATE",
"COMPLETED_TRANSFERRING_FULL_STATE",
"DESTINATION_APPLYING_FULL_STATE",
"COMPLETED_SUCCESSFUL",
"TIMEOUT_ON_SOURCE_RECEIVE_FULL_STATE",
"TIMEOUT_ON_DESTINATION_APPLY",
"COMPLETED_FAILED"
],
"read_only": true,
"title": "Current stage details if full sync in progress",
"type": "string"
},
"start_time": {
"read_only": true,
"title": "Full sync start time",
"type": "integer"
},
"status": {
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"read_only": true,
"title": "Full sync status",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
}
},
"title": "Full sync details for the flow",
"type": "object"
}
FullSyncState (type)
{
"additionalProperties": false,
"description": "Provides FullSync state for Local Manager from Global Manager.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "FullSyncState",
"module_id": "PolicyFullSync",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"errors": {
"description": "Errors occurred during full sync.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Errors occurred during full sync",
"type": "array"
},
"full_sync_id": {
"description": "Full sync id generated by Async Replicator (AR) service.",
"readonly": true,
"title": "Full sync id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"last_completed_stage": {
"description": "The current stage of full sync completion for ongoing sync. When Local Manager (LM) receives full sync data from AR, LM starts with workflow to prserve the state and restore the full sync from where it has left off in case of change of leadership of the service to different NSX node or LM is restarted. LM starts the full sync workflow with state INITIAL capturing the AR full sync id and data location details. The stage/state transition follows the order given below INITIAL - Full sync started PROCESSED_FULLSYNC_DATA - Compelted processing the full state data provided by AR PRCESSED_DELTAS - Completed processing pending delta changes provided by AR. DELETED_STALE_ENTITIES - Completed deletion of all global entities on LM that are not in GM anymore COMPLETED - Full sync handling is completed on LM ERROR - Full sync failed with errors on LM, in which case AR will re-attempt full sync later point in time for the LM ABORTED - Indicates that the full sync cancelled as per user request",
"enum": [
"INITIAL",
"PAUSE_DCNS",
"DELETED_STALE_ENTITIES",
"PROCESSED_FULLSYNC_DATA",
"PROCESSED_DELTAS",
"UNPAUSE_DCNS",
"COMPLETED",
"ERROR",
"ABORTED"
],
"readonly": true,
"title": "Full sync stage that is last completed for this request.",
"type": "string"
},
"last_upate_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"deprecated": true,
"description": "Deprecated, refer to last_update_time for the last update time stamp.",
"readonly": true
},
"last_update_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last update, could be progress or success or error.",
"readonly": true
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of Full Sync start.",
"readonly": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Full sync state",
"type": "object"
}
FullSyncStateListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of FullSync states.",
"extends": {
"$ref": "ListResult"
},
"id": "FullSyncStateListResult",
"module_id": "PolicyFullSync",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "FullSync states list.",
"items": {
"$ref": "FullSyncState"
},
"required": true,
"title": "FullSync states list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of FullSync states.",
"type": "object"
}
FullSyncStatus (type)
{
"id": "FullSyncStatus",
"module_id": "SiteManagerModule",
"properties": {
"completed_at": {
"required": true,
"title": "Time at which the full sync was completed.",
"type": "string"
},
"snapshot_version": {
"required": true,
"title": "Snapshot version targeted by full sync.",
"type": "string"
},
"status": {
"enum": [
"UNAVAILABLE",
"ERROR",
"ONGOING",
"COMPLETE",
"NOT_STARTED"
],
"required": true,
"title": "Status of full sync.",
"type": "string"
},
"sync_id": {
"required": true,
"title": "Identifier for the full sync.",
"type": "string"
},
"sync_type": {
"enum": [
"UNAVAILABLE",
"STANDARD",
"FORCED"
],
"required": true,
"title": "Type of full sync.",
"type": "string"
}
},
"type": "object"
}
FwContexts (type)
{
"additionalProperties": false,
"id": "FwContexts",
"properties": {
"ICMP Active/Max": {
"description": "ICMP active/max connections",
"readonly": true,
"title": "ICMP Active/Max Connections",
"type": "string"
},
"Other Active/Max": {
"description": "Other active/max connections",
"readonly": true,
"title": "Other Active/Max Connections",
"type": "string"
},
"TCP Half Opened Active/Max": {
"description": "TCP active/max connections",
"readonly": true,
"title": "TCP Active/Max Connections",
"type": "string"
},
"UDP Active/Max": {
"description": "UDP active/max connections",
"readonly": true,
"title": "UDP Active/Max Connections",
"type": "string"
},
"config-loaded": {
"description": "Configuration is loaded",
"readonly": true,
"title": "Configuration Loaded",
"type": "string"
},
"connection-count": {
"description": "Connection count",
"readonly": true,
"title": "Connection Count",
"type": "string"
},
"connections": {
"description": "Connections",
"readonly": true,
"title": "Connections",
"type": "object"
},
"name": {
"description": "Name",
"readonly": true,
"title": "Name",
"type": "string"
},
"ports": {
"description": "Ports",
"items": {
"type": "object"
},
"readonly": true,
"title": "Ports",
"type": "array"
},
"pvi": {
"description": "Peer VRF",
"readonly": true,
"title": "Peer VRF",
"type": "integer"
},
"rule-flag": {
"description": "Rule flag",
"readonly": true,
"title": "Rule Flag",
"type": "string"
},
"sync-enabled": {
"description": "HA enabled",
"readonly": true,
"title": "HA Enabled",
"type": "string"
},
"sync-total-stats": {
"description": "HA total statistics",
"readonly": true,
"title": "HA Total Statistics",
"type": "object"
},
"total-stats": {
"description": "Total statistics",
"readonly": true,
"title": "Total Statistics",
"type": "object"
},
"type": {
"description": "Type",
"readonly": true,
"title": "Type",
"type": "string"
},
"uuid": {
"description": "UUID",
"readonly": true,
"title": "UUID",
"type": "string"
},
"vrf": {
"description": "VRF",
"readonly": true,
"title": "VRF",
"type": "integer"
}
},
"type": "object"
}
GatewayConnection (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GatewayConnection",
"module_id": "PolicyGatewayConnection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advertise_outbound_route_filters": {
"description": "Array of path of a prefixlist object that will have Transit gateway to tier-0 gateway advertise route filter.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Outbound advertise route filters",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"GatewayConnection"
],
"relationshipType": "GATEWAY_CONNECTION_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
}
]
},
"aggregate_routes": {
"description": "Configure aggregate TGW_PREFIXES routes on Tier-0 gateway for prefixes owned by TGW gateway. If not specified then in-use prefixes are configured as TGW_PREFIXES routes on Tier-0 gateway.",
"items": {
"$ref": "IPv4CIDRBlock"
},
"required": false,
"title": "Aggregate routes",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tier0_path": {
"description": "Tier-0 gateway object path",
"required": true,
"title": "Tier-0 path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GatewayConnection"
],
"relationshipType": "GATEWAY_CONNECTION_TIER0_RELATIONSHIP",
"rightType": [
"Provider"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"centralized external connection"
],
"title": "Policy gateway connection",
"type": "object"
}
GatewayConnectionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "GatewayConnectionListRequestParameters",
"module_id": "PolicyGatewayConnection",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy gateway connection request parameters",
"type": "object"
}
GatewayConnectionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "GatewayConnectionListResult",
"module_id": "PolicyGatewayConnection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GatewayConnection"
},
"required": true,
"title": "Gateway Connection list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Gateway Connection",
"type": "object"
}
GatewayFloodProtectionProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FloodProtectionProfile"
},
"id": "GatewayFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GatewayFloodProtectionProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nat_active_conn_limit": {
"default": 4294967295,
"description": "The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource.",
"maximum": 4294967295,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active NAT connections",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
GatewayGeneralSecurityProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "GeneralSecurityProfile"
},
"id": "GatewayGeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GatewayGeneralSecurityProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_double_flow": {
"default": false,
"description": "The flag to indicate double flow check is enabled or not. This option applies only to EDGE components.",
"readonly": false,
"title": "Flag to indicate double flow check is enabled or not",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "GeneralSecurityProfileResourceType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
GatewayInterfaceReference (type)
{
"additionalProperties": false,
"description": "Contains gateway interface details.",
"id": "GatewayInterfaceReference",
"module_id": "PolicyConnectivity",
"properties": {
"interface_path": {
"description": "Absolute policy path of member interface.",
"required": true,
"title": "interface path",
"type": "string"
}
},
"title": "Gateway interface reference",
"type": "object"
}
GatewayL2ForwarderSiteSpanInfo (type)
{
"additionalProperties": false,
"experimental": true,
"id": "GatewayL2ForwarderSiteSpanInfo",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"gateway_path": {
"description": "Policy path of a gateway.",
"readonly": true,
"required": true,
"title": "Gateway path",
"type": "string"
},
"inter_site_forwarder_status": {
"description": "Inter-site forwarder status per node.",
"items": {
"$ref": "L2ForwarderStatusPerNode"
},
"readonly": true,
"title": "Inter-site forwarder status per node",
"type": "array"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the L2 forwarder remote mac addresses was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"remote_macs_per_site": {
"description": "L2 forwarder remote mac addresses per site for logical switch.",
"items": {
"$ref": "L2ForwarderRemoteMacsPerSite"
},
"readonly": true,
"title": "L2 forwarder remote mac addresses per site",
"type": "array"
}
},
"type": "object"
}
GatewayPolicy (type)
{
"extends": {
"$ref": "Policy"
},
"id": "GatewayPolicy",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp",
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "Rule"
},
"required": false,
"title": "Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules for GatewayPolicy",
"type": "object"
}
GatewayPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult"
},
"id": "GatewayPolicyListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GatewayPolicy"
},
"required": true,
"title": "GatewayPolicy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of gateway policies",
"type": "object"
}
GatewayQosProfile (type)
{
"additionalProperties": false,
"description": "QoS profile contains configuration of rate limiting properties which can be applied in ingress and egress directions at Tier1 gateways",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GatewayQosProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"burst_size": {
"default": 1,
"description": "Burst size in bytes.",
"minimum": 1,
"title": "Burst size in bytes",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"committed_bandwidth": {
"default": 1,
"description": "Committed bandwidth in both directions specified in Mbps. Bandwidth is limited to line rate when the value configured is greater than line rate.",
"minimum": 1,
"title": "Committed bandwidth in Mbps",
"type": "int"
},
"committed_bandwitdth": {
"default": 1,
"deprecated": true,
"description": "Committed bandwidth in both directions specified in Mbps. Bandwidth is limited to line rate when the value configured is greater than line rate. This property is deprecated, use committed_bandwidth instead.",
"minimum": 1,
"title": "Committed bandwidth in Mbps",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"excess_action": {
"description": "Action on traffic exceeding bandwidth.",
"enum": [
"DROP"
],
"required": false,
"title": "Action on traffic exceeding bandwidth.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "QoS configuration of Tier1 gateway",
"type": "object"
}
GatewayQosProfileConfig (type)
{
"additionalProperties": false,
"id": "GatewayQosProfileConfig",
"module_id": "PolicyConnectivity",
"properties": {
"egress_qos_profile_path": {
"description": "Policy path to gateway QoS profile in egress direction.",
"required": false,
"title": "Egress QoS profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "GATEWAY_QOS_PROFILE_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
},
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_SERVICE_GATEWAY_EGRESS_QOS_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
},
{
"leftType": [
"VpcConnectivityProfile"
],
"relationshipType": "VPC_CONNECTIVITY_PROFILE_GATEWAY_EGRESS_QOS_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
}
]
},
"ingress_qos_profile_path": {
"description": "Policy path to gateway QoS profile in ingress direction.",
"required": false,
"title": "Ingress QoS profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "GATEWAY_QOS_PROFILE_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
},
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_SERVICE_GATEWAY_INGRESS_QOS_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
},
{
"leftType": [
"VpcConnectivityProfile"
],
"relationshipType": "VPC_CONNECTIVITY_PROFILE_GATEWAY_INGRESS_QOS_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
}
]
}
},
"title": "Gateway QoS profile configuration",
"type": "object"
}
GatewayQosProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "GatewayQosProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GatewayQosProfile"
},
"required": true,
"title": "Paginated list of GatewayQosProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
GatewayRecoverySiteConfig (type)
{
"additionalProperties": false,
"description": "Recovery site config",
"id": "GatewayRecoverySiteConfig",
"module_id": "PolicyConnectivity",
"properties": {
"failover_linked_tier1_gateway": {
"default": true,
"description": "Linked Tier1 gateway whose primary site matches from_site_path and are stretched to new primary site are recovered on new primary site path.",
"required": false,
"title": "Failover Linked Tier-1 Gateway",
"type": "boolean"
},
"tier0_gateway_path": {
"description": "Path of Tier-0 gateway",
"required": true,
"title": "Tier-0 gateway path",
"type": "string"
},
"to_primary_site_path": {
"description": "Recovery site path",
"required": true,
"title": "Recovery site path",
"type": "string"
}
},
"title": "Recovery site config",
"type": "object"
}
GatewayRouteCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord"
},
"id": "GatewayRouteCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"admin_distance": {
"required": false,
"title": "The admin distance of the next hop",
"type": "integer"
},
"black_hole": {
"description": "Value of this field will be true if given routes are null routes",
"readonly": true,
"required": false,
"title": "BlackHole",
"type": "boolean"
},
"edge_path": {
"description": "Edge node policy path.",
"readonly": true,
"title": "Edge path",
"type": "string"
},
"interface": {
"required": false,
"title": "The policy path of the interface which is used as the next hop",
"type": "string"
},
"lr_component_id": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"lr_component_type": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) type",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock",
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress",
"required": false,
"title": "The IP of the next hop"
},
"next_hop_gateway": {
"required": false,
"title": "Next hop gateway path",
"type": "string"
},
"route_type": {
"required": true,
"title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)",
"type": "string"
},
"transport_node_path": {
"description": "Transport node path.",
"readonly": true,
"title": "Transport node path",
"type": "string"
}
},
"type": "object"
}
GatewayRouteTableInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult"
},
"id": "GatewayRouteTableInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "GatewayRouteCsvRecord"
},
"required": false,
"type": "array"
}
},
"type": "object"
}
GatewaySiteFailoverActionConfig (type)
{
"additionalProperties": false,
"description": "configuration to trigger site failover for one or more Tier0 and linked Tier1 gateway(s).",
"id": "GatewaySiteFailoverActionConfig",
"module_id": "PolicyConnectivity",
"properties": {
"from_site_path": {
"description": "Source site path for failover. Gateway whose primary site path matches from_site_path are considered for recovery.",
"required": true,
"title": "Source site path",
"type": "string"
},
"to_primary_site_config": {
"description": "Recovery stie for Tier-0 gateway and linked Tier-1 gateway.",
"items": {
"$ref": "GatewayRecoverySiteConfig"
},
"maxItems": 200,
"required": true,
"title": "Recovery site for gateway",
"type": "array"
}
},
"title": "Gateway site failover action",
"type": "object"
}
GeneralSecurityProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "A profile holding general security settings.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "GeneralSecurityProfileResourceType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "General Security profile",
"type": "object"
}
GeneralSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between General Security profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap"
},
"id": "GeneralSecurityProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GeneralSecurityProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy General Security profile binding map",
"type": "object"
}
GeneralSecurityProfileResourceType (type)
{
"additionalProperties": false,
"description": "GatewayGeneralSecurityProfile is used for all Tier0 and Tier1 gateways.",
"enum": [
"GatewayGeneralSecurityProfile"
],
"id": "GeneralSecurityProfileResourceType",
"module_id": "PolicyProfile",
"title": "Resource types of General Security profiles",
"type": "string"
}
GeneralSecuritySettingsProfile (type)
{
"description": "A profile holding general security settings.",
"extends": {
"$ref": "BaseFirewallProfile"
},
"id": "GeneralSecuritySettingsProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GeneralSecuritySettingsProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_double_flow": {
"default": false,
"description": "The flag to indicate double flow check is enabled or not. This option applies only to EDGE components.",
"readonly": false,
"title": "Flag to indicate double flow check is enabled or not",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "General security settings profile",
"type": "object"
}
GenericDhcpOption (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Define DHCP options other than option 121.",
"id": "GenericDhcpOption",
"module_id": "Dhcp",
"properties": {
"code": {
"description": "Code of the dhcp option.",
"maximum": 255,
"minimum": 0,
"required": true,
"title": "DHCP option code, [0-255]",
"type": "integer"
},
"values": {
"description": "Value of the option.",
"items": {
"type": "string"
},
"maxItems": 10,
"minItems": 1,
"required": true,
"title": "DHCP option value",
"type": "array"
}
},
"title": "Generic DHCP option",
"type": "object"
}
GenericGroupStaticRouteAlarm (type)
{
"description": "List policy vpc realization failures under the object",
"id": "GenericGroupStaticRouteAlarm",
"module_id": "PolicyVpcStatistics",
"properties": {
"realization_entities": {
"items": {
"$ref": "RealizationEntity"
},
"required": true,
"title": "Generic realization failures dto for static routes and groups",
"type": "array"
}
},
"title": "List of policy vpc realization failures",
"type": "object"
}
GenericPolicyRealizedResource (type)
{
"description": "Represents realized entity",
"extends": {
"$ref": "PolicyRealizedResource"
},
"id": "GenericPolicyRealizedResource",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource"
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point.",
"readonly": true,
"title": "Enforcement Point Path",
"type": "string"
},
"entity_type": {
"readonly": true,
"title": "Type of realized entity",
"type": "string"
},
"extended_attributes": {
"items": {
"$ref": "AttributeVal"
},
"readonly": true,
"required": false,
"title": "Collection of type specific properties",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_paths": {
"items": {
"type": "string"
},
"readonly": true,
"title": "Collection of intent paths",
"type": "array"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement"
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"site_path": {
"description": "The site where this entity resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Generic realized entity",
"type": "object"
}
GenericPolicyRealizedResourceListRequestParameters (type)
{
"additionalProperties": false,
"description": "GenericPolicyRealizedResource list request parameters",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "GenericPolicyRealizedResourceListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "GenericPolicyRealizedResource list request parameters",
"type": "object"
}
GenericPolicyRealizedResourceListResult (type)
{
"additionalProperties": false,
"description": "GenericPolicyRealizedResource list result",
"extends": {
"$ref": "ListResult"
},
"id": "GenericPolicyRealizedResourceListResult",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of realized resources",
"items": {
"$ref": "GenericPolicyRealizedResource"
},
"required": false,
"title": "Paged Collection of GenericPolicyRealizedResources",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "GenericPolicyRealizedResource list result",
"type": "object"
}
GenericVpcSecurityAndNatStatus (type)
{
"extends": {
"$ref": "StatusEnum"
},
"id": "GenericVpcSecurityAndNatStatus",
"module_id": "PolicyVpcStatistics",
"properties": {
"realization_entities": {
"items": {
"$ref": "RealizationEntity"
},
"type": "array"
},
"rules": {
"$ref": "GenericVpcStatus",
"required": false,
"title": "Security/NAT rules of a given security intent."
},
"status": {
"enum": [
"SUCCESS",
"ERROR",
"UNINITIALIZED",
"IN_PROGRESS",
"UNKNOWN"
],
"required": false,
"title": "Status of this object",
"type": "string"
}
},
"title": "Security/Network status of a given VPC, containing security policies.",
"type": "object"
}
GenericVpcStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "StatusEnum"
},
"id": "GenericVpcStatus",
"module_id": "PolicyVpcStatistics",
"properties": {
"realization_entities": {
"items": {
"$ref": "RealizationEntity"
},
"type": "array"
},
"status": {
"enum": [
"SUCCESS",
"ERROR",
"UNINITIALIZED",
"IN_PROGRESS",
"UNKNOWN"
],
"required": false,
"title": "Status of this object",
"type": "string"
}
},
"title": "Subnet status along with error code and message.",
"type": "object"
}
GeoIpBlockedEvent (type)
{
"additionalProperties": false,
"id": "GeoIpBlockedEvent",
"module_id": "PolicyGeoIp",
"properties": {
"count": {
"readonly": true,
"title": "Packet Hit Count between Start and End Timestamp",
"type": "integer"
},
"destination_country_code": {
"readonly": true,
"title": "Destination Country Code of Geo IP Blocked Event",
"type": "string"
},
"destination_country_name": {
"readonly": true,
"title": "Destination Country Name of Geo IP Blocked Event",
"type": "string"
},
"destination_ip_address": {
"$ref": "IPAddress",
"readonly": true,
"title": "Destination IP Address of Geo IP Blocked Event"
},
"direction": {
"enum": [
"IN",
"OUT"
],
"readonly": true,
"title": "Direction of Traffic",
"type": "string"
},
"end_timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"title": "End Timestamp when Last Blocked Event occurred for the Country with given IP Address"
},
"rule_id": {
"readonly": true,
"title": "Gateway Firewall Rule Id of Geo IP Blocked Event",
"type": "integer"
},
"source_country_code": {
"readonly": true,
"title": "Source Country Code of Geo IP Blocked Event",
"type": "string"
},
"source_country_name": {
"readonly": true,
"title": "Source Country Name of Geo IP Blocked Event",
"type": "string"
},
"source_ip_address": {
"$ref": "IPAddress",
"readonly": true,
"title": "Source IP Address of Geo IP Blocked Event"
},
"start_timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"title": "Start Timestamp when Last Blocked Event occurred for the Country with given IP Address"
}
},
"title": "Geo IP Blocked Event",
"type": "object"
}
GeoIpBlockedEventsBaseFilterParameter (type)
{
"additionalProperties": false,
"id": "GeoIpBlockedEventsBaseFilterParameter",
"module_id": "PolicyGeoIp",
"properties": {
"include_all_projects": {
"default": false,
"tile": "All Blocked Events (including Default and Custom Projects)",
"type": "boolean"
}
},
"title": "Geo IP Blocked Events Base Filter Parameter",
"type": "object"
}
GeoIpBlockedEventsFilterParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "GeoIpBlockedEventsBaseFilterParameter"
},
"id": "GeoIpBlockedEventsFilterParameters",
"module_id": "PolicyGeoIp",
"properties": {
"cursor": {
"title": "Cursor for getting next page of records",
"type": "string"
},
"destination_country_code": {
"title": "Comma Separated Destination Country Codes of Geo IP Blocked Event",
"type": "string"
},
"destination_ip_address": {
"title": "Comma Separated Destination IP Addresses of Geo IP Blocked Event",
"type": "string"
},
"direction": {
"title": "Comma Separated Directions of Traffic",
"type": "string"
},
"include_all_projects": {
"default": false,
"tile": "All Blocked Events (including Default and Custom Projects)",
"type": "boolean"
},
"page_size": {
"default": 500,
"maximum": 500,
"minimum": 0,
"title": "Maximum number of results to return in this page",
"type": "int"
},
"rule_id": {
"title": "Comma Separated Gateway Firewall Rule Ids of Geo IP Blocked Event",
"type": "string"
},
"source_country_code": {
"title": "Comma Separated Source Country Codes of Geo IP Blocked Event",
"type": "string"
},
"source_ip_address": {
"title": "Comma Separated Source IP Addresses of Geo IP Blocked Event",
"type": "string"
}
},
"title": "Geo IP Blocked Events Filter Parameters",
"type": "object"
}
GeoIpBlockedEventsList (type)
{
"additionalProperties": false,
"id": "GeoIpBlockedEventsList",
"module_id": "PolicyGeoIp",
"properties": {
"cursor": {
"readonly": true,
"title": "Cursor for getting next page of records",
"type": "string"
},
"geo_ip_blocked_events": {
"items": {
"$ref": "GeoIpBlockedEvent"
},
"readonly": true,
"required": true,
"title": "GeoIpBlockedEvent list",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Total Result Count",
"type": "int"
},
"sort_ascending": {
"readonly": true,
"title": "Sort By Ascending",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Sort By",
"type": "string"
}
},
"title": "Paginated Geo IP Blocked Events",
"type": "object"
}
GeoIpBundleActionQueryParameters (type)
{
"additionalProperties": false,
"id": "GeoIpBundleActionQueryParameters",
"module_id": "PolicyGeoIp",
"properties": {
"action": {
"enum": [
"download_now",
"check_latest"
],
"required": true,
"title": "Geo IP Bundle Action",
"type": "string"
}
},
"title": "Geo IP Bundle Action Query Parameters",
"type": "object"
}
GeoIpBundleInfo (type)
{
"additionalProperties": false,
"id": "GeoIpBundleInfo",
"module_id": "PolicyGeoIp",
"properties": {
"download_status": {
"enum": [
"complete",
"failed"
],
"readonly": true,
"title": "Download Status of Geo IP Bundle",
"type": "string"
},
"geo_ip_bundle_version": {
"readonly": true,
"title": "Geo IP Bundle Version in System",
"type": "string"
},
"last_bundle_download_time": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"title": "Timestamp of the most recent successful Geo IP Bundle download"
},
"latest_available_geo_ip_bundle_version": {
"readonly": true,
"title": "Latest Geo IP Bundle Version available for Download",
"type": "string"
},
"message": {
"readonly": true,
"title": "Status Message of Geo IP Bundle",
"type": "string"
},
"path": {
"readonly": true,
"title": "Geo IP Bundle Path",
"type": "string"
}
},
"title": "Geo IP Bundle Information",
"type": "object"
}
GeoIpLookUp (type)
{
"additionalProperties": false,
"id": "GeoIpLookUp",
"module_id": "PolicyGeoIp",
"properties": {
"country_code": {
"readonly": true,
"title": "Country Code of Geo IP Blocked Event",
"type": "string"
},
"country_name": {
"readonly": true,
"title": "Country Name of Geo IP Blocked Event",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress",
"readonly": true,
"title": "IP Address Provided"
},
"message": {
"readonly": true,
"title": "Geo IP Look Up Message",
"type": "string"
}
},
"title": "Geo IP Look Up",
"type": "object"
}
GeoIpLookUpParameters (type)
{
"additionalProperties": false,
"id": "GeoIpLookUpParameters",
"module_id": "PolicyGeoIp",
"properties": {
"ip_address": {
"$ref": "IPAddress",
"required": true,
"title": "Ip Address for Geo Ip Look Up"
}
},
"title": "Geo IP Look Up Query Parameters",
"type": "object"
}
GeoIpSetting (type)
{
"additionalProperties": false,
"description": "Geo IP Setting used to activate or deactivate auto-download of Geo IP Bundle.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GeoIpSetting",
"module_id": "PolicyGeoIp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_download": {
"description": "Property which indicates whether auto-download of Geo IP Bundle is ON or OFF.",
"required": true,
"title": "Geo IP Bundle Auto-Download Flag",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Geo IP Setting",
"type": "object"
}
GeoLocationExpression (type)
{
"additionalProperties": false,
"description": "Represents Geo location expressions in the form of an array, to support geo location in a group.",
"extends": {
"$ref": "Expression"
},
"id": "GeoLocationExpression",
"module_id": "Policy",
"nsx_feature": "GeoIP",
"polymorphic-type-descriptor": {
"type-identifier": "GeoLocationExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"country_code": {
"description": "This contain country code for System created GeoIP Groups.",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"exclude": {
"$ref": "ExcludedMembersList",
"description": "List of members to be excluded from the GeoLocationExpression. This field is applicable only for expression representing the list of GeoIp groups. Only IPAddressExpression and PathExpression are supported. The PathExpression should have group_type IPAddress. Only IP based groups are supported and GeoIp groups are not supported here.",
"required": false,
"title": "Members to be excluded from the condition"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_group_paths": {
"description": "This array consists of Default System GeoIP group paths.",
"items": {
"type": "string"
},
"maxItems": 200,
"minItems": 1,
"required": true,
"title": "Array of Default System GeoIP group paths.",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression",
"GeoLocationExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Geo location expression node",
"type": "object"
}
GetBackupUiFramesInfoRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters"
},
"id": "GetBackupUiFramesInfoRequestParameters",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"ui_tab_type": {
"default": "LOCAL_MANAGER_TAB",
"enum": [
"LOCAL_MANAGER_TAB",
"GLOBAL_MANAGER_TAB"
],
"readonly": true,
"required": false,
"type": "string"
}
},
"type": "object"
}
GetCertParameter (type)
{
"additionalProperties": false,
"id": "GetCertParameter",
"module_id": "CertificateManager",
"properties": {
"details": {
"default": false,
"required": false,
"title": "whether to expand the pem data and show all its details",
"type": "boolean"
}
},
"type": "object"
}
GetSNMPParameters (type)
{
"additionalProperties": false,
"description": "Get SNMP request parameters.",
"id": "GetSNMPParameters",
"properties": {
"show_sensitive_data": {
"default": false,
"description": "Whether to show SNMP service properties including community strings if any applicable.",
"required": false,
"title": "Show SNMP sensitive data or not",
"type": "boolean"
}
},
"title": "Get SNMP request parameters",
"type": "object"
}
GiServiceProfile (type)
{
"description": "GI Specific service profile",
"extends": {
"$ref": "BaseServiceProfile"
},
"id": "GiServiceProfile",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"type-identifier": "GiServiceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Service Profile type, for example 'GiServiceProfile', 'ServiceInsertionServiceProfile'",
"required": true,
"title": "Service Profile Resource type.",
"type": "string"
},
"service_id": {
"description": "The service to which the service profile belongs.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"vendor_template_id": {
"description": "ID of the vendor template, created by partner while registering the service.",
"readonly": false,
"required": true,
"title": "Vendor template Id",
"type": "string"
},
"vendor_template_key": {
"description": "Different VMs in data center can have Different protection levels as specified by administrator in the policy. The identifier for the policy with which the partner appliance identifies this policy. This identifier will be passed to the partner appliance at runtime to specify which protection level is applicable for the VM being protected.",
"readonly": true,
"required": false,
"title": "Vendor template key",
"type": "string"
}
},
"title": "GI sepcific Service Profile",
"type": "object"
}
GlobalCollectionConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "GlobalCollectionConfiguration",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"aggregated_data_collection_frequency": {
"description": "The frequency in seconds at which data, which is subject to the aggregation function, is collected.",
"maximum": 86400,
"minimum": 60,
"required": true,
"title": "Aggregated Data Collection Frequency In Seconds",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_data_collection_enabled": {
"description": "Indicates whether data collection required by the aggregation service is enabled. If false, no aggregation service data will be collected. Changing this property will not affect the existing data collection frequency settings.",
"required": true,
"title": "Is data collection enabled",
"type": "boolean"
},
"modified_feature_stack_collection_configurations": {
"$ref": "FeatureStackCollectionConfigurationList",
"description": "The list of the locally modified feature stack data collection frequency settings. If all feature stack data collection configurations are set to their default values, this list will be empty.",
"readonly": true,
"title": "Modified feature stack collection configurations"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
GlobalCollectorConfig (type)
{
"abstract": true,
"description": "The GlobalCollectorConfig is the base class for global collector configurations for different types in a NSX domain.",
"id": "GlobalCollectorConfig",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "collector_type"
},
"properties": {
"collector_ip": {
"$ref": "IPAddress",
"description": "IP address for the global collector.",
"required": true,
"title": "IP address for the global collector collector"
},
"collector_port": {
"description": "Port for the global collector.",
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "Port for the global collector",
"type": "int"
},
"collector_type": {
"$ref": "GlobalCollectorType",
"description": "Specify the global collector type.",
"required": true
}
},
"title": "Abstract base type for Global collector configurations of different types",
"type": "object"
}
GlobalCollectorType (type)
{
"enum": [
"VRNI",
"WAVE_FRONT",
"VRNI_STREAMING"
],
"id": "GlobalCollectorType",
"module_id": "Policy",
"title": "Valid Global collector types",
"type": "string"
}
GlobalConfig (type)
{
"additionalProperties": false,
"description": "Global configuration",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GlobalConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_changing_vdr_mac_in_use": {
"default": false,
"description": "When this flag is set to true, it is allowed to change the VDR MAC being used by existing transport nodes in a NSX system. The VDR MAC used by a host switch in a transport node is decided by the OVERLAY transport zone(s) which the host switch joins. If any of the OVERLAY transport zone(s) has \"nested_nsx\" property set to true, the MAC in \"vdr_mac_nested\" is used; otherwise the MAC in \"vdr_mac\" is used. Thus the VDR MAC being used by a host switch in a transport node can be changed in below ways. If the host switch is not in any OVERLAY transport zone whose \"nested_nsx\" property is true but is in an OVERLAY transport zone, the first way is updating the \"vdr_mac\" property. The 2nd way is updating one of the OVERLAY transport zones joined by the host switch to set \"nested_nsx\" property true which will make the host switch use the VDR MAC in \"vdr_mac_nested\". The third way is directly updating the transport node to add an OVERLAY transport zone whose \"nested_nsx\" property is true into the host switch which will also make the host switch use the VDR MAC in \"vdr_mac_nested\". If the host switch is in some OVERLAY transport zone(s) whose \"nested_nsx\" property is true, the first way is updating the \"vdr_mac_nested\" property. The 2nd way is updating all those OVERLAY transport zones to set \"nested_nsx\" property false which will make the host switch use the VDR MAC in \"vdr_mac\". The third way is directly updating the transport node to remove all those OVERLAY transport zones from the host switch which will also make the host switch use the VDR MAC in \"vdr_mac\". Please note that changing the VDR MAC being used by existing transport nodes will most likely cause traffic disruption and network outage!",
"title": "A flag to indicate if changing the VDR MAC being used is allowed",
"type": "boolean"
},
"arp_limit_per_gateway": {
"default": 50000,
"description": "Global configuration of maximum number of ARP entries per transport node at each Tier0/Tier1 gateway.",
"maximum": 50000,
"minimum": 5000,
"title": "ARP limit per Tier0/Tier1 gateway",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"default_host_switch_mode": {
"default": "ENS_INTERRUPT",
"description": "The value of this field will be used only if TN/TNP create API does not contain hostswitch mode. ENS_INTERRUPT - This is an interrupt driven variant of the Enhanced Data Path mode. Please, consult your account representative for applicability. This mode is available only on ESX hypervisor (7.0 and above). STANDARD - This mode was formerly the default and is realized as pktHandle mode in the datapath.",
"enum": [
"ENS_INTERRUPT",
"STANDARD"
],
"nsx_feature": "DefaultUens",
"required": false,
"title": "Default operational mode of VDS HostSwitch on ESX TransportNodes.",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_gateway_bfd": {
"$ref": "ExternalGatewayBfdConfig",
"description": "Configuration for BFD session between host nodes and external gateways. If this configuration is not provided, system defaults are applied.",
"title": "External Bidirectional Flow Detection configuration"
},
"fips": {
"$ref": "FIPSGlobalConfig",
"description": "Contains the FIPSGlobalConfig object.",
"required": false,
"title": "FIPS enabled config"
},
"global_replication_mode_enabled": {
"default": false,
"description": "When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span.",
"title": "A flag to indicate if global replication mode is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_inherited": {
"description": "if True, meaning that this is a copy version of GM if False, meaning that this is a local version on LM",
"required": false,
"title": "This field indicates whether this is a copy version of GM/NSX+ or not",
"type": "boolean"
},
"l3_forwarding_mode": {
"default": "IPV4_ONLY",
"description": "Configure forwarding mode for routing. This setting does not restrict configuration for other modes.",
"enum": [
"IPV4_ONLY",
"IPV4_AND_IPV6"
],
"required": false,
"title": "L3 forwarding mode",
"type": "string"
},
"lb_ecmp": {
"default": false,
"deprecated": true,
"description": "Flag to activate/deactivate ECMP load balancing. By default ECMP load balancing is deactivated.",
"title": "Flag for controlling equal-cost multi-path(ECMP) load balancing.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit. This is the global default MTU for all the EXTERNAL (uplink) and SERVICE (CSP) interfaces in the NSX domain. There is no option to override this value at the transport zone level or transport node level.",
"minimum": 1280,
"required": false,
"title": "MTU size",
"type": "int"
},
"operation_collectors": {
"deprecated": true,
"description": "This property is a part of OpsGlobalConfig object. Use /infra/ops-global-config instead. The VRNI and WAVE_FRONT collector type can be defined to collect the metric data. The WAVE_FRONT collector type can only be used in VMC mode.",
"items": {
"$ref": "GlobalCollectorConfig"
},
"required": false,
"title": "Operation global collector config",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"physical_uplink_mtu": {
"default": 1700,
"description": "This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized.",
"readonly": false,
"title": "MTU for the physical uplinks",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"remote_tunnel_physical_mtu": {
"default": 1700,
"description": "This is the global default MTU for all the physical remote tunnel endpoints in an NSX domain. Please consider intersite link MTU minus any external overhead when defining the MTU. If this value is not set, the default value of 1500 will be used.",
"readonly": false,
"title": "The physical MTU for the remote tunnel endpoints",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_infos": {
"description": "Information related to sites applicable for given config.",
"items": {
"$ref": "SiteInfo"
},
"maxItems": 16,
"required": false,
"title": "Collection of Site information",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tep_group_config": {
"$ref": "TepGroupConfig",
"description": "Indicates if the TEP Grouping is supported in Transport Nodes.",
"title": "VTEP Group Configuration."
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"uplink_mtu_threshold": {
"default": 9000,
"description": "This value defines the upper threshold for the Maximum Transmission Unit (MTU) value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU.",
"required": false,
"title": "Upper threshold for MTU on physical and logical uplinks",
"type": "int"
},
"vdr_mac": {
"$ref": "MACAddress",
"default": "02:50:56:56:44:52",
"description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system. It can be changed only when there is no transport node in the NSX system. This value cannot be same as vdr_mac_nested. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node. A transport node uses this VDR MAC if any host switch in the node is in OVERLAY transport zone(s) but none of the transport zone(s) has \"nested_nsx\" property being true.",
"title": "MAC address of the Virtual Distributed Router (VDR) port"
},
"vdr_mac_nested": {
"$ref": "MACAddress",
"default": "02:50:56:56:44:53",
"description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system nested in another NSX system. It can be changed only when there is no transport node in the NSX system. All transport zones in such a nested NSX system will have the \"nested_nsx\" property being true so that all transport nodes will use this MAC for the VDR ports to avoid conflict with the VDR MAC in the outer NSX system. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node in a nested NSX environment. A transport node uses this VDR MAC if any host switch in the node is in an OVERLAY transport zone whose \"nested_nsx\" property is true.",
"title": "The MAC address of the Virtual Distributed Router (VDR) port in a nested NSX environment."
}
},
"title": "Global configuration",
"type": "object"
}
GlobalConfigType (type)
{
"enum": [
"SwitchingGlobalConfig",
"RoutingGlobalConfig",
"OperationCollectorGlobalConfig",
"FirewallGlobalConfig",
"EsxGlobalOpaqueConfig",
"SecurityGlobalConfig",
"FipsGlobalConfig",
"FederationGlobalConfig",
"IdsGlobalConfig"
],
"id": "GlobalConfigType",
"module_id": "GlobalConfigs",
"title": "Valid Global configuration types",
"type": "string"
}
GlobalConfigs (type)
{
"abstract": true,
"description": "The GlobalConfigs is the base class for global configurations for different types in a NSX domain.",
"extends": {
"$ref": "ManagedResource"
},
"id": "GlobalConfigs",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "GlobalConfigType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Abstract base type for Global configurations of different types",
"type": "object"
}
GlobalConfigsListResult (type)
{
"description": "A list of global configurations grouped by their types",
"extends": {
"$ref": "ListResult"
},
"id": "GlobalConfigsListResult",
"module_id": "GlobalConfigs",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GlobalConfigs"
},
"required": false,
"title": "Domain specific global configuration.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Global configurations query result",
"type": "object"
}
GlobalDfwConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GlobalDfwConfiguration",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_firewall": {
"default": true,
"description": "If set to true, distributed firewall is enabled on a specified site.",
"title": "Distributed firewall enable flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global distributed firewall configuration for a specific site",
"type": "object"
}
GlobalDfwConfigurationListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of global distributed firewall configurations for all the sites.",
"extends": {
"$ref": "ListResult"
},
"id": "GlobalDfwConfigurationListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Global distributed firewall configuration list results.",
"items": {
"$ref": "GlobalDfwConfiguration"
},
"required": true,
"title": "Global distributed firewall configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of global distributed firewall configurations for all the sites",
"type": "object"
}
GlobalIdsSettings (type)
{
"additionalProperties": false,
"description": "Represents the Intrusion Detection System settings for NSX+.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GlobalIdsSettings",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_update": {
"default": false,
"description": "Parameter to let the user decide whether to update the IDS Signatures automatically or not.",
"required": false,
"title": "Auto update signatures flag",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Intrusion Detection System settings\n",
"type": "object"
}
GlobalIdsSignature (type)
{
"additionalProperties": false,
"description": "Global IDS signature.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GlobalIdsSignature",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "It denotes the global action of a IDS Signature. This will take precedence over IDS signature's action.",
"enum": [
"ALERT",
"DROP",
"REJECT"
],
"title": "Global IDS signature's action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"description": "Flag through which user can Activate/Deactivate a Signature at Global Level.",
"title": "Flag to Activate/Deactivate a IDS Signature globally.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_custom_signature": {
"description": "It represents whether the overridden signature is custom or system signature.",
"nsx_feature": "IDSCustomSignatures",
"readonly": true,
"title": "Flag to determine custom signature",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": true,
"title": "Signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global IDS signature",
"type": "object"
}
GlobalIdsSignatureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "GlobalIdsSignatureListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Global IDS signature request parameters",
"type": "object"
}
GlobalIdsSignatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "GlobalIdsSignatureListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GlobalIdsSignature"
},
"required": true,
"title": "Global IDS signature list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Global IDS signatures",
"type": "object"
}
GlobalInheritedRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameter for GET/PUT/PATCH call then the local resource copy will be shown/modified",
"id": "GlobalInheritedRequestParameters",
"module_id": "Policy",
"properties": {
"apply_locally": {
"default": false,
"description": "If the user sets apply_locally to GET/PUT/PATCH call then the local resource copy will be shown/modified. This will only be acceptable on LM. In case LM only has it's copy, the apply_local = false will still have effect on local copy.",
"required": false,
"title": "Flag to check reaching NSX+ or LM resource",
"type": "boolean"
}
},
"title": "Request Parameters for Global Configs",
"type": "object"
}
GlobalManager (type)
{
"additionalProperties": false,
"description": "Global Manager.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GlobalManager",
"module_id": "PolicySiteGM",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connection_info": {
"description": "To create a standby GM, the connection information (username, password, and API thumbprint) for at least one NSX manager node in the remote site must be provided. Once the GM has been successfully onboarded, the connection_info is discarded and authentication to the standby GM occurs using an X.509 client certificate.",
"items": {
"$ref": "SiteNodeConnectionInfo"
},
"maxItems": 3,
"title": "Connection information",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fail_if_rtt_exceeded": {
"default": true,
"description": "Fail onboarding if maximum RTT exceeded.",
"title": "Fail onboarding if maximum RTT exceeded",
"type": "boolean"
},
"federation_id": {
"description": "Internally generated UUID to the federation of Global Manager.",
"readonly": true,
"title": "Global manager federation UUID",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"maximum_rtt": {
"default": 250,
"description": "If provided and fail_if_rtt_exceeded is true, onboarding of the site will fail if measured RTT is greater than this value.",
"maximum": 1000,
"minimum": 0,
"title": "Maximum acceptable packet round trip time (RTT)",
"type": "integer"
},
"mode": {
"description": "There can be at most one ACTIVE global manager and one STANDBY global manager. In order to add a STANDBY manager, there must be an ACTIVE manager defined.",
"enum": [
"ACTIVE",
"STANDBY"
],
"required": true,
"title": "Mode of the global manager",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_id": {
"description": "UUID of the site where Global manager is running. This is the Site Manager generated UUID for every NSX deployment.",
"readonly": true,
"title": "UUID of the site where Global manager is running",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Manager",
"type": "object"
}
GlobalManagerConfig (type)
{
"additionalProperties": false,
"description": "This configuration is distributed to all Sites participating in federation.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "GlobalManagerConfig",
"module_id": "PolicySiteGM",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rtep_config": {
"$ref": "GmRtepConfig",
"description": "Global Manager federation RTEP configuration. This configuration is distributed to all Sites participating in federation.",
"required": false,
"title": "Global Manager federation RTEP configuration"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Manager configuration",
"type": "object"
}
GlobalManagerListRequestParameters (type)
{
"additionalProperties": false,
"description": "Site list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "GlobalManagerListRequestParameters",
"module_id": "PolicySiteGM",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Site List Request Parameters",
"type": "object"
}
GlobalManagerListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Global Managers.",
"extends": {
"$ref": "ListResult"
},
"id": "GlobalManagerListResult",
"module_id": "PolicySiteGM",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Global Manager List Result.",
"items": {
"$ref": "GlobalManager"
},
"required": true,
"title": "Global Manager List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Global Managers",
"type": "object"
}
GlobalRestoreStatus (type)
{
"id": "GlobalRestoreStatus",
"module_id": "ClusterRestore",
"properties": {
"description": {
"readonly": true,
"required": true,
"title": "A description of the restore status",
"type": "string"
},
"value": {
"enum": [
"INITIAL",
"SUCCESS",
"FAILED",
"RUNNING",
"SUSPENDED_BY_USER",
"SUSPENDED_FOR_USER_ACTION",
"SUSPENDED",
"ABORTED"
],
"readonly": true,
"required": true,
"title": "Global rolled-up restore status value",
"type": "string"
}
},
"title": "Overall restore process status",
"type": "object"
}
GmFederationSiteConfig (type)
{
"additionalProperties": false,
"description": "Additional configuration required for federation at Site.",
"id": "GmFederationSiteConfig",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"transit_subnet": {
"description": "IP Addresses to be allocated for transit segment when the gateway is stretched. Note that Global Manager will carve out the IP Pool for each site to be used for edge nodes when gateway is stretched based on the user provided subnet and maximum number of edge nodes allowed per site.",
"format": "ip-cidr-block",
"readlony": true,
"title": "Transit subnet in CIDR format",
"type": "string"
}
},
"title": "Federation configuration for the site",
"type": "object"
}
GmRtepConfig (type)
{
"additionalProperties": false,
"description": "Global Manager federation RTEP configuration. This configuration is distributed to all Sites participating in federation.",
"id": "GmRtepConfig",
"module_id": "PolicySiteGM",
"properties": {
"ibgp_password": {
"description": "Password to authenticate IBGP session between remote tunnel endpoints created on federated sites. This is applied to inter-site underlay IBGP neighbors created over remote tunnel endpoints on all sites. Empty string (\"\") clears existing password.",
"maxLength": 20,
"required": false,
"sensitive": true,
"title": "Password for IBGP sessions between federated sites",
"type": "secure_string"
}
},
"title": "Global Manager federation RTEP configuration",
"type": "object"
}
GracefulRestartConfig (type)
{
"additionalProperties": false,
"description": "BGP Graceful Restart configuration parameters",
"id": "GracefulRestartConfig",
"module_id": "Routing",
"properties": {
"graceful_restart_mode": {
"$ref": "GracefulRestartMode",
"default": "HELPER_ONLY",
"description": "BGP Graceful Restart mode",
"required": false,
"title": "Graceful Restart Mode"
},
"graceful_restart_timer": {
"$ref": "GracefulRestartTimer",
"description": "Graceful Restart timers configuration",
"required": false,
"title": "Graceful Restart Timer"
}
},
"title": "BGP Graceful Restart Configuration",
"type": "object"
}
GracefulRestartMode (type)
{
"additionalProperties": false,
"description": "BGP Graceful Restart modes. DISABLE Disables Graceful Restart capability. HELPER_ONLY Enables as Helper only in Graceful Restart mechanism. GR_AND_HELPER Enables Graceful Restart capability along with HELPER mode.",
"enum": [
"DISABLE",
"HELPER_ONLY",
"GR_AND_HELPER"
],
"id": "GracefulRestartMode",
"module_id": "Routing",
"type": "string"
}
GracefulRestartTimer (type)
{
"additionalProperties": false,
"description": "BGP Graceful Restart timers configuration",
"id": "GracefulRestartTimer",
"module_id": "Routing",
"properties": {
"restart_timer": {
"default": 180,
"description": "Maximum time BGP speaker will take for the BGP session to be re-established after a restart. Ranges from 1 sec to 3600 sec. This can be used to speed up routing convergence by its peer in case that the BGP speaker does not come back after a restart. If the session does not get re-established within the \"Restart Time\" that the Restarting Speaker advertised previously, the Receiving Speaker will delete all the stale routes from that peer.",
"maximum": 3600,
"minimum": 1,
"required": false,
"title": "Restart Timer",
"type": "integer"
},
"stale_timer": {
"default": 600,
"description": "Maximum time before stale routes are removed from the RIB when the local BGP process restarts. Ranges from 1 sec to 3600 sec.",
"maximum": 3600,
"minimum": 1,
"required": false,
"title": "Stale Timer",
"type": "integer"
}
},
"title": "BGP Graceful Restart Timer",
"type": "object"
}
GraphConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a graph widget",
"extends": {
"$ref": "WidgetConfiguration"
},
"id": "GraphConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "GraphConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"axes": {
"$ref": "Axes",
"desription": "Represents the Axes of a graph. If axes is not specified, labels are not applied to the axes.",
"title": "Axes of a graph"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource"
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue"
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"display_x_value": {
"default": false,
"description": "If true, value of a point is shown as label on X axis. If false, value of point is not shown as label on X axis. false can be useful in situations where there are too many points and showing the X value as label can clutter the X axis.",
"title": "Show or hide the value of a point on X axis",
"type": "boolean"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet",
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer"
},
"graphs": {
"decription": "Array of graphs to be plotted on the Axes. If more than 1 graph needs to be shown on the same axes, each graph will be distinguished by its color and legend.",
"items": {
"$ref": "GraphDefinition"
},
"minItems": 1,
"required": true,
"title": "Graphs",
"type": "array"
},
"graphs_colors": {
"description": "An array of graphs colors which will be applied to each graph seperately. if number of provided colors are smaller than number of graph in the widget then colors are applied in circular manner.",
"items": {
"type": "string"
},
"title": "A colors for the graph",
"type": "array"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon"
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend",
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"line_chart_plot_configs": {
"description": "List of line chart plotting configuration. This plotting configuration will be applicable for the LINE_GRAPH only.",
"items": {
"$ref": "LineChartPlotConfiguration"
},
"required": false,
"title": "List of line chart plotting configuration",
"type": "array"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration"
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"sub_type": {
"default": "BAR_GRAPH",
"description": "Describes the the type of graph. LINE_GRAPH shows a line graph chart BAR_GRAPH shows a simple bar graph chart STACKED_BAR_GRAPH shows a stacked bar graph chart",
"enum": [
"LINE_GRAPH",
"BAR_GRAPH",
"STACKED_BAR_GRAPH"
],
"title": "Subtype of a graph",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"x_value_type": {
"default": "string",
"description": "x value type.",
"enum": [
"string",
"number",
"date",
"millisecond",
"second"
],
"required": false,
"title": "x value type",
"type": "string"
},
"y_value_type": {
"description": "y value type.",
"enum": [
"integer",
"double"
],
"required": false,
"title": "y value type",
"type": "string"
}
},
"title": "Graph Configuration",
"type": "object"
}
GraphDefinition (type)
{
"additionalProperties": false,
"description": "Defines a graph",
"id": "GraphDefinition",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"id": {
"description": "Identifier of graph. It can be used to differentiate multiple graph series present in GraphWidgetConfiguration.",
"title": "Identifier of graph",
"type": "string"
},
"label": {
"$ref": "Label",
"description": "Describes the graph. It labels the entities of graph. If the label is not provided then it is not shown for a graph. For example, for a single graph, the title of widget can describe the graph and a label may not be necessary to be shown.",
"title": "Label of a graph"
},
"point_definition": {
"$ref": "PointDefinition",
"description": "Defines the points of a graph.",
"required": true,
"title": "Definition for points of a graph"
},
"render_configuration": {
"description": "Additional rendering or conditional evaluation of the field values to be performed, if any.",
"items": {
"$ref": "RenderConfiguration"
},
"minItems": 0,
"title": "Render Configuration",
"type": "array"
},
"row_list_field": {
"description": "An expression that represents the series of the graph",
"required": false,
"title": "Expression for series of the graph",
"type": "string"
}
},
"title": "Definition of a graph",
"type": "object"
}
GreTunnel (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Tunnel"
},
"id": "GreTunnel",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "GreTunnel"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_address": {
"$ref": "IPv4Address",
"description": "Destination IP address of P2P GRE Tunnel. The IP address that the NSX Edge will connect to.",
"required": true,
"title": "Destination IPv4 address"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable/Disable Tunnel",
"required": false,
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"default": 1476,
"description": "Maximum transmission unit(MTU) in bytes specifies the size of the largest packet that a tunnel can transmit.",
"minimum": 64,
"required": false,
"title": "Maximum transmission unit",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Indicates Resource type of tunnel, GreTunnel - Resource type as GreTunnel will be used to configure P2P GRE Tunnel.",
"enum": [
"GreTunnel"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tunnel_address": {
"description": "Specify list of IP address per every edge node for tunnel interface. Supports both IPv4 and IPv6 address.",
"items": {
"$ref": "TunnelAddress"
},
"maxItems": 8,
"minItems": 1,
"required": true,
"title": "Tunnel Address object parameter",
"type": "array"
},
"tunnel_keepalive": {
"$ref": "TunnelKeepAlive",
"description": "GRE Tunnel's keepalive configuration",
"required": false,
"title": "tunnel keep alive object"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "GRE Tunnel",
"type": "object"
}
GreTunnelAggregateTrafficStatistics (type)
{
"description": "Provides the aggregated traffic statistics of a GRE tunnel across all edge transport nodes. It includes the following information: - GRE tunnel destination address. - Logical tunnel port ID. - Aggregated incoming packet counters on the tunnel across all transport nodes. It includes the total number of packets received, dropped, and the number of errors and failures causing the drops. The counters are from the time the tunnel was created. The tunnel statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node. - Aggregated outcoming packet counters on the tunnel across all transport nodes. It includes the total number of packets sent, dropped, and the number of errors and failures causing the drops. The counters are from the time the tunnel was created. The tunnel statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node.",
"extends": {
"$ref": "AggregateTunnelTrafficStatistics"
},
"id": "GreTunnelAggregateTrafficStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"destination": {
"$ref": "IPAddress",
"description": "Tunnel destination address",
"readonly": true,
"title": "Tunnel destination address"
},
"resource_type": {
"description": "GreTunnelAggregateTrafficStatistics - Resource type as GreTunnelAggregateTrafficStatistics will be used to populate P2P GRE Aggregate Tunnel traffic statistics",
"enum": [
"GreTunnelAggregateTrafficStatistics"
],
"required": true,
"title": "Indicates Resource type of tunnel",
"type": "string"
},
"traffic_summary": {
"$ref": "LogicalRouterPortStatisticsSummary",
"description": "Provides the aggregated traffic statistics of a GRE tunnel across all edge nodes. It includes GRE tunnel destination address, logical router port ID, incoming and outgoing packet counters for the tunnel port. The counts are from the time the logical router port was created. The packet counters will be reset on edge reboot or edge dataplane restart.",
"title": "GRE tunnel aggregate statistics"
},
"tunnel_policy_path": {
"description": "Policy path for the tunnel interface",
"title": "Policy path for the tunnel interface",
"type": "string"
}
},
"title": "Aggregate of GRE tunnel statistics",
"type": "object"
}
GreTunnelEndpointStatusPerEdgeNode (type)
{
"id": "GreTunnelEndpointStatusPerEdgeNode",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_path": {
"description": "Edge node policy path",
"readonly": true,
"title": "edge path",
"type": "string"
},
"keepalive_ack": {
"description": "The keepalive_ack indicates Tunnel keepalive ACK is administratively enabled or disabled",
"enum": [
"KEEPALIVE_ACK_ENABLE",
"KEEPALIVE_ACK_DISABLE"
],
"readonly": true,
"title": "keep alive acknowledge",
"type": "string"
},
"keepalive_ack_sent_count": {
"description": "Total number of keepalive ack packets sent",
"readonly": true,
"title": "keep alive ack sent count",
"type": "integer"
},
"keepalive_admin_state": {
"description": "Tunnel Keepalive Admin State",
"enum": [
"ENABLED",
"DISABLED"
],
"readonly": true,
"title": "Tunnel Keepalive Admin State",
"type": "string"
},
"keepalive_dead_multiplier": {
"description": "Tunnel keepalive dead multiplier",
"readonly": true,
"title": "tunnel keep alive dead multiplier",
"type": "integer"
},
"keepalive_interval": {
"description": "Tunnel keepalive interval in seconds",
"readonly": true,
"title": "tunnel keep alive interval",
"type": "integer"
},
"keepalive_last_ack_time": {
"description": "Timestamp when the last keepalive ack sent",
"readonly": true,
"title": "keep alive last ack time",
"type": "integer"
},
"keepalive_last_rx_time": {
"description": "Timestamp when the last keepalive received",
"readonly": true,
"title": "keep alive last rx timestamp",
"type": "integer"
},
"keepalive_last_tx_time": {
"description": "Timestamp when the last keepalive sent",
"readonly": true,
"title": "keep alive last tx timestamp",
"type": "integer"
},
"keepalive_rx_count": {
"description": "Total number of keepalive packets received",
"readonly": true,
"title": "keep alive rx count",
"type": "integer"
},
"keepalive_status": {
"description": "The keepalive_status indicates Tunnel keepalive is administratively enabled or disabled",
"enum": [
"KEEPALIVE_STATUS_ENABLE",
"KEEPALIVE_STATUS_DISABLE"
],
"readonly": true,
"title": "keep alive status",
"type": "string"
},
"keepalive_tx_count": {
"description": "Total number of keepalive packets sent",
"readonly": true,
"title": "keep alive tx count",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated",
"readonly": true,
"title": "Epoch timestamp"
},
"runtime_status": {
"description": "Tunnel run time status",
"enum": [
"UP",
"DOWN"
],
"readonly": true,
"title": "runtime status",
"type": "string"
},
"source": {
"$ref": "IPAddress",
"description": "Tunnel source address",
"readonly": true,
"title": "source"
},
"tunnel_down_count": {
"description": "Count of Tunnel run time status as \"DOWN\"",
"readonly": true,
"title": "tunnel down time count",
"type": "integer"
},
"tunnel_last_down_time": {
"description": "Timestamp when the tunnel status was last updated as \"DOWN\"",
"readonly": true,
"title": "tunnel last down time count",
"type": "integer"
},
"tunnel_last_up_time": {
"description": "Timestamp when the tunnel status was last updated as \"UP\"",
"readonly": true,
"title": "tunnel last up time count",
"type": "integer"
},
"tunnel_port_id": {
"description": "ID of the tunnel router port",
"readonly": true,
"title": "tunnel port id",
"type": "string"
},
"tunnel_up_count": {
"description": "Count of Tunnel run time status as \"UP\"",
"readonly": true,
"title": "tunnel up time count",
"type": "integer"
}
},
"type": "object"
}
GreTunnelStatus (type)
{
"extends": {
"$ref": "TunnelStatus"
},
"id": "GreTunnelStatus",
"module_id": "PolicyConnectivityStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "GreTunnelStatus"
},
"properties": {
"destination": {
"$ref": "IPAddress",
"description": "Tunnel destination address",
"readonly": true,
"title": "Tunnel destination address"
},
"endpoint_status_per_edge_node": {
"items": {
"$ref": "GreTunnelEndpointStatusPerEdgeNode"
},
"maxItems": 8,
"minItems": 1,
"readonly": true,
"type": "array"
},
"resource_type": {
"description": "Indicates Resource type of TunnelStatus, GreTunnelStatus - Resource type as GreTunnelStatus will be used to populate P2P GRE Tunnel status",
"enum": [
"GreTunnelStatus"
],
"required": true,
"title": "resource type",
"type": "string"
}
},
"type": "object"
}
GreTunnelTrafficStatistics (type)
{
"description": "Provides traffic statistics for a P2P GRE tunnel for all the edge transport nodes. It includes the following information: - Destination IP address of the tunnel. - Port ID and source address of the tunnel. - The subcluster ID of the logical tunnel port. - Transport node ID. - Incoming packet counters on the tunnel across all edge transport nodes. It includes the total number of packets received, dropped, and the number of errors and failures causing the drops. The counters are from the time the tunnel was created. The tunnel statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node. - Outgoing packet counters on the tunnel across all edge transport nodes. It includes the total number of packets sent, dropped, and the number of errors and failures causing the drops. The counters are from the time the tunnel was created. The tunnel statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node.",
"extends": {
"$ref": "TunnelTrafficStatistics"
},
"id": "GreTunnelTrafficStatistics",
"module_id": "PolicyConnectivityStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "GreTunnelTrafficStatistics"
},
"properties": {
"destination": {
"$ref": "IPAddress",
"description": "GreTunnelTrafficStatistics - Resource type as GreTunnelTrafficStatistics will be used to populate P2P GRE Tunnel traffic statistics",
"readonly": true,
"title": "Indicates Resource type of tunnel"
},
"per_edge_node_statistics": {
"description": "Provides the incoming and outgoing packet counters of a P2P GRE tunnel for all transport nodes. The counts are from the time the tunnel port was created. Also includes details like tunnel port ID, source address, transport node ID and sub-cluster ID.",
"items": {
"$ref": "TunnelPortStatisticsPerNode"
},
"maxItems": 8,
"minItems": 1,
"readonly": true,
"title": "Per edge node statistics",
"type": "array"
},
"resource_type": {
"description": "GreTunnelTrafficStatistics - Resource type as GreTunnelTrafficStatistics will be used to populate P2P GRE Tunnel traffic statistics",
"enum": [
"GreTunnelTrafficStatistics"
],
"required": true,
"title": "Indicates Resource type of tunnel",
"type": "string"
}
},
"title": "GRE tunnel statistics",
"type": "object"
}
GridConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a Grid or Table widget.",
"extends": {
"$ref": "WidgetConfiguration"
},
"id": "GridConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "GridConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"columns": {
"description": "Array of columns of a Grid widget",
"items": {
"$ref": "ColumnItem"
},
"required": true,
"title": "Columns",
"type": "array"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource"
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue"
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet",
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon"
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend",
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"page_size": {
"default": 30,
"description": "Number of records per page. page_size will be effective only when the urls provided in the datasource support paging.",
"title": "Page Size",
"type": "int"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration"
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"row_list_fields": {
"description": "Rows of grid or table are formed from the list of objects returned by a row list field.",
"items": {
"$ref": "RowListField"
},
"minItems": 1,
"required": true,
"title": "List of fields from which rows are formed",
"type": "array"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Grid Configuration",
"type": "object"
}
Group (type)
{
"additionalProperties": false,
"description": "Group.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "Group",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildDnsSecurityProfileBindingMap",
"ChildGroupDiscoveryProfileBindingMap",
"ChildGroupMonitoringProfileBindingMap",
"ChildPolicyFirewallFloodProtectionProfileBindingMap",
"ChildPolicyFirewallSessionTimerProfileBindingMap"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"expression": {
"description": "The expression list must follow below criteria: 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all non-conjunction expressions must be at even indices, separated by a conjunction expression at odd indices. 2. The total of ConditionExpression and NestedExpression in a list should not exceed 5. 3. The total of IPAddressExpression, MACAddressExpression, external IDs in an ExternalIDExpression and paths in a PathExpression must not exceed the defined Config Max limit for the form-factor of Manager nodes. 4. Each expression must be a valid Expression. See the definition of the Expression type for more information.",
"items": {
"$ref": "Expression"
},
"required": false,
"title": "Expression",
"type": "array"
},
"extended_expression": {
"description": "Extended Expression allows additional higher level context to be specified for grouping criteria. (e.g. user AD group) This field allow users to specified user context as the source of a firewall rule for IDFW feature. Current version only support a single IdentityGroupExpression. In the future, this might expand to support other conjunction and non-conjunction expression. The extended expression list must follow below criteria: 1. Contains a single IdentityGroupExpression. No conjunction expression is supported. 2. No other non-conjunction expression is supported, except for IdentityGroupExpression. 3. Each expression must be a valid Expression. See the definition of the Expression type for more information. 4. Extended expression are implicitly AND with expression. 5. No nesting can be supported if this value is used. 6. If a Group is using extended expression, this group must be the only member in the source field of an communication map.",
"items": {
"$ref": "Expression"
},
"maxItems": 1,
"required": false,
"title": "Extended Expression",
"type": "array"
},
"group_type": {
"description": "Group type can be specified during create and update of a group. Empty group type indicates a 'generic' group, ie group can include any entity from the valid GroupMemberType.",
"items": {
"$ref": "GroupTypes"
},
"maxItems": 1,
"required": false,
"title": "Indicates the group type.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"reference": {
"default": false,
"description": "If true, indicates that this is a remote reference group. Such group will have span different from the its parent domain. Default value is false.",
"readonly": true,
"title": "Indicates if the group is a reference.",
"type": "boolean"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"state": {
"enum": [
"IN_PROGRESS",
"SUCCESS",
"FAILURE"
],
"readonly": true,
"title": "Realization state of this group",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Group",
"type": "object"
}
GroupDeleteRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "DeleteRequestParameters"
},
"id": "GroupDeleteRequestParameters",
"module_id": "Policy",
"properties": {
"fail_if_subtree_exists": {
"default": false,
"description": "Check if the group sub-tree has any entities. These primarily include the binding maps that point to various profiles. If this flag is passed as true, the group delete fails if any binding maps exist in the group sub-tree. By default, this flag is false, which means that the group is deleted along with the group sub-tree.",
"title": "Do not delete if the group subtree has any entities",
"type": "boolean"
},
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Group delete request parameters",
"type": "object"
}
GroupDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between discovery profile and Group. With this entity, user can specify intent for applying discovery profile profile to particular Group.",
"extends": {
"$ref": "ProfileBindingMap"
},
"id": "GroupDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000.",
"maximum": 100000,
"minimum": 1,
"requried": true,
"title": "Sequence number group discovery profile Binding Map",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Map for binding group with discovery profile",
"type": "object"
}
GroupDiscoveryProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "GroupDiscoveryProfileBindingMapListRequestParameters",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group Discovery Profile Binding Map List Request Parameters",
"type": "object"
}
GroupDiscoveryProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "GroupDiscoveryProfileBindingMapListResult",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupDiscoveryProfileBindingMap"
},
"requried": true,
"title": "Group Discovery Profile Binding Map List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Group Discovery Profile Binding Map",
"type": "object"
}
GroupInfo (type)
{
"description": "GroupInfo contains information about a particular Group used in Redirection Rules. It also contains information about policy path, if the group is created from Policy.",
"id": "GroupInfo",
"module_id": "PolicyServiceInsertion",
"properties": {
"group": {
"$ref": "ResourceReference",
"description": "Group Data.",
"readonly": true,
"required": false,
"title": "Group"
},
"group_policy_path": {
"description": "Policy path of a particular Group.",
"readonly": true,
"required": false,
"title": "Policy path of Group",
"type": "string"
}
},
"title": "GroupInfo",
"type": "object"
}
GroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "GroupListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"member_types": {
"description": "Optionally, specify valid member types as request parameter to filter NSGroups.",
"required": false,
"title": "Comma Separated Member types",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group list request parameters",
"type": "object"
}
GroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "GroupListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Group"
},
"required": true,
"title": "Group list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Groups",
"type": "object"
}
GroupMemberActionParameters (type)
{
"additionalProperties": false,
"description": "Request Parameter to either add or remove the Group members.",
"id": "GroupMemberActionParameters",
"module_id": "Policy",
"properties": {
"action": {
"description": "Action parameter determines whether to add or remove the group members.",
"enum": [
"add",
"remove"
],
"required": true,
"title": "Add or Remove group members.",
"type": "string"
}
},
"title": "Request Parameters for Group members",
"type": "object"
}
GroupMemberList (type)
{
"additionalProperties": false,
"description": "List of same type members to either add or remove from a group.",
"id": "GroupMemberList",
"module_id": "Policy",
"properties": {
"members": {
"description": "This array contains group members of similar types.",
"items": {
"type": "string"
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Groups members collection",
"type": "array"
}
},
"title": "Members to add or remove for a Group.",
"type": "object"
}
GroupMemberTagsList (type)
{
"additionalProperties": false,
"description": "Collection of tags used in a policy group for a particular member type",
"id": "GroupMemberTagsList",
"module_id": "PolicyGroupRealization",
"properties": {
"member_type": {
"required": true,
"title": "Member type for which we will list the tags",
"type": "string"
},
"tags": {
"items": {
"type": "string"
},
"required": true,
"title": "List of tags for the member type",
"type": "array"
}
},
"title": "Group tags list for a particular member type",
"type": "object"
}
GroupMemberType (type)
{
"enum": [
"VirtualMachine",
"VirtualNetworkInterface",
"SegmentPort",
"Segment",
"CloudNativeServiceInstance",
"IPAddress",
"MACAddress",
"IPSet",
"IdentityGroup",
"PhysicalServer",
"Pod",
"Service",
"Namespace",
"Cluster",
"TransportNode",
"Group",
"DVPG",
"DVPort",
"KubernetesCluster",
"KubernetesNamespace",
"AntreaEgress",
"AntreaIPPool",
"KubernetesIngress",
"KubernetesGateway",
"KubernetesService",
"KubernetesNode",
"VpcSubnet",
"VpcSubnetPort",
"BareMetalServer",
"BareMetalServerInterface"
],
"id": "GroupMemberType",
"module_id": "Policy",
"title": "Valid Group member type",
"type": "string"
}
GroupMemberTypeListResult (type)
{
"additionalProperties": false,
"id": "GroupMemberTypeListResult",
"module_id": "Policy",
"properties": {
"result_count": {
"readonly": true,
"required": true,
"title": "Count of the member types in the results array",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupMemberType"
},
"required": true,
"title": "Collection of member types for the given Group",
"type": "array"
}
},
"type": "object"
}
GroupMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between monitoring profile and Group. Using this entity, you can specify intent for applying monitoring profile to particular Group. Group with membership criteria vm only supported as source group. Port mirroring is only supported on group with five vms. For the IPFIX profile, Segment, Segment Port, VM, VIF, DVPORT, DVPG member types are supported in the group.",
"extends": {
"$ref": "MonitoringProfileBindingMap"
},
"id": "GroupMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_profile_path": {
"description": "PolicyPath of associated IPFIX DFW Profile",
"required": false,
"title": "IPFIX DFW Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_DFW_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"IPFIXDFWProfile"
]
}
]
},
"ipfix_l2_profile_path": {
"description": "PolicyPath of associated IPFIX L2 Profile",
"required": false,
"title": "IPFIX L2 Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_L2_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"IPFIXL2Profile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_profile_path": {
"description": "PolicyPath of associated Port Mirroring Profile",
"required": false,
"title": "Port Mirroring Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "PORT_MIRRORING_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"PortMirroringProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Group Monitoring Profile binding map",
"type": "object"
}
GroupMonitoringProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "GroupMonitoringProfileBindingMapListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group Monitoring Profile Binding Map list request parameters",
"type": "object"
}
GroupMonitoringProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "GroupMonitoringProfileBindingMapListResult",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupMonitoringProfileBindingMap"
},
"required": true,
"title": "Group Monitoring Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Group Monitoring Profile Binding Maps",
"type": "object"
}
GroupScopeExpression (type)
{
"additionalProperties": false,
"description": "Represents scope of the workloads that needs to be added to the Group.",
"extends": {
"$ref": "Expression"
},
"id": "GroupScopeExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "GroupScopeExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression",
"GeoLocationExpression"
],
"required": true,
"type": "string"
},
"scope_path": {
"required": true,
"title": "Path of the scope",
"type": "string"
},
"scope_type": {
"enum": [
"PROJECT",
"VPC"
],
"required": true,
"title": "Scope type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Scope association expression node",
"type": "object"
}
GroupStatusListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "GroupStatusListRequestParameters",
"module_id": "Upgrade",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"has_errors": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only upgrade units with errors",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
GroupTagsList (type)
{
"additionalProperties": false,
"description": "Collection of tags used in a policy group listed per member type",
"id": "GroupTagsList",
"module_id": "PolicyGroupRealization",
"properties": {
"results": {
"items": {
"$ref": "GroupMemberTagsList"
},
"required": true,
"title": "Collection of tags used in a policy group listed per member type",
"type": "array"
}
},
"title": "Group tags list listed per member type",
"type": "object"
}
GroupTypes (type)
{
"description": "ANTREA group type includes IPAddress, Pod, NameSpace and Service group member types.",
"enum": [
"IPAddress",
"ANTREA",
"BareMetalServer"
],
"id": "GroupTypes",
"module_id": "Policy",
"title": "Valid Group Types.",
"type": "string"
}
GroupedMigrationFeedbackRequest (type)
{
"additionalProperties": false,
"description": "Detailed feedback requests from the migration tool where user input is required.",
"id": "GroupedMigrationFeedbackRequest",
"module_id": "Migration",
"properties": {
"accepted_actions": {
"description": "List of acceptable actions for this feedback request.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Acceptable actions for this feedback request",
"type": "array"
},
"accepted_value_type": {
"description": "Data type of the items listed in acceptable values list.",
"readonly": true,
"required": true,
"title": "Data type of the items listed in acceptable values",
"type": "string"
},
"accepted_values": {
"description": "List of acceptable values for this feedback request.",
"items": {
"type": "string"
},
"required": false,
"title": "Acceptable values for this feedback request",
"type": "array"
},
"hash": {
"description": "Identify a feedback request type across objects. This can be used to group together objects with similar feedback request and resolve them in one go.",
"readonly": true,
"required": false,
"title": "Identifier for a feedback request type",
"type": "string"
},
"message": {
"description": "Detailed feedback request with options.",
"readonly": true,
"required": true,
"title": "Content of feedback request",
"type": "string"
},
"multi_value": {
"description": "Indicates if multiple values can be selected as response from the list of acceptable value.",
"readonly": true,
"required": true,
"title": "Indicates if multiple values can be selected as response",
"type": "boolean"
},
"objects": {
"items": {
"$ref": "SummaryMigrationFeedbackRequest"
},
"readonly": false,
"required": true,
"title": "Collection of feedback requests of a given type",
"type": "array"
},
"resolved": {
"description": "Indicates if a valid response already exist for all feedback requests in this group.",
"readonly": true,
"required": false,
"title": "Indicates if all feedback requests in this group are resolved",
"type": "boolean"
},
"sub_vertical": {
"description": "Functional sub-area that this query falls into.",
"readonly": true,
"required": true,
"title": "Functional sub-area for the feedback query",
"type": "string"
},
"suggested_action": {
"description": "The suggested action to resolve this feedback request.",
"readonly": true,
"required": true,
"title": "Suggested action for this feedback request",
"type": "string"
},
"suggested_value": {
"description": "The suggested value to resolve this feedback request.",
"readonly": true,
"required": true,
"title": "Suggested value for this feedback request",
"type": "string"
},
"vertical": {
"description": "Functional area that this query falls into.",
"readonly": true,
"required": true,
"title": "Functional area for the feedback query",
"type": "string"
}
},
"title": "Grouped Feedback detail required for Migration",
"type": "object"
}
GroupedMigrationFeedbackRequestListResult (type)
{
"additionalProperties": false,
"description": "Groups of detailed feedback requests from the migration tool where user input is required.",
"extends": {
"$ref": "ListResult"
},
"id": "GroupedMigrationFeedbackRequestListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupedMigrationFeedbackRequest"
},
"readonly": false,
"required": true,
"title": "Paged Collection of groups of feedback requests",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "groups of feedback required for Migration",
"type": "object"
}
GuestInfo (type)
{
"additionalProperties": false,
"description": "Guest virtual machine details include OS name and computer name of guest VM.",
"id": "GuestInfo",
"module_id": "Inventory",
"properties": {
"computer_name": {
"description": "Computer name of guest virtual machine, which is set inside guest OS. Currently this is supported for guests on ESXi that have VMware Tools installed.",
"readonly": true,
"required": false,
"title": "Computer name",
"type": "string"
},
"os_name": {
"description": "OS name of guest virtual machine. Currently this is supported for guests on ESXi that have VMware Tools installed.",
"readonly": true,
"required": false,
"title": "OS name",
"type": "string"
}
},
"title": "Guest virtual machine details",
"type": "object"
}
HaInfo (type)
{
"id": "HaInfo",
"properties": {
"failover_mode": {
"description": "Logical router failover mode",
"enum": [
"PREEMPTIVE",
"NON-PREEMPTIVE"
],
"readonly": true,
"title": "Logical router failover mode",
"type": "string"
},
"ha_mode": {
"description": "Logical router HA mode",
"enum": [
"ACTIVE-STANDBY",
"ACTIVE-ACTIVE"
],
"readonly": true,
"title": "Logical router HA mode",
"type": "string"
},
"ha_state": {
"description": "Logical router HA state DOWN - Logical router is not in good health SYNC - Logical router is synchronizing data from peer logical router STANDBY - Logical router is available to go Active ACTIVE - Logical router is forwarding traffic",
"enum": [
"DOWN",
"SYNC",
"STANDBY",
"ACTIVE"
],
"readonly": true,
"title": "Logical router HA state",
"type": "string"
},
"rank": {
"description": "Rank of logical router",
"readonly": true,
"title": "Rank of logical router",
"type": "integer"
},
"state-history": {
"$ref": "LogicalRouterHaHistory",
"description": "Logical router high-availability history",
"readonly": true,
"title": "Logical router high-availability history"
}
},
"type": "object"
}
HaVipConfig (type)
{
"additionalProperties": false,
"id": "HaVipConfig",
"module_id": "LogicalRouter",
"properties": {
"enabled": {
"default": true,
"required": false,
"title": "Flag to enable this ha vip config.",
"type": "boolean"
},
"ha_vip_subnets": {
"description": "Array of IP address subnets which will be used as floating IP addresses. | Note - this configuration is applicable only for Active-Standby LogicalRouter. | For Active-Active LogicalRouter this configuration will be rejected.",
"items": {
"$ref": "VIPSubnet"
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "Floating IP address subnets",
"type": "array"
},
"redundant_uplink_port_ids": {
"description": "Identifiers of logical router uplink ports which are to be paired to provide | redundancy. Floating IP will be owned by one of these uplink ports (depending upon | which node is Active).",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 2,
"required": true,
"title": "Identifiers of uplink ports for providing redundancy",
"type": "array"
}
},
"type": "object"
}
Header (type)
{
"additionalProperties": false,
"description": "Header of a widget that provides additional information. This will be shown at the container level. It includes details as label value pairs.",
"id": "Header",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the header will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"content_alignment": {
"default": "RIGHT",
"description": "Alignment of header labels.",
"enum": [
"LEFT",
"RIGHT"
],
"title": "alignment for labelvalue pair",
"type": "string"
},
"sub_header_widgets": {
"description": "An array of widgets which will appear inside the container header Instead of 'sub_headers' property use this property.",
"items": {
"$ref": "WidgetItem"
},
"minItems": 0,
"title": "An array of widgets inside the container header",
"type": "array"
},
"sub_headers": {
"deprecated": true,
"description": "An array of label-value properties. This field is deprecated instead used 'sub_header_widgets' property to define header widgets.",
"items": {
"$ref": "PropertyItem"
},
"minItems": 0,
"title": "Rows",
"type": "array"
}
},
"title": "Widget Header",
"type": "object"
}
HealthCheckResult (type)
{
"description": "Result of health check.",
"id": "HealthCheckResult",
"module_id": "HealthCheck",
"properties": {
"results_per_transport_node": {
"description": "List of health check results on specific transport node.",
"items": {
"$ref": "HealthCheckResultPerTransportNode"
},
"readonly": true,
"required": false,
"title": "Health Check Results Per Transport Node",
"type": "array"
},
"updated_time": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp of check result updated.",
"readonly": true
},
"vlan_mtu_status": {
"$ref": "VlanMtuHealthCheckResultStatus",
"description": "Overall status of VLAN-MTU health check result.",
"readonly": true
}
},
"title": "Health Check Result",
"type": "object"
}
HealthCheckResultOnHostSwitch (type)
{
"description": "Health check result on specific host switch of specific transport node.",
"id": "HealthCheckResultOnHostSwitch",
"module_id": "HealthCheck",
"properties": {
"host_switch_name": {
"description": "Name of the host switch.",
"readonly": true,
"title": "Host Switch Name",
"type": "string"
},
"results_per_uplink": {
"description": "List of health check results per uplink on current host switch of specific transport node.",
"items": {
"$ref": "HealthCheckResultPerUplink"
},
"readonly": true,
"required": false,
"title": "Health Check Results Per uplink",
"type": "array"
},
"updated_time": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp of check result updated.",
"readonly": true
},
"vlan_mtu_status": {
"$ref": "VlanMtuHealthCheckResultStatus",
"description": "Status of VLAN-MTU health check result on host switch.",
"readonly": true
}
},
"title": "Health Check Result On Host Switch",
"type": "object"
}
HealthCheckResultPerTransportNode (type)
{
"description": "Health check result on specific transport node",
"id": "HealthCheckResultPerTransportNode",
"module_id": "HealthCheck",
"properties": {
"result_on_host_switch": {
"$ref": "HealthCheckResultOnHostSwitch",
"readonly": true
},
"transport_node_id": {
"description": "ID of the Transport Node.",
"readonly": true,
"title": "Transport Node ID",
"type": "string"
}
},
"title": "Health Check Result Per Transport Node",
"type": "object"
}
HealthCheckResultPerUplink (type)
{
"description": "Health check result for specific uplink.",
"id": "HealthCheckResultPerUplink",
"module_id": "HealthCheck",
"properties": {
"mtu_disallowed": {
"description": "List of VLAN ID ranges which are allowed by VLAN settings but may be disallowed by MTU settings.",
"items": {
"$ref": "HealthCheckVlanRange"
},
"readonly": true,
"required": false,
"title": "MTU Disallowed",
"type": "array"
},
"uplink_name": {
"description": "Name of the uplink.",
"readonly": true,
"title": "Uplink Name",
"type": "string"
},
"vlan_and_mtu_allowed": {
"description": "List of VLAN ID ranges which are allowed by VLAN and MTU settings.",
"items": {
"$ref": "HealthCheckVlanRange"
},
"readonly": true,
"required": false,
"title": "VLAN and MTU Allowed",
"type": "array"
},
"vlan_disallowed": {
"description": "List of VLAN ID ranges which may be disallowed by VLAN settings.",
"items": {
"$ref": "HealthCheckVlanRange"
},
"readonly": true,
"required": false,
"title": "VLAN Disallowed",
"type": "array"
}
},
"title": "Health Check Result Per Uplink",
"type": "object"
}
HealthCheckSpecVlans (type)
{
"description": "HealthCheckSpecVlan is used for specifying VLAN ID ranges for healthcheck.",
"id": "HealthCheckSpecVlans",
"module_id": "HealthCheck",
"properties": {
"vlan_ranges": {
"items": {
"$ref": "HealthCheckVlanRange"
},
"minItems": 1,
"required": true,
"title": "VLAN ID ranges",
"type": "array"
}
},
"title": "VLAN Range Specification",
"type": "object"
}
HealthCheckTransportZoneRequest (type)
{
"additionalProperties": false,
"description": "Health check requested by a specific transport zone.",
"id": "HealthCheckTransportZoneRequest",
"module_id": "PolicyHealthCheck",
"properties": {
"transport_zone_path": {
"description": "Policy path of the transport zone where this automatic health check is performed.",
"required": false,
"title": "Policy path of the transport zone.",
"type": "string"
}
},
"title": "Health check request per transport zone",
"type": "object"
}
HealthCheckVlanRange (type)
{
"id": "HealthCheckVlanRange",
"module_id": "HealthCheck",
"properties": {
"end": {
"$ref": "VlanID",
"required": true
},
"start": {
"$ref": "VlanID",
"required": true
}
},
"title": "VLAN ID range",
"type": "object"
}
HeatMapTransportNodesAggregateStatus (type)
{
"additionalProperties": false,
"id": "HeatMapTransportNodesAggregateStatus",
"module_id": "Heatmap",
"properties": {
"degraded_count": {
"description": "Number of transport zones that are degraded.",
"title": "Degraded count",
"type": "int"
},
"down_count": {
"description": "Number of transport zones that are down.",
"title": "Down count",
"type": "int"
},
"unknown_count": {
"description": "Number of transport zones with unknown status.",
"title": "Unknown count",
"type": "int"
},
"unused_count": {
"description": "Number of transport zones with unused status.",
"title": "Unused count",
"type": "int"
},
"up_count": {
"description": "Number of transport zones that are up.",
"title": "Up count",
"type": "int"
}
},
"type": "object"
}
HeatMapTransportZoneStatus (type)
{
"additionalProperties": false,
"id": "HeatMapTransportZoneStatus",
"module_id": "Heatmap",
"properties": {
"degraded_count": {
"title": "Number of transport nodes that are degraded",
"type": "int"
},
"down_count": {
"title": "Number of transport nodes that are down",
"type": "int"
},
"unknown_count": {
"title": "Number of transport nodes with unknown status",
"type": "int"
},
"up_count": {
"title": "Number of transport nodes that are up",
"type": "int"
}
},
"type": "object"
}
HighPerformanceConfig (type)
{
"abstract": true,
"id": "HighPerformanceConfig",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "high_performance_config_type"
},
"properties": {
"high_performance_config_params": {
"items": {
"$ref": "HighPerformanceConfigParams"
},
"title": "List of parameters that could be used to configure high performance.",
"type": "array"
},
"high_performance_config_type": {
"enum": [
"ADV_CONFIG",
"DRIVER_CONFIG",
"MISC_CONFIG"
],
"required": true,
"title": "The specific type of config.",
"type": "string"
},
"version": {
"items": {
"type": "string"
},
"required": false,
"title": "Based on the high_performance_config_type, it could\nbe either driver version or host version. For\nhigh_performance_config_type as ADV_CONFIG or MISC_CONFIG,\nthis represents host version. For high_performance_config_type\nas DRIVER_CONFIG, this represents physical NIC driver version.\n",
"type": "array"
}
},
"title": "Configuration supported to configure high performance.",
"type": "object"
}
HighPerformanceConfigParams (type)
{
"id": "HighPerformanceConfigParams",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"properties": {
"key": {
"required": true,
"title": "Key used to configure high performance.",
"type": "string"
},
"value": {
"required": true,
"title": "Value corresponding to the key.",
"type": "string"
}
},
"title": "Configuration parameters required to configure high performance.",
"type": "object"
}
HostInfraTrafficType (type) (Deprecated)
{
"deprecated": true,
"description": "The traffic_name specifies the infrastructure traffic type and it must be one of the following system-defined types: FAULT_TOLERANCE is traffic for failover and recovery. HBR is traffic for Host based replication. ISCSI is traffic for Internet Small Computer System Interface. MANAGEMENT is traffic for host management. NFS is traffic related to file transfer in network file system. VDP is traffic for vSphere data protection. VIRTUAL_MACHINE is traffic generated by virtual machines. VMOTION is traffic for computing resource migration. VSAN is traffic generated by virtual storage area network. The dynamic_res_pool_name provides a name for the resource pool. It can be any arbitrary string. Either traffic_name or dynamic_res_pool_name must be set. If both are specified or omitted, an error will be returned.",
"id": "HostInfraTrafficType",
"module_id": "NiocProfile",
"nsx_feature": "Nioc",
"properties": {
"dynamic_res_pool_name": {
"required": false,
"title": "Dynamic resource pool traffic name",
"type": "string"
},
"traffic_name": {
"enum": [
"FAULT_TOLERANCE",
"HBR",
"ISCSI",
"MANAGEMENT",
"NFS",
"VDP",
"VIRTUAL_MACHINE",
"VMOTION",
"VSAN"
],
"required": false,
"title": "Traffic types",
"type": "string"
}
},
"title": "Enumerate all types of traffic",
"type": "object"
}
HostKeyAlgorithms (type)
{
"enum": [
"ecdsa-sha2-nistp256",
"ecdsa-sha2-nistp384",
"ecdsa-sha2-nistp521",
"ssh-dss",
"ssh-ed25519",
"ssh-rsa"
],
"id": "HostKeyAlgorithms",
"title": "SSH key type",
"type": "string"
}
HostMovementSpec (type)
{
"id": "HostMovementSpec",
"module_id": "SubCluster",
"properties": {
"destination": {
"description": "This is the policy path of destination sub-cluster to which hosts will be moved to. If this value is null, then we assume the host is moved into the cluster.",
"title": "Destination sub-cluster of hosts",
"type": "string"
},
"discovered_node_ids": {
"description": "Discovered node IDs to be moved.",
"items": {
"type": "string"
},
"required": true,
"title": "Discovered node IDs",
"type": "array"
},
"source": {
"description": "This is the policy path of source sub-cluster from which hosts are moved out",
"required": true,
"title": "Source sub-cluster of hosts",
"type": "string"
}
},
"title": "Fields required for host movement across sub-clusters",
"type": "object"
}
HostNode (type)
{
"additionalProperties": false,
"description": "Host node",
"extends": {
"$ref": "Node"
},
"id": "HostNode",
"module_id": "FabricNode",
"polymorphic-type-descriptor": {
"type-identifier": "HostNode"
},
"properties": {
"compute_collection_id": {
"description": "Id of the compute collection to which discovered node belongs.",
"readonly": true,
"required": false,
"title": "Compute collection id",
"type": "string"
},
"description": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'description' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_ip_addresses": {
"items": {
"$ref": "IPAddress"
},
"readonly": true,
"required": false,
"title": "Discovered IP Addresses of the fabric node, version 4 or 6",
"type": "array"
},
"discovered_node_id": {
"description": "Id of discovered node which was converted to create this node",
"readonly": true,
"required": false,
"title": "Discovered node id",
"type": "string"
},
"display_name": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'display_name' must be used instead. For HostNode, this field defaults to ID if not set. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpu": {
"description": "Specify list of DPU information.",
"items": {
"$ref": "DpuInfo"
},
"readonly": true,
"required": false,
"title": "List of DPU information",
"type": "array"
},
"external_id": {
"required": false,
"title": "ID of the Node maintained on the Node and used to recognize the Node",
"type": "string"
},
"fqdn": {
"readonly": true,
"required": false,
"title": "Fully qualified domain name of the fabric node",
"type": "string"
},
"host_credential": {
"$ref": "HostNodeLoginCredential",
"description": "Login credentials for the host. It is mandatory to provide credentials while adding host to MP to create transport node.",
"required": false,
"title": "Host login credentials"
},
"id": {
"can_sort": true,
"description": "Unique identifier of this resource.",
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.",
"items": {
"$ref": "IPAddress"
},
"required": false,
"title": "IP Addresses of the Node, version 4 or 6",
"type": "array"
},
"maintenance_mode_state": {
"description": "Indicates host node's maintenance mode state. The state is ENTERING when a task to put the host in maintenance-mode is in progress.",
"enum": [
"OFF",
"ENTERING",
"ON"
],
"readonly": true,
"required": false,
"title": "Maintenance mode state",
"type": "string"
},
"managed_by_server": {
"description": "The id of the vCenter server managing the ESXi type HostNode",
"readonly": true,
"required": false,
"title": "Id of vCenter server managing the HostNode",
"type": "string"
},
"os_type": {
"description": "Hypervisor type, for example ESXi",
"enum": [
"ESXI",
"RHELSERVER",
"WINDOWSSERVER",
"RHELCONTAINER",
"UBUNTUSERVER",
"HYPERV",
"CENTOSSERVER",
"CENTOSCONTAINER",
"SLESSERVER",
"OELSERVER"
],
"required": true,
"title": "Hypervisor OS type",
"type": "string"
},
"os_version": {
"description": "Version of the hypervisor operating system",
"required": false,
"title": "Hypervisor OS version",
"type": "string"
},
"resource_type": {
"help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'",
"required": true,
"title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'",
"type": "string"
},
"tags": {
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'tags' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"windows_install_location": {
"description": "Specify an installation folder to install the NSX kernel modules for Windows Server. By default, it is C:\\Program Files\\VMware\\NSX\\.",
"required": false,
"title": "Install location of Windows Server on baremetal being managed by NSX",
"type": "string"
}
},
"title": "Host node",
"type": "object"
}
HostNodeLoginCredential (type)
{
"additionalProperties": false,
"id": "HostNodeLoginCredential",
"module_id": "FabricNode",
"properties": {
"password": {
"required": false,
"sensitive": true,
"title": "The authentication password of the host node",
"type": "secure_string"
},
"thumbprint": {
"description": "For ESXi hosts, the thumbprint of the ESXi management service. For KVM hosts, the SSH key fingerprint. If thumbprint is not provided then connection to host may not be established and API call will fail.",
"required": false,
"title": "ESXi thumbprint or SSH key fingerprint of the host node",
"type": "string"
},
"username": {
"required": false,
"title": "The username of the account on the host node",
"type": "string"
}
},
"title": "The credentials to login into the host node",
"type": "object"
}
HostNodeStatus (type)
{
"id": "HostNodeStatus",
"module_id": "ComputeCollectionDeployment",
"properties": {
"config_status": {
"description": "Gives details of state of desired configuration. This property is available only if Tranport Node exists for the host. Following are the supported values pending - Transport Node configuration status is pending in_progress - Transport Node configuration status is in progress success - Transport Node configuration status is successful failed - Transport Node configuration status is failed partial_success - Transport Node configuration status is partial success orphaned - Transport Node configuration status is orphaned unknown - Transport Node configuration status is unknown error - Error occured during Transport Node configuration",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error"
],
"readonly": true,
"required": false,
"title": "Configuration status of host node",
"type": "string"
},
"deployment_status": {
"description": "This specifies the current nsx install status for host node. Following are the supported values INSTALL_IN_PROGRESS - NSX installation is in progress on the host INSTALL_FAILED - NSX installation failed on the host INSTALL_SUCCESSFUL - NSX installation successful on the host UNINSTALL_IN_PROGRESS - NSX uninstallation in progress on the host UNINSTALL_FAILED - NSX uninstallation failed on the host UNINSTALL_SUCCESSFUL - NSX uninstallation successful on the host UNINSTALL_SCHEDULED - NSX uninstallation is scheduled on the host UPGRADE_IN_PROGRESS - NSX upgrade is in progress on the host UPGRADE_FAILED - NSX upgrade failed on the host DEPLOYMENT_QUEUED - Deployment is queued on the DEPLOYMENT_IN_PROGRESS - Deployment is in progress DEPLOYMENT_FAILED - Deployment is failed DEPLOYMENT_SUCCESSFUL - Deployment is successful UNDEPLOYMENT_QUEUED - Undeployment is queued UNDEPLOYMENT_IN_PROGRESS - Undeployment is in progress UNDEPLOYMENT_FAILED - Undeployment failed UNDEPLOYMENT_SUCCESSFUL - Undeployment is successful UPGRADE_QUEUED - Upgrade is queued HOST_DISCONNECTED - Host is disconnected POWERED_OFF - Host is powered off",
"enum": [
"INSTALL_IN_PROGRESS",
"INSTALL_FAILED",
"INSTALL_SUCCESSFUL",
"UNINSTALL_IN_PROGRESS",
"UNINSTALL_FAILED",
"UNINSTALL_SUCCESSFUL",
"UNINSTALL_SCHEDULED",
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"DEPLOYMENT_QUEUED",
"DEPLOYMENT_IN_PROGRESS",
"DEPLOYMENT_FAILED",
"DEPLOYMENT_SUCCESSFUL",
"UNDEPLOYMENT_QUEUED",
"UNDEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_FAILED",
"UNDEPLOYMENT_SUCCESSFUL",
"UPGRADE_QUEUED",
"HOST_DISCONNECTED",
"POWERED_OFF"
],
"readonly": true,
"title": "Deployment progress status of host node",
"type": "string"
},
"node_id": {
"readonly": true,
"title": "Unique Id of the host node",
"type": "string"
}
},
"title": "Host Node Status",
"type": "object"
}
HostNodeStatusListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "HostNodeStatusListResult",
"module_id": "ComputeCollectionDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "HostNodeStatus"
},
"readonly": true,
"required": false,
"title": "HostNodeStatus Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "HostNodeStatus queries result",
"type": "object"
}
HostSwitchConfigOption (type)
{
"id": "HostSwitchConfigOption",
"module_id": "TransportNode",
"nsx_feature": "HostSwitchSubset",
"properties": {
"host_switch_id": {
"description": "This field is writable only in case of VDS type HostSwitch and system generated for NVDS type. For VDS type host switch, This field is used to lookup a VDS from corresponding Compute Manager and then can be configured for logical networking. For NVDS type host switch, This field is system generated and if provided will be overwritten.",
"required": false,
"title": "The host switch id. This ID will be used to reference a host switch.",
"type": "string"
},
"host_switch_profile_ids": {
"description": "Host switch profiles bound to this host switch. If a profile ID is not provided for any HostSwitchProfileType that is supported by the transport node, the corresponding default profile will be bound to the host switch. If transport node is created using Policy APIs, use policyPaths instead of UUIDs.",
"items": {
"$ref": "HostSwitchProfileTypeIdEntry"
},
"required": false,
"title": "Identifiers of host switch profiles to be associated with this host switch.",
"type": "array"
},
"ip_assignment_spec": {
"$ref": "IpAssignmentSpec",
"description": "IPs can come from either a static IP pool or an explicitly specified IP list or DHCP. In case a list of IP is specified, the number of IPs provided should be sufficient as per teaming policy associated with host switch uplink profile.",
"readonly": false,
"required": false,
"title": "Specification for IPs to be used with host switch virtual tunnel endpoints"
},
"ipv6_assignment_spec": {
"$ref": "Ipv6AssignmentSpec",
"description": "IPs can come from either a static IPv6 pool or an explicitly specified IP list or DHCP. In case a list of IP is specified, the number of IPs provided should be sufficient as per teaming policy associated with host switch uplink profile.",
"nsx_feature": "L2Ipv6",
"readonly": false,
"required": false,
"title": "Specification for IPv6 IPs to be used with host switch virtual tunnel endpoints"
},
"uplinks": {
"description": "If VDS is used as a HostSwitch this attribute must be specified. You can associate uplinks from UplinkHostSwitchProfile to either VDS uplink or LAG. VDS uplink or LAG will inherit the global VDS level teaming policy from vSphere. NSX managed uplink or LAG will have NSX teaming policy configured through UplinkHostSwitchProfile.",
"items": {
"$ref": "VdsUplink"
},
"required": false,
"title": "Uplink/LAG of VMware vSphere Distributed Switch connected to the HostSwitch",
"type": "array"
}
},
"title": "Host Switch configuration option specification",
"type": "object"
}
HostSwitchConfigSource (type)
{
"description": "This object contains references to transport node profile sub configurations that will be used to generate overridden host switch configuration.Such overridden configuration can be applied to a sub-cluster defined within vSphere managed cluster.",
"id": "HostSwitchConfigSource",
"module_id": "HostTransportNodeCollection",
"nsx_feature": "HostSwitchSubset",
"properties": {
"host_switch_id": {
"required": true,
"title": "HostSwitch Id",
"type": "string"
},
"transport_node_profile_sub_config_name": {
"required": true,
"title": "Name of the TransportNodeProfile sub configuration to be used.",
"type": "string"
}
},
"title": "Overridden HostSwitch Configuration",
"type": "object"
}
HostSwitchInfo (type) (Deprecated)
{
"deprecated": true,
"id": "HostSwitchInfo",
"module_id": "TransportZone",
"nsx_feature": "NsxtOnVds",
"properties": {
"host_switch_id": {
"readonly": true,
"required": true,
"title": "Unique ID of a host switch",
"type": "string"
},
"host_switch_mode": {
"enum": [
"STANDARD",
"ENS",
"ENS_INTERRUPT",
"LEGACY"
],
"readonly": true,
"required": true,
"title": "Mode of host switch",
"type": "string"
},
"host_switch_name": {
"readonly": true,
"required": true,
"title": "Name of a host switch",
"type": "string"
},
"host_switch_type": {
"enum": [
"NVDS",
"VDS"
],
"readonly": true,
"required": true,
"title": "Type of a host switch",
"type": "string"
}
},
"title": "Information of host switch participating in transport zone",
"type": "object"
}
HostSwitchProfileListParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "HostSwitchProfileListParameters",
"module_id": "BaseHostSwitchProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"deployment_type": {
"$ref": "EdgeDeploymentType",
"description": "If the node_type is specified, then deployment_type may be specified to filter uplink profiles applicable to only PHYSICAL_MACHINE or VIRTUAL_MACHINE deployments of these nodes.",
"required": false,
"title": "Deployment type of EdgeNode or PublicCloudGatewayNode"
},
"hostswitch_profile_type": {
"$ref": "HostSwitchProfileType",
"required": false,
"title": "Type of host switch profile"
},
"include_system_owned": {
"default": false,
"required": false,
"title": "Whether the list result contains system resources",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"node_type": {
"description": "The fabric node type is the resource_type of the Node such as EdgeNode and PublicCloudGatewayNode. If a fabric node type is given, uplink profiles that apply for nodes of the given type will be returned.",
"enum": [
"EdgeNode",
"PublicCloudGatewayNode"
],
"required": false,
"title": "Fabric node type for which uplink profiles are to be listed",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"uplink_teaming_policy_name": {
"description": "If populated, only UplinkHostSwitchProfiles with the specified uplink teaming policy name are returned. Otherwise, any HostSwitchProfile can be returned.",
"required": false,
"title": "The host switch profile's uplink teaming policy name",
"type": "string"
}
},
"title": "HostSwitchProfile List Parameters",
"type": "object"
}
HostSwitchProfileType (type) (Deprecated)
{
"deprecated": true,
"enum": [
"UplinkHostSwitchProfile",
"LldpHostSwitchProfile",
"NiocProfile",
"ExtraConfigHostSwitchProfile",
"VtepHAHostSwitchProfile",
"HighPerformanceHostSwitchProfile"
],
"id": "HostSwitchProfileType",
"module_id": "BaseHostSwitchProfile",
"title": "Supported HostSwitch profiles.",
"type": "string"
}
HostSwitchProfileTypeIdEntry (type) (Deprecated)
{
"deprecated": true,
"id": "HostSwitchProfileTypeIdEntry",
"module_id": "BaseHostSwitchProfile",
"properties": {
"key": {
"$ref": "HostSwitchProfileType"
},
"value": {
"description": "key value",
"readonly": false,
"required": true,
"type": "string"
}
},
"type": "object"
}
HostSwitchProfilesListResult (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListResult"
},
"id": "HostSwitchProfilesListResult",
"module_id": "BaseHostSwitchProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BaseHostSwitchProfile"
},
"readonly": true,
"required": false,
"title": "HostSwitch Profile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "HostSwitch Profile queries result",
"type": "object"
}
HostSwitchSpec (type)
{
"abstract": true,
"description": "The HostSwitchSpec is the base class for standard and preconfigured host switch specifications.",
"id": "HostSwitchSpec",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"StandardHostSwitchSpec",
"PreconfiguredHostSwitchSpec"
],
"required": true,
"type": "string"
}
},
"title": "Abstract base type for transport node host switch specification",
"type": "object"
}
HostSwitchState (type) (Deprecated)
{
"deprecated": true,
"id": "HostSwitchState",
"module_id": "TransportNode",
"properties": {
"endpoints": {
"items": {
"$ref": "Endpoint"
},
"readonly": true,
"title": "List of virtual tunnel endpoints which are configured on this switch",
"type": "array"
},
"host_switch_id": {
"readonly": true,
"title": "External ID of the HostSwitch",
"type": "string"
},
"host_switch_name": {
"description": "The name must be unique among all host switches specified in a given Transport Node.",
"readonly": true,
"title": "HostSwitch name. This name will be used to reference this HostSwitch.",
"type": "string"
},
"host_switch_type": {
"default": "NVDS",
"description": "VDS represents VMware vSphere Distributed Switch from vSphere that is used as HostSwitch through TransportNode or TransportNodeProfile configuration. When VDS is used as a HostSwitch, Hosts have to be added to VDS from vSphere and VDS instance is created on Hosts. To configure NSX on such hosts, you can use this VDS as a HostSwitch from NSX manager. vCenter has the ownership of MTU, LAG, NIOC and LLDP configuration of such VDS backed HostSwitch. Remaining configuration (e.g. UplinkHostswitchProfile) will be managed by NSX. NVDS represents NSX Virtual Switch which is NSX native HostSwitch. All configurations of NVDS will be managed by NSX.",
"enum": [
"NVDS",
"VDS"
],
"nsx_feature": "NsxtOnVds",
"required": false,
"title": "Type of HostSwitch",
"type": "string"
},
"transport_zone_ids": {
"items": {
"type": "string"
},
"readonly": true,
"title": "List of Ids of TransportZones this HostSwitch belongs to",
"type": "array"
}
},
"title": "Host Switch State",
"type": "object"
}
HostTransportNode (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "HostTransportNode",
"module_id": "PolicyHostTransportNode",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_node_id_for_create": {
"description": "Specify discovered node id to create Host Transport Node for Discovered Node. This field is required during Host Transport Node create from vCenter server managing the ESXi type HostNode. No need to provide node_deployment_info while creating Host Transport Node for Discovered Node. If both node_deployment_info and discovered_node_id_for_create provided during Host TransportNode create payload then it will create Host Transport Node from the discovered node id provided in this field.",
"readonly": false,
"required": false,
"title": "Discovered node id to create Host Transport Node",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"host_switch_spec": {
"$ref": "HostSwitchSpec",
"description": "This property is used to either create standard host switches or to inform NSX about preconfigured host switches that already exist on the transport node. Pass an array of either StandardHostSwitchSpec objects or PreconfiguredHostSwitchSpec objects. It is an error to pass an array containing different types of HostSwitchSpec objects.",
"required": false,
"title": "Transport node host switch specification"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_overridden": {
"description": "This flag is relevant to only those hosts which are part of a compute collection which has transport node profile (TNP) applied on it. If through any update, the transport node configuration is found to be different than TNP configuration, then this field is set to true. If through any update, the transport node configuration is found to be same as TNP configuration, then this field is set to false. Updates here include all kinds of updates to the TNP, updates to transport node collection (TNC) or updates to transport node (TN)",
"readonly": true,
"required": false,
"title": "Indicates if config is different than compute collection.",
"type": "boolean"
},
"maintenance_mode": {
"description": "The property is read-only, used for querying result. User could update transport node maintenance mode by UpdateTransportNodeMaintenanceMode call.",
"enum": [
"ENABLED",
"FORCE_ENABLED",
"DISABLED"
],
"readonly": true,
"title": "transport node maintenance mode desired state",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"node_deployment_info": {
"$ref": "FabricHostNode",
"required": false
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Host Transport Node",
"type": "object"
}
HostTransportNodeCollection (type)
{
"description": "Entity to indicate relation between Compute collection and Transport node template.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "HostTransportNodeCollection",
"module_id": "HostTransportNodeCollection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"compute_collection_id": {
"required": true,
"title": "Compute collection id",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_nsx_on_dvpg": {
"description": "If this is set to true, NSX on DVPG will be enabled on the Transport Node Collection. DVPGs and ports will be detected to create Discovered Segments and Discovered Ports. If this flag is set from true to false, all Discovered Segments and Discovered Ports will be removed from NSX and NSX configuration will be removed from DVPortgroups on DVS DVPGs. If this is changed from false to true, NSX will begin creating all applicable Discovered Segments and Discovered Ports. This field is ignored if used with the API to Configure Transport Node Collection for Security, i.e., POST /infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/transport-node-collections/<transport-node-collection-id>?action=install_for_microseg. The API will always treat this field as set to true.",
"nsx_feature": "HybridHostSwitchMode",
"required": false,
"title": "Enable NSX on DVPG",
"type": "boolean"
},
"has_nvds": {
"deprecated": true,
"required": false,
"title": "Flag indicating if applied profile has NVDS",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"migration_to_lag": {
"description": "LACP migration config contains information that will be used to move the PNICs specified in this config to LAG uplink. The config is provided by SDDC Manager in use cases where lag is chosen as active uplink for management VMs on VCF. It moves the PNICs over to LAG ports without loss of network connectivity. This config is meant to be used only by VCF or SDDC manager workflows.",
"items": {
"$ref": "LacpMigrationConfig"
},
"maxItems": 8,
"minItems": 0,
"nsx_feature": "LacpOnVcf",
"readonly": false,
"required": false,
"title": "List of LACP migration config for each DVS.",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sub_cluster_config": {
"items": {
"$ref": "SubClusterConfig"
},
"nsx_feature": "HostSwitchSubset",
"required": false,
"title": "List of sub-cluster configuration",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_node_profile_id": {
"required": false,
"title": "Transport Node Profile Path",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Compute collection transport node template",
"type": "object"
}
HostTransportNodeCollectionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "HostTransportNodeCollectionListResult",
"module_id": "HostTransportNodeCollection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "HostTransportNodeCollection"
},
"readonly": true,
"title": "Transport Node collection results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport Node collections list result",
"type": "object"
}
HostTransportNodeListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters"
},
"id": "HostTransportNodeListParameters",
"module_id": "PolicyHostTransportNode",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"discovered_node_id": {
"description": "This property can be used by itself or along with 'transport_zone_path'. This applies only to vCenter Managed hosts. For Unmanaged hosts use node_ip instead. These hosts are discovered by Nsx manager after adding a vCenter as Compute Manager. Refer to fabric discovered-nodes api to get discoverednode_id. eg. 6ab2278f-951d-471b-8d0f-510c825945f1:host-14",
"required": false,
"title": "discovered node id",
"type": "string"
},
"in_maintenance_mode": {
"description": "If the flag is true, transport node with 'ENABLED' or 'FORCE_ENABLED' desired state will be returned, otherwise transport nodes in 'DISABLED' will be returned.",
"required": false,
"title": "maintenance mode flag",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"node_ip": {
"description": "This property can only be used alone. It can not be combined with other filtering properties. If the ESX host has both IPv4 and IPv6 addresses, and the NSX Manager has both IPv4 and IPv6 addresses, then this filter will work only on the IPv6 address of the ESX host. In all other cases, this filter will work only on the IPv4 address of ESX host.",
"required": false,
"title": "Transport node IP address",
"type": "string"
},
"node_types": {
"description": "Specify types from [HostNode, EdgeNode, PublicCloudGatewayNode]. If a list of node types is given, all transport nodes of given types will be returned.",
"required": false,
"title": "a list of node types separated by comma or a single type",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"transport_zone_path": {
"description": "This property can be used along with 'node_id'. Valid Policy Tz path should be given, eg. /infra/sites/default/enforcement-points/default/transport-zones/web-tz1",
"required": false,
"title": "Transport zone path",
"type": "string"
}
},
"title": "Host Transport Node list parameters",
"type": "object"
}
HostTransportNodeListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "HostTransportNodeListResult",
"module_id": "PolicyHostTransportNode",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "HostTransportNode"
},
"readonly": true,
"required": false,
"title": "Host TransportNode Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Host Transport Node queries result",
"type": "object"
}
HostUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus"
},
"id": "HostUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList",
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus",
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of host upgrade",
"type": "object"
}
HostUplink (type)
{
"id": "HostUplink",
"module_id": "ObservabilityCounters",
"properties": {
"num_pnics": {
"description": "Number of PNICs in the host.",
"required": false,
"type": "int"
},
"rx_error_total": {
"description": "Total RX drop (including errors) reported by the driver.",
"required": false,
"type": "integer"
},
"rx_missed": {
"description": "RX missed reported by the driver.",
"required": false,
"type": "integer"
},
"rxeps": {
"description": "RX drop rate (including errors).",
"required": false,
"type": "number"
},
"rxmbps": {
"description": "RX throughput.",
"required": false,
"type": "number"
},
"rxpps": {
"description": "RX packet rate.",
"required": false,
"type": "number"
},
"txeps": {
"description": "TX drop rate (including errors).",
"required": false,
"type": "number"
},
"txmbps": {
"description": "TX throughput.",
"required": false,
"type": "number"
},
"txpps": {
"description": "TX packet rate.",
"required": false,
"type": "number"
}
},
"type": "object"
}
HostVnic (type)
{
"id": "HostVnic",
"module_id": "ObservabilityCounters",
"properties": {
"num_vnics": {
"description": "Number of VNICs in the host.",
"required": false,
"type": "int"
},
"rxeps": {
"description": "RX drop rate (including errors).",
"required": false,
"type": "number"
},
"rxmbps": {
"description": "RX throughput.",
"required": false,
"type": "number"
},
"rxpps": {
"description": "RX packet rate.",
"required": false,
"type": "number"
},
"txeps": {
"description": "TX drop rate (including errors).",
"required": false,
"type": "number"
},
"txmbps": {
"description": "TX throughput.",
"required": false,
"type": "number"
},
"txpps": {
"description": "TX packet rate.",
"required": false,
"type": "number"
}
},
"type": "object"
}
HostedEntityInfo (type)
{
"id": "HostedEntityInfo",
"module_id": "ClusterManagement",
"properties": {
"entity_type": {
"description": "The type of entity hosted could be MP, CCP, VMC App etc.",
"readonly": true,
"required": true,
"title": "Type of entity",
"type": "string"
},
"entity_uuid": {
"readonly": true,
"required": true,
"title": "Unique identifier of entity",
"type": "string"
}
},
"type": "object"
}
HostnameOrIPAddress (type)
{
"format": "hostname-or-ip",
"id": "HostnameOrIPAddress",
"module_id": "Common",
"title": "Hostname or IPv4 or IPv6 address",
"type": "string"
}
HostnameOrIPv46Address (type)
{
"id": "HostnameOrIPv46Address",
"maxLength": 255,
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "Hostname or IPv4 or IPv6 address",
"type": "string"
}
HostnameOrIPv4Address (type)
{
"format": "hostname-or-ipv4",
"id": "HostnameOrIPv4Address",
"module_id": "Common",
"title": "Hostname or IPv4 address",
"type": "string"
}
HostnameOrIPv4AddressOrEmptyString (type)
{
"id": "HostnameOrIPv4AddressOrEmptyString",
"maxLength": 255,
"module_id": "Common",
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$|^$",
"title": "Hostname or IPv4 address",
"type": "string"
}
HttpProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol"
},
"id": "HttpProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "http"
},
"properties": {
"authentication_scheme": {
"$ref": "BasicAuthenticationScheme",
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
}
},
"type": "object"
}
HttpRequestMethodType (type)
{
"additionalProperties": false,
"enum": [
"GET",
"OPTIONS",
"POST",
"HEAD",
"PUT"
],
"id": "HttpRequestMethodType",
"module_id": "LoadBalancer",
"title": "http monitor method",
"type": "string"
}
HttpRequestVersionType (type)
{
"additionalProperties": false,
"enum": [
"HTTP_VERSION_1_0",
"HTTP_VERSION_1_1"
],
"id": "HttpRequestVersionType",
"module_id": "LoadBalancer",
"title": "http request version",
"type": "string"
}
HttpServiceProperties (type)
{
"additionalProperties": false,
"id": "HttpServiceProperties",
"properties": {
"basic_authentication_enabled": {
"default": true,
"deprecated": true,
"description": "Identifies whether basic authentication is enabled or disabled in API calls.",
"title": "Enable or disable basic authentication",
"type": "boolean"
},
"certificate": {
"$ref": "Certificate",
"deprecated": true,
"readonly": true,
"required": true
},
"cipher_suites": {
"deprecated": true,
"items": {
"$ref": "CipherSuite"
},
"minItems": 1,
"title": "Cipher suites used to secure contents of connection",
"type": "array"
},
"client_api_concurrency_limit": {
"default": 40,
"deprecated": true,
"description": "A per-client concurrency limit. This is the maximum number of outstanding requests that a client can have. For example, a client can open multiple connections to NSX and submit operations on each connection. When this limit is exceeded, the server returns a 503 Service Unavailable error to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Client API concurrency limit in calls",
"type": "integer"
},
"client_api_rate_limit": {
"default": 100,
"deprecated": true,
"description": "The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.",
"minimum": 0,
"title": "Client API rate limit in calls per second",
"type": "integer"
},
"connection_timeout": {
"deprecated": true,
"maximum": 2147483647,
"minimum": 0,
"title": "NSX connection timeout, set to 0 to configure no timeout",
"type": "integer"
},
"cookie_based_authentication_enabled": {
"default": true,
"deprecated": true,
"description": "Identifies whether cookie-based authentication is enabled or disabled in API calls. When cookie-based authentication is disabled, new sessions cannot be created via /api/session/create.",
"title": "Enable or disable cookie-based authentication",
"type": "boolean"
},
"global_api_concurrency_limit": {
"default": 100,
"deprecated": true,
"description": "The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Global API concurrency limit in calls",
"type": "integer"
},
"logging_level": {
"default": "INFO",
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": false,
"title": "Service logging level",
"type": "string"
},
"protocol_versions": {
"deprecated": true,
"items": {
"$ref": "ProtocolVersion"
},
"minItems": 1,
"title": "TLS protocol versions",
"type": "array"
},
"redirect_host": {
"$ref": "HostnameOrIPv4AddressOrEmptyString",
"default": "",
"deprecated": true,
"title": "Host name or IP address to use for redirect location headers, or empty string to derive from current request"
},
"session_timeout": {
"deprecated": true,
"maximum": 2147483647,
"minimum": 0,
"title": "NSX session inactivity timeout, set to 0 to configure no timeout",
"type": "integer"
}
},
"title": "HTTP Service properties",
"type": "object"
}
HttpsProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol"
},
"id": "HttpsProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "https"
},
"properties": {
"authentication_scheme": {
"$ref": "BasicAuthenticationScheme",
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"sha256_thumbprint": {
"required": true,
"title": "SSL thumbprint of server",
"type": "string"
}
},
"type": "object"
}
ICMPTypeNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement"
},
"id": "ICMPTypeNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "ICMPTypeNSService"
},
"properties": {
"icmp_code": {
"required": false,
"title": "ICMP message code",
"type": "integer"
},
"icmp_type": {
"required": false,
"title": "ICMP message type",
"type": "integer"
},
"protocol": {
"enum": [
"ICMPv4",
"ICMPv6"
],
"required": true,
"title": "ICMP protocol type",
"type": "string"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "A NSService that represents IPv4 or IPv6 ICMP protocol",
"type": "object"
}
ICMPTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry"
},
"id": "ICMPTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ICMPTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_code": {
"maximum": 255,
"minimum": 0,
"required": false,
"title": "ICMP message code",
"type": "integer"
},
"icmp_type": {
"maximum": 255,
"minimum": 0,
"required": false,
"title": "ICMP message type",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protocol": {
"enum": [
"ICMPv4",
"ICMPv6"
],
"required": true,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents IPv4 or IPv6 ICMP protocol",
"type": "object"
}
IDSEventDataRequest (type)
{
"additionalProperties": false,
"description": "Filtering parameters to get only a subset of intrusion events.",
"id": "IDSEventDataRequest",
"module_id": "IDSMetrics",
"properties": {
"filters": {
"description": "An array of filter conditions.",
"items": {
"$ref": "FilterRequest"
},
"required": false,
"title": "Filter conditions",
"type": "array"
}
},
"title": "Parameters to filter list of intrusions",
"type": "object"
}
IDSEventsBySignature (type)
{
"additionalProperties": false,
"description": "Intrusions that are detected, grouped by signature. It contains the signature id, severity, name, the number of intrusions of that type and the first occurence.",
"extends": {
"$ref": "Resource"
},
"id": "IDSEventsBySignature",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"count": {
"description": "Number of times this particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of times signature was seen",
"type": "integer"
},
"first_occurence": {
"$ref": "EpochMsTimestamp",
"description": "First occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "First occurence of the intrusion"
},
"is_ongoing": {
"description": "Flag indicating an ongoing intrusion.",
"readonly": true,
"required": false,
"title": "Flag indicating an ongoing intrusion",
"type": "boolean"
},
"resource_type": {
"description": "IDSEvent resource type.",
"readonly": true,
"required": true,
"title": "IDSEvent resource type",
"type": "string"
},
"severity": {
"description": "Severity of the threat covered by the signature, can be Critical, High, Medium, or Low.",
"readonly": true,
"required": false,
"title": "Severity of the signature",
"type": "string"
},
"signature_id": {
"description": "Signature ID pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Signature ID",
"type": "integer"
},
"signature_name": {
"description": "Name of the signature pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Name of the signature",
"type": "string"
}
},
"title": "Detcted intrusions grouped by signature",
"type": "object"
}
IDSEventsBySignatureResult (type)
{
"additionalProperties": false,
"description": "List of all intrusions that are detected grouped by signature, it contains minimal details about the intrusions.",
"extends": {
"$ref": "ListResult"
},
"id": "IDSEventsBySignatureResult",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all intrusions detected, grouped by signature. The details include signature id, name, severity, timestamp, and total number of attempts per signature.",
"items": {
"$ref": "IDSEventsBySignature"
},
"readonly": true,
"title": "List of all intrusions detected",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of intrusions grouped by signature",
"type": "object"
}
IDSEventsSummary (type)
{
"additionalProperties": false,
"description": "Intrusion event with all the event and signature details, each event contains the signature id, name, severity, first and recent occurence, users and VMs affected and other signature metadata.",
"extends": {
"$ref": "Resource"
},
"id": "IDSEventsSummary",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"affected_vm_count": {
"description": "Count of VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Count of VMs this signature was detected on",
"type": "integer"
},
"first_occurence": {
"$ref": "EpochMsTimestamp",
"description": "First occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "First occurence of the intrusion"
},
"idsflow_details": {
"description": "IDS event flow data specific to each IDS event. The data includes source ip, source port, destination ip, destination port, and protocol.",
"items": {
"$ref": "IdsEventFlowData"
},
"readonly": true,
"required": false,
"title": "IDS event flow data details",
"type": "object"
},
"is_ongoing": {
"description": "Flag indicating an ongoing intrusion.",
"readonly": true,
"required": false,
"title": "Flag indicating an ongoing intrusion",
"type": "boolean"
},
"is_rule_valid": {
"description": "Indicates if the rule id is valid or not.",
"readonly": true,
"required": false,
"title": "Is the rule id valid",
"type": "boolean"
},
"latest_occurence": {
"$ref": "EpochMsTimestamp",
"description": "Latest occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Latest occurence of the intrusion"
},
"resource_type": {
"description": "IDSEvent resource type.",
"readonly": true,
"required": true,
"title": "IDSEvent resource type",
"type": "string"
},
"rule_id": {
"description": "The IDS Rule id that detected this particular intrusion.",
"readonly": true,
"required": false,
"title": "IDS Rule id of detected intrusion",
"type": "integer"
},
"signature_id": {
"description": "Signature ID pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Signature ID",
"type": "integer"
},
"signature_metadata": {
"description": "Metadata about the detected signature including name, id, severity, product affected, protocol etc.",
"items": {
"$ref": "IDSSignatureDetail"
},
"readonly": true,
"required": false,
"title": "Metadata about the detected signature",
"type": "object"
},
"total_count": {
"description": "Number of times this particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of occurrences of this signature",
"type": "integer"
},
"user_details": {
"description": "List of users logged into VMs on which a particular signature was detected.",
"items": {
"$ref": "IdsUserStats"
},
"readonly": true,
"required": false,
"title": "List of users on the affected VMs",
"type": "object"
},
"vm_details": {
"description": "List of VMs on which a particular signature was detected with the count.",
"items": {
"$ref": "IdsVmStats"
},
"readonly": true,
"required": false,
"title": "List of VMs this signature was seen",
"type": "object"
}
},
"title": "Intrusions with event and signature data",
"type": "object"
}
IDSProfile (type)
{
"additionalProperties": false,
"description": "An entity that holds the list of IDS signatures which need to be detected. The profiles can be custom created or built in.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IDSProfile",
"module_id": "IDSProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signatures": {
"description": "List of IDS signatures ids which need to be detected.",
"items": {
"type": "string"
},
"maxItems": 30000,
"minItems": 1,
"readonly": false,
"required": true,
"title": "IDS Signatures",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IDS Profile",
"type": "object"
}
IDSSignatureDetail (type)
{
"id": "IDSSignatureDetail",
"module_id": "IDSSignatures",
"properties": {
"action": {
"description": "Packet analysis action",
"title": "Action",
"type": "string"
},
"affected_product": {
"description": "Product affected by the signature.",
"title": "Affected product",
"type": "string"
},
"attack_target": {
"description": "Target of the attack tracked in the signature.",
"title": "Attack target",
"type": "string"
},
"category": {
"description": "VMware defined signature category.",
"items": {
"type": "string"
},
"title": "Category",
"type": "array"
},
"class_type": {
"description": "Class type of the signature.",
"title": "Signature class type",
"type": "string"
},
"cves": {
"description": "CVE of the signature.",
"items": {
"type": "string"
},
"title": "CVE of the signature",
"type": "array"
},
"cvss": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. If cvssv3 exists, then this is the cvssv3 score, else it is the cvssv2 score.",
"required": false,
"title": "Signature CVSS score",
"type": "string"
},
"cvssv2": {
"description": "Signature CVSSV2 score.",
"title": "Signature CVSSV2 score",
"type": "string"
},
"cvssv3": {
"description": "Signature CVSSV3 score.",
"title": "Signature CVSSV3 score",
"type": "string"
},
"direction": {
"description": "Source-destination direction.",
"title": "Direction",
"type": "string"
},
"enabled": {
"description": "Signature enabled.",
"title": "Enabled",
"type": "boolean"
},
"flow": {
"description": "Flow established from server, from client etc.",
"title": "Flow established",
"type": "string"
},
"malware_family": {
"description": "Family of the malware tracked in the signature.",
"title": "Malware Family",
"type": "string"
},
"name": {
"description": "Name of the signature.",
"title": "Signature name",
"type": "string"
},
"performance_impact": {
"description": "Performance impact of the signature.",
"title": "Performance impact",
"type": "string"
},
"policy": {
"description": "Signature policy.",
"items": {
"type": "string"
},
"title": "Policy",
"type": "array"
},
"protocol": {
"description": "Protocol used in the packet analysis.",
"title": "Protocol",
"type": "string"
},
"resource_type": {
"description": "IDSSignatureDetail resource type.",
"readonly": true,
"required": true,
"title": "IDSSignatureDetail resource type",
"type": "string"
},
"severity": {
"description": "VMware defined signature severity.",
"title": "Severity",
"type": "string"
},
"signature_id": {
"description": "Unique ID of the signature rule.",
"title": "The signature ID",
"type": "integer"
},
"signature_revision": {
"description": "The revision of the signature",
"title": "Signature revision",
"type": "integer"
},
"signature_severity": {
"description": "Signature vendor set severity of the signature rule.",
"title": "Signature severity",
"type": "string"
},
"tag": {
"description": "Vendor assigned classification tag.",
"items": {
"type": "string"
},
"title": "Signature tag",
"type": "array"
},
"type": {
"description": "Signature type.",
"items": {
"type": "string"
},
"title": "Type",
"type": "array"
},
"urls": {
"description": "List of mitre attack URLs pertaining to signature.",
"items": {
"type": "string"
},
"title": "List of mitre attack URLs pertaining to signature",
"type": "array"
}
},
"type": "object"
}
IDSSummaryListResult (type)
{
"additionalProperties": false,
"description": "List of all intrusions that are detected grouped by signature with their summary.",
"extends": {
"$ref": "ListResult"
},
"id": "IDSSummaryListResult",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of the detected intrusions.",
"items": {
"$ref": "IDSEventsSummary"
},
"maxItems": 100,
"readonly": true,
"title": "Paged collection of intrusions",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of intrusions with their summary",
"type": "object"
}
IGMPTypeNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement"
},
"id": "IGMPTypeNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "IGMPTypeNSService"
},
"properties": {
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "A NSService that represents IGMP protocol",
"type": "object"
}
IGMPTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry"
},
"id": "IGMPTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IGMPTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents IGMP protocol",
"type": "object"
}
IKEDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "IKEDigestAlgorithm",
"module_id": "IPSecVPN",
"title": "Digest Algorithms used in IKE negotiations",
"type": "string"
}
IKEEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "IKEEncryptionAlgorithm",
"module_id": "IPSecVPN",
"title": "Encryption algorithms used in IKE",
"type": "string"
}
IPAddress (type)
{
"format": "ip",
"id": "IPAddress",
"module_id": "Common",
"title": "IPv4 or IPv6 address",
"type": "string"
}
IPAddressElement (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RevisionedResource"
},
"id": "IPAddressElement",
"module_id": "IPSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"ip_address": {
"$ref": "IPElement",
"required": true
}
},
"title": "IP Address",
"type": "object"
}
IPAddressElementListResult (type)
{
"extends": {
"$ref": "ListResult"
},
"id": "IPAddressElementListResult",
"module_id": "IPSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPAddressElement"
},
"required": true,
"title": "IP address element list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of IP address elements",
"type": "object"
}
IPAddressExpression (type)
{
"additionalProperties": false,
"description": "Represents IP address expressions in the form of an array, to support addition of IP addresses in a group.If duplicate IP Addresses are provided these will be filtered out and only unique IP Addresses will be considered. Avoid creating groups with multiple IPAddressExpression.In future releases, group will be restricted to contain a single IPAddressExpression. To group IPAddresses, use nested groups instead of multiple IPAddressExpressions.",
"extends": {
"$ref": "Expression"
},
"id": "IPAddressExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IPAddressExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\". The max limit for number of IP addresses applies across all expressions in a group. Please refer to Config Max limits specification document for a given environment.",
"items": {
"$ref": "IPElement"
},
"maxItems": 25000,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression",
"GeoLocationExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP address expression node",
"type": "object"
}
IPAddressGroupAssociationRequestParams (type)
{
"description": "List request parameters containing ip address and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPAddressGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_address": {
"required": true,
"title": "IPAddress",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing ip address and enforcement point path",
"type": "object"
}
IPAddressList (type)
{
"additionalProperties": false,
"description": "Collection of IP Addresses.",
"id": "IPAddressList",
"module_id": "Policy",
"properties": {
"ip_addresses": {
"description": "The array contains IP addresses.",
"items": {
"$ref": "IPElement"
},
"maxItems": 25000,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
}
},
"title": "IP Address collection.",
"type": "object"
}
IPAddressOrCIDRBlock (type)
{
"format": "address-or-cidr-block",
"id": "IPAddressOrCIDRBlock",
"module_id": "Common",
"title": "IPAddress or CIDR Block",
"type": "string"
}
IPAddresses (type)
{
"id": "IPAddresses",
"module_id": "PortMirroring",
"properties": {
"ip_addresses": {
"description": "The IP addresses in the form of IP Address, IP Range, CIDR, used as source IPs or destination IPs of filters.",
"items": {
"$ref": "IPElement"
},
"minItems": 1,
"required": false,
"title": "IPs of the filter",
"type": "array"
}
},
"type": "object"
}
IPCIDRBlock (type)
{
"format": "ip-cidr-block",
"id": "IPCIDRBlock",
"module_id": "Common",
"title": "IPv4 or IPv6 CIDR Block",
"type": "string"
}
IPDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Using this profile to configure different options of IP Discovery",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPDiscoveryProfile",
"module_id": "PolicyIpDiscovery",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"arp_nd_binding_timeout": {
"default": 10,
"description": "This property controls the ARP and ND cache timeout period. It is recommended that this property be greater than the ARP/ND cache timeout on the VM.",
"maximum": 120,
"minimum": 5,
"required": false,
"title": "ARP and ND cache timeout (in minutes)",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"duplicate_ip_detection": {
"$ref": "DuplicateIPDetectionOptions",
"description": "Duplicate IP detection is used to determine if there is any IP conflict with any other port on the same logical switch. If a conflict is detected, then the IP is marked as a duplicate on the port where the IP was discovered last. The duplicate IP will not be added to the realized address binings for the port and hence will not be used in DFW rules or other security configurations for the port.rt.",
"readonly": false,
"required": false,
"title": "Duplicate IP Dection Options"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_v4_discovery_options": {
"$ref": "IPv4DiscoveryOptions",
"description": "Indicates IPv4 Discovery options",
"required": false,
"title": "IPv4 Discovery options"
},
"ip_v6_discovery_options": {
"$ref": "IPv6DiscoveryOptions",
"description": "Indicates IPv6 Discovery options",
"required": false,
"title": "IPv6 Discovery options"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tofu_enabled": {
"default": true,
"description": "Indicates whether \"Trust on First Use(TOFU)\" paradigm is enabled.",
"required": false,
"title": "Is TOFU enabled or not",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"ip discovery segment profile"
],
"title": "IP Discovery Profile",
"type": "object"
}
IPDiscoveryProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPDiscoveryProfileListRequestParameters",
"module_id": "PolicyIpDiscovery",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IP Discovery Profile request parameters",
"type": "object"
}
IPDiscoveryProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IPDiscoveryProfileListResult",
"module_id": "PolicyIpDiscovery",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPDiscoveryProfile"
},
"required": true,
"title": "IP Discovery profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IP Discovery Profiles",
"type": "object"
}
IPElement (type)
{
"description": "IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\"",
"format": "address-or-block-or-range",
"id": "IPElement",
"module_id": "Common",
"title": "IP address, range, or subnet",
"type": "string"
}
IPElementList (type)
{
"description": "IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\"",
"format": "list-of-address-or-block-or-range",
"id": "IPElementList",
"module_id": "Common",
"title": "List of IP address, range, or subnet",
"type": "string"
}
IPFIXDFWCollector (type)
{
"additionalProperties": false,
"description": "IPFIX DFW data will be collected on collector Host IP and Port address should be provided for collector.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPFIXDFWCollector",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"collector_ip_address": {
"$ref": "IPAddress",
"description": "IP address for the IPFIX DFW collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.",
"required": true,
"title": "IP address"
},
"collector_port": {
"description": "Port for the IPFIX DFW collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Collector",
"type": "object"
}
IPFIXDFWCollectorProfile (type)
{
"additionalProperties": false,
"description": "IPFIX data for the NSX distributed firewall will be sent to the specified IPFIX collectors.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPFIXDFWCollectorProfile",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_collectors": {
"description": "It accepts Multiple Collectors.",
"items": {
"$ref": "IPFIXDFWCollector"
},
"minItems": 1,
"required": true,
"title": "IPFIX DFW Collectors.",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Collector Profile",
"type": "object"
}
IPFIXDFWCollectorProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPFIXDFWCollectorProfileListRequestParameters",
"module_id": "PolicyIPFIXDFW",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX DFW Collector Profile request parameters",
"type": "object"
}
IPFIXDFWCollectorProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IPFIXDFWCollectorProfileListResult",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXDFWCollectorProfile"
},
"required": true,
"title": "IPFIX DFW Collection Instances list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX DFW Collector Profile",
"type": "object"
}
IPFIXDFWProfile (type)
{
"additionalProperties": false,
"description": "IPFIX packets from source will be sent to IPFIX DFW collector.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPFIXDFWProfile",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_flow_export_timeout": {
"default": 1,
"description": "For long standing active flows, IPFIX records will be sent per timeout period in minutes.",
"maximum": 60,
"minimum": 1,
"required": true,
"title": "Active timeout (Minutes)",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_collector_profile_path": {
"description": "Policy path for IPFIX collector profiles. IPFIX data from these logical segments will be sent to all specified IPFIX collectors.",
"required": true,
"title": "IPFIX collector Paths",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPFIXDFWProfile"
],
"relationshipType": "IPFIX_DFW_COLLECTION_COLLECTOR_PROFILE_RELATIONSHIP",
"rightType": [
"IPFIXDFWCollectorProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"observation_domain_id": {
"default": 0,
"description": "An identifier that is unique to the exporting process and used to meter the flows.",
"maximum": 65536,
"minimum": 0,
"required": false,
"title": "Observation domain ID",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"priority": {
"default": 0,
"description": "This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.",
"maximum": 32000,
"minimum": 0,
"required": false,
"title": "Config Priority",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Profile",
"type": "object"
}
IPFIXDFWProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPFIXDFWProfileListRequestParameters",
"module_id": "PolicyIPFIXDFW",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX DFW Profile request parameters",
"type": "object"
}
IPFIXDFWProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IPFIXDFWProfileListResult",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXDFWProfile"
},
"required": true,
"title": "IPFIX DFW Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX DFW Profile",
"type": "object"
}
IPFIXL2Collector (type)
{
"additionalProperties": false,
"description": "IPFIX packets will be collected on collector. IP and port address should be provided for collector.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPFIXL2Collector",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"collector_ip_address": {
"$ref": "IPAddress",
"description": "IP address for the IPFIX L2 collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.",
"required": true,
"title": "IP address"
},
"collector_port": {
"default": 4739,
"description": "Port number for the IPFIX L2 collector.",
"maximum": 65535,
"minimum": 0,
"title": "Port",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Collector",
"type": "object"
}
IPFIXL2CollectorProfile (type)
{
"additionalProperties": false,
"description": "IPFIX L2 data will be collected on collectors.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPFIXL2CollectorProfile",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_l2_collectors": {
"description": "It accepts Multiple Collector objects.",
"items": {
"$ref": "IPFIXL2Collector"
},
"maxItems": 4,
"minItems": 1,
"required": true,
"title": "It accepts Multiple Collector objects.",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Collector Profile",
"type": "object"
}
IPFIXL2CollectorProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPFIXL2CollectorProfileListRequestParameters",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX collector profile request parameters",
"type": "object"
}
IPFIXL2CollectorProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IPFIXL2CollectorProfileListResult",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXL2CollectorProfile"
},
"required": true,
"title": "IPFIX collector Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of IPFIX collector profiles.",
"type": "object"
}
IPFIXL2Profile (type)
{
"additionalProperties": false,
"description": "IPFIX data from source logical segment, port, group will be forwarded to IPFIX collector.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPFIXL2Profile",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_timeout": {
"default": 300,
"description": "The time in seconds after a flow is expired even if more packets matching this flow are received by the cache.",
"maximum": 3600,
"minimum": 60,
"title": "Active timeout",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"export_overlay_flow": {
"default": true,
"deprecated": true,
"deprecation_advice": "The overlay flow related information exporting function is no longer supported.\nIPFIX records will not include overlay flow information, even if this toggle is enabled.\nTherefore, this toggle will be reset to false even if the user sets it to true.\nFor the upgrade scenario, it is possible that some ESXi hosts have already been upgraded\nto a version where export overlay flow is not supported, while others have not. The ESXi hosts\nthat are not yet upgraded can still use this configuration.\n",
"description": "This property controls whether overlay flow info is included in the sample result.",
"required": false,
"title": "Export overlay Flow",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 300,
"deprecated": true,
"deprecation_advice": "The idle timeout function is no longer supported. IPFIX records will not be generated\nwhen idle timeouts are triggered, even if a value is set for this field.\nFor the upgrade scenario, it is possible that some ESXi hosts have already been upgraded\nto a version where idle timeout is not supported, while others have not. The ESXi hosts\nthat are not yet upgraded can still use this configuration.\n",
"description": "The time in seconds after a flow is expired if no more packets matching this flow are received by the cache.",
"maximum": 3600,
"minimum": 60,
"required": false,
"title": "Idle timeout",
"type": "int"
},
"ipfix_collector_profile_path": {
"description": "Policy path for IPFIX collector profile. User can specify only one IPFIX collector.",
"required": true,
"title": "IPFIX collector Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPFIXL2Profile"
],
"relationshipType": "IPFIX_L2_PROFILE_COLLECTOR_PROFILE_RELATIONSHIP",
"rightType": [
"IPFIXL2CollectorProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"max_flows": {
"default": 16384,
"description": "The maximum number of flow entries in each exporter flow cache.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Max flows",
"type": "integer"
},
"observation_domain_id": {
"default": 0,
"description": "An identifier that is unique to the exporting process and used to meter the flows.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Observation domain ID",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"packet_sample_probability": {
"default": 0.1,
"description": "Specifies the probability, in percentage, that a packet will be sampled. The value must be between 0 and 100, with up to three decimal places. This probability is applied uniformly to all packets.",
"exclusiveMinimum": true,
"maximum": 100,
"minimum": 0,
"required": true,
"title": "Packet sample probability",
"type": "number"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"priority": {
"default": 0,
"description": "This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only. The priority -1 is reserved for the vRNI GLOBAL IPFIX profile. Non-GLOBAL IPFIX profiles are not allowed to use priority -1.",
"maximum": 32000,
"minimum": -1,
"required": false,
"title": "Config Priority",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Profile",
"type": "object"
}
IPFIXL2ProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPFIXL2ProfileListRequestParameters",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX L2 Profile request parameters",
"type": "object"
}
IPFIXL2ProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IPFIXL2ProfileListResult",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXL2Profile"
},
"required": true,
"title": "IPFIX L2 Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX L2 Profile",
"type": "object"
}
IPInfo (type)
{
"description": "An IP information structure that includes a single IP address and its associated prefix length.",
"id": "IPInfo",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPAddress"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
IPMemberAction (type)
{
"additionalProperties": false,
"id": "IPMemberAction",
"module_id": "IPSet",
"properties": {
"action": {
"enum": [
"add_ip",
"remove_ip"
],
"readonly": false,
"required": true,
"title": "Specifies addition or removal action",
"type": "string"
}
},
"type": "object"
}
IPMirrorDestination (type)
{
"extends": {
"$ref": "MirrorDestination"
},
"id": "IPMirrorDestination",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "IPMirrorDestination"
},
"properties": {
"destination_ips": {
"description": "The destination IPs of the mirror packet will be sent to.",
"items": {
"$ref": "IPAddress"
},
"maxItems": 3,
"minItems": 1,
"required": true,
"title": "List of destination IP addresses",
"type": "array"
},
"encapsulation_type": {
"$ref": "EncapsulationType",
"default": "GRE",
"description": "You can choose GRE, ERSPAN II or ERSPAN III.",
"required": true,
"title": "IPMirrorDestination encapsulation type"
},
"erspan_id": {
"description": "Used by physical switch for the mirror traffic forwarding. Must be provided and only effective when encapsulation type is ERSPAN type II or type III.",
"maximum": 1023,
"minimum": 0,
"required": false,
"title": "ERSPAN session id",
"type": "int"
},
"gre_key": {
"description": "User-configurable 32-bit key only for GRE",
"required": false,
"title": "GRE encapsulation key",
"type": "int"
},
"resource_type": {
"$ref": "MirrorDestinationResourceType",
"help_summary": "Possible values are 'LogicalPortMirrorDestination'",
"required": true
}
},
"type": "object"
}
IPPrefixList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource"
},
"id": "IPPrefixList",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"prefixes": {
"items": {
"$ref": "PrefixConfig"
},
"maxItems": 1330000,
"minItems": 1,
"required": true,
"title": "Ordered list of PrefixConfig",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
IPPrefixListListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IPPrefixListListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPPrefixList"
},
"required": true,
"title": "Paginated list of IPPrefixLists",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IPProtocolNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement"
},
"id": "IPProtocolNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "IPProtocolNSService"
},
"properties": {
"protocol_number": {
"required": true,
"title": "The IP protocol number",
"type": "integer"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "An NSService element that represents an IP protocol",
"type": "object"
}
IPProtocolServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry"
},
"id": "IPProtocolServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IPProtocolServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protocol_number": {
"maximum": 255,
"minimum": 0,
"required": true,
"type": "integer"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents an IP protocol",
"type": "object"
}
IPReputationExclusionList (type)
{
"additionalProperties": false,
"description": "List of IP addresses present in the exclusion list of default malicious IP Group for given site.",
"id": "IPReputationExclusionList",
"module_id": "DFWIPReputationSecurityConfiguration",
"properties": {
"exclusion_list": {
"description": "The list returns the IPs present in the exclusion list of default malicious IP reputation group present on a specific site. This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6.",
"items": {
"$ref": "IPElement"
},
"readonly": true,
"required": false,
"title": "Array of IP addresses",
"type": "array"
}
},
"title": "IP Reputation IP Address Exclusion List",
"type": "object"
}
IPReputationSiteMapping (type)
{
"additionalProperties": false,
"description": "Configuration to allow management of IP reputation on a specific site from the global manager.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPReputationSiteMapping",
"module_id": "DFWIPReputationSecurityConfiguration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_auto_download": {
"description": "Property which indicates whether auto-download of IP Reputation feed is activated or deactivated for the given site.",
"required": true,
"title": "IP reputation feed auto-download flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_path": {
"description": "Path of the site that needs management of IP reputation from the GM",
"readonly": false,
"required": true,
"title": "Site path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPReputationSiteMapping"
],
"relationshipType": "IP_REPUTATION_TO_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP Reputation Site Mapping",
"type": "object"
}
IPReputationSiteMappingListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPReputationSiteMappingListRequestParameters",
"module_id": "DFWIPReputationSecurityConfiguration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IP Reputation site mapping listing request parameters",
"type": "object"
}
IPReputationSiteMappingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IPReputationSiteMappingListResult",
"module_id": "DFWIPReputationSecurityConfiguration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPReputationSiteMapping"
},
"required": true,
"title": "IP Reputation site mapping list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IP reputation site mapping",
"type": "object"
}
IPSecDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The IPSecDigestAlgorithms are used to verify message integrity during IPSec VPN tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "IPSecDigestAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Digest Algorithms used in IPSec tunnel establishment",
"type": "string"
}
IPSecEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "IPSecEncryptionAlgorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input data without encyption. Digest algorithm should be empty for this option.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256",
"NO_ENCRYPTION_AUTH_AES_GMAC_128",
"NO_ENCRYPTION_AUTH_AES_GMAC_192",
"NO_ENCRYPTION_AUTH_AES_GMAC_256",
"NO_ENCRYPTION"
],
"id": "IPSecEncryptionAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Encryption algorithm used in IPSec tunnel",
"type": "string"
}
IPSecVPNDPDProfile (type)
{
"additionalProperties": false,
"description": "Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IPSecVPNDPDProfile",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_probe_interval": {
"description": "When the DPD probe mode is periodic, this interval is the number of seconds between DPD messages. When the DPD probe mode is on-demand, this interval is the number of seconds during which traffic is not received from the peer before DPD retry messages are sent if there is IPSec traffic to send. For PERIODIC Mode: Minimum: 3 Maximum: 360 Default: 60 For ON_DEMAND Mode: Minimum: 1 Maximum: 10 Default: 3",
"title": "DPD probe interval defines an interval for DPD probes (in seconds)",
"type": "integer"
},
"dpd_probe_mode": {
"default": "PERIODIC",
"description": "DPD probe mode is used to query the liveliness of the peer. Two modes are possible - PERIODIC - is used to query the liveliness of the peer at regular intervals (dpd_probe_interval). It does not take into consideration traffic coming from the peer. The benefit of this mode over the on-demand mode is earlier detection of dead peers. However, use of periodic DPD incurs extra overhead. When communicating to large numbers of peers, please consider using on-demand DPD instead. ON_DEMAND - is used to query the liveliness of the peer by instructing the local endpoint to send DPD message to a peer if there is traffic to send to the peer AND the peer was idle for dpd_probe_interval seconds (i.e. there was no traffic from the peer for dpd_probe_interval seconds)",
"enum": [
"PERIODIC",
"ON_DEMAND"
],
"title": "DPD probe mode",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable dead peer detection.",
"title": "Enable dead peer detection (DPD)",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"retry_count": {
"default": 5,
"description": "Maximum number of DPD messages retry attempts. This value is applicable for both dpd probe modes, periodic and on-demand.",
"maximum": 100,
"minimum": 1,
"title": "Retry count",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Dead peer detection (DPD) profile",
"type": "object"
}
IPSecVPNDPDProfileListResult (type)
{
"additionalProperties": false,
"description": "List all the dead peer detection (DPD) profiles.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVPNDPDProfileListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNDPDProfile"
},
"required": true,
"title": "IPSec DPD Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List dead peer detection (DPD) profiles",
"type": "object"
}
IPSecVPNIKEProfile (type)
{
"additionalProperties": false,
"description": "IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IPSecVPNIKEProfile",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DHGroup"
},
"title": "DH group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.",
"items": {
"$ref": "IKEDigestAlgorithm"
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encryption_algorithms": {
"description": "Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.",
"items": {
"$ref": "IKEEncryptionAlgorithm"
},
"title": "Encryption algorithm for IKE",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_version": {
"default": "IKE_V2",
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"enum": [
"IKE_V1",
"IKE_V2",
"IKE_FLEX"
],
"title": "IKE version",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 86400,
"description": "Life time for security association. Default is 86400 seconds (1 day).",
"maximum": 31536000,
"minimum": 21600,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Internet key exchange (IKE) profile",
"type": "object"
}
IPSecVPNIKEProfileListResult (type)
{
"additionalProperties": false,
"description": "List all the IKE profiles.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVPNIKEProfileListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNIKEProfile"
},
"required": true,
"title": "IKE Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List IKE profiles",
"type": "object"
}
IPSecVPNIKEServiceSummary (type)
{
"additionalProperties": false,
"description": "Summarized view of all IPSec VPN sessions for a specified service.",
"extends": {
"$ref": "IPSecVPNSessionSummary"
},
"id": "IPSecVPNIKEServiceSummary",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters",
"description": "Aggregate traffic statistics across all selected sessions.",
"title": "Traffic summary"
},
"display_name": {
"description": "VPN service display name.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "UUID for a vpn service.",
"readonly": true,
"title": "Service identifier",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"logical_router_id": {
"description": "Logical router identifier associated with vpn service.",
"readonly": true,
"title": "Logical router identifier",
"type": "string"
},
"session_summary": {
"$ref": "IPsecVPNIKESessionSummary",
"description": "Session summary for number of total, established, failed and degraded IPSec VPN sessions.",
"readonly": true,
"title": "Session summary"
},
"traffic_summary_per_session": {
"description": "Traffic summary per session.",
"items": {
"$ref": "IPSecVPNSessionTrafficSummary"
},
"title": "Traffic summary",
"type": "array"
}
},
"title": "IPSec VPN IKE service summary",
"type": "object"
}
IPSecVPNIKESessionStatus (type)
{
"additionalProperties": false,
"description": "Status for IPSec VPN IKE session UP, DOWN, NEGOTIATING and fail reason if IKE session is down.",
"id": "IPSecVPNIKESessionStatus",
"module_id": "VPNStatistics",
"properties": {
"fail_reason": {
"description": "Reason for failure.",
"readonly": true,
"title": "Fail reason",
"type": "string"
},
"ike_session_state": {
"description": "IKE session service status UP, DOWN and NEGOTIATING.",
"enum": [
"UP",
"DOWN",
"NEGOTIATING"
],
"readonly": true,
"title": "IKE session state",
"type": "string"
},
"transport_node_id": {
"description": "Transport Node identifier where session is present.",
"readonly": true,
"title": "Transport Node Id",
"type": "string"
}
},
"title": "IKE session status",
"type": "object"
}
IPSecVPNIKETrafficStatistics (type)
{
"additionalProperties": false,
"description": "Traffic statistics for IPSec VPN IKE session. Note - Not supported in this release.",
"id": "IPSecVPNIKETrafficStatistics",
"module_id": "VPNStatistics",
"properties": {
"bytes_in": {
"description": "Number of bytes in.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Number of bytes out.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"fail_count": {
"description": "Fail count.",
"readonly": true,
"title": "Fail count",
"type": "integer"
},
"packets_in": {
"description": "Number of packets in.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Number of packets out.",
"readonly": true,
"title": "Packets out",
"type": "integer"
}
},
"title": "IPSec VPN IKE traffic statistics",
"type": "object"
}
IPSecVPNLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Local endpoint represents a logical router on which tunnel needs to be terminated.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IPSecVPNLocalEndpoint",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Site certificate identifier.",
"title": "Certificate Id",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipsec_vpn_service_id": {
"$ref": "ResourceReference",
"description": "VPN Service id.",
"required": true,
"title": "VPN Service id"
},
"local_address": {
"$ref": "IPAddress",
"description": "IPv4 or IPv6 Address for local endpoint.",
"required": true,
"title": "IP Address for local endpoint"
},
"local_id": {
"description": "Local identifier.",
"title": "Local identifier",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"trust_ca_ids": {
"description": "Certificate authority (CA) identifier list to verify peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate authority (CA) identifiers",
"type": "array"
},
"trust_crl_ids": {
"description": "Certificate revocation list (CRL) identifier list of peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate revocation list (CRL) Identifiers",
"type": "array"
}
},
"search_dsl_name": [
"ip sec vpn local endpoint (manager)"
],
"title": "IPSec VPN Local Endpoint",
"type": "object"
}
IPSecVPNLocalEndpointListParameters (type)
{
"additionalProperties": false,
"description": "Parameters to get the filtered list of IPSec VPN local endpoints. Both filter parameters can be provided as they are not mutually exclusive.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "IPSecVPNLocalEndpointListParameters",
"module_id": "IPSecVPN",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "All the local endpoints configured with the specified VPN Service id will be included in the result.",
"required": false,
"title": "Id of the IPSec VPN service",
"type": "string"
},
"logical_router_id": {
"description": "All the local endpoints belonging to the specified logical router id will be included in the result.",
"required": false,
"title": "Id of logical router",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List parameters for IPSec VPN local endpoints",
"type": "object"
}
IPSecVPNLocalEndpointListResult (type)
{
"additionalProperties": false,
"description": "List all the local endpoints.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVPNLocalEndpointListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNLocalEndpoint"
},
"required": true,
"title": "IPSec local endpoint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List local endpoints",
"type": "object"
}
IPSecVPNPeerEndpoint (type)
{
"additionalProperties": false,
"description": "IPSec VPN Peer Endpoint covers configuration to be applied locally to establish a session with remote endpoint on peer site.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IPSecVPNPeerEndpoint",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Authentication mode used for the peer authentication. For PSK (Pre Shared Key) authentication mode, 'psk' property is mandatory and for the CERTIFICATE authentication mode, 'peer_id' property is mandatory.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer endpoint. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_id": {
"description": "Dead peer detection (DPD) profile id. Default will be set according to system default policy.",
"title": "Dead peer detection (DPD) profile id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_id": {
"description": "IKE profile id to be used. Default will be set according to system default policy.",
"title": "Internet key exchange (IKE) profile id",
"type": "string"
},
"ipsec_tunnel_profile_id": {
"description": "Tunnel profile id to be used. By default it will point to system default profile.",
"title": "IPSec tunnel profile id",
"type": "string"
},
"peer_address": {
"description": "IPv4 or IPv6 address of peer endpoint on remote site.",
"required": true,
"title": "IP Address of peer endpoint.",
"type": "string"
},
"peer_id": {
"description": "Peer identifier.",
"required": true,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "secure_string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IPSec VPN Peer Endpoint",
"type": "object"
}
IPSecVPNPeerEndpointListResult (type)
{
"additionalProperties": false,
"description": "List all the peer endpoints.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVPNPeerEndpointListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNPeerEndpoint"
},
"required": true,
"title": "IPSec Peer endpoint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List peer endpoints",
"type": "object"
}
IPSecVPNPolicyRule (type)
{
"additionalProperties": false,
"description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy's match criteria.",
"extends": {
"$ref": "EmbeddedResource"
},
"id": "IPSecVPNPolicyRule",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink",
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"action": {
"default": "PROTECT",
"description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.",
"enum": [
"PROTECT",
"BYPASS"
],
"readonly": true,
"title": "Action to be applied",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of peer subnets.",
"items": {
"$ref": "IPSecVPNPolicySubnet"
},
"maxItems": 128,
"required": false,
"title": "Destination list",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "A flag to enable/disable the policy rule.",
"title": "Enabled flag",
"type": "boolean"
},
"id": {
"description": "Unique policy id.",
"title": "Unique policy id",
"type": "string"
},
"logged": {
"default": false,
"description": "A flag to enable/disable the logging for the policy rule.",
"title": "Logging flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sources": {
"description": "List of local subnets.",
"items": {
"$ref": "IPSecVPNPolicySubnet"
},
"maxItems": 128,
"required": false,
"title": "Source list",
"type": "array"
}
},
"title": "IPSec VPN policy rules",
"type": "object"
}
IPSecVPNPolicySubnet (type)
{
"additionalProperties": false,
"description": "Used to specify the local/peer subnets in IPSec VPN Policy rule.",
"id": "IPSecVPNPolicySubnet",
"module_id": "IPSecVPN",
"properties": {
"subnet": {
"$ref": "IPCIDRBlock",
"description": "Subnet used in policy rule.",
"required": true,
"title": "Peer or local subnet"
}
},
"title": "Subnet for IPSec Policy based VPN",
"type": "object"
}
IPSecVPNPolicyTrafficStatistics (type)
{
"additionalProperties": false,
"description": "IPSec VPN policy traffic statistics",
"id": "IPSecVPNPolicyTrafficStatistics",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters",
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"policy_id": {
"description": "Policy Identifier.",
"readonly": true,
"title": "Policy Identifier",
"type": "string"
},
"tunnel_port_id": {
"description": "Tunnel port identifier.",
"readonly": true,
"title": "Tunnel port identifier",
"type": "string"
},
"tunnel_statistics": {
"description": "Tunnel statistics.",
"items": {
"$ref": "IPSecVPNTunnelTrafficStatistics"
},
"readonly": true,
"title": "Tunnel statistics",
"type": "array"
}
},
"title": "IPSec VPN policy traffic statistics",
"type": "object"
}
IPSecVPNService (type)
{
"additionalProperties": false,
"description": "Create and manage IPSec VPN service for given logical router.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IPSecVPNService",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bypass_rules": {
"description": "Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session.",
"items": {
"$ref": "IPSecVPNPolicyRule"
},
"required": false,
"title": "Bypass Policy rules",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable VPN services for given logical router.",
"title": "Enable virtual private network (VPN) service",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_log_level": {
"default": "INFO",
"description": "Log level for internet key exchange (IKE).",
"enum": [
"DEBUG",
"INFO",
"WARN",
"ERROR",
"EMERGENCY"
],
"title": "Internet key exchange (IKE) log level",
"type": "string"
},
"ipsec_ha_sync": {
"default": true,
"description": "Enable/disable IPSec HA state sync. IPSec HA state sync can be disabled in case there are performance issues with the state sync messages. Default is to enable HA Sync.",
"title": "IPSec HA State Sync flag",
"type": "boolean"
},
"logical_router_id": {
"description": "Logical router id.",
"required": true,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IPSec VPN service",
"type": "object"
}
IPSecVPNServiceListResult (type)
{
"additionalProperties": false,
"description": "List all the IPSec VPN services.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVPNServiceListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNService"
},
"required": true,
"title": "IPSec VPN serivce list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List IPSec VPN services",
"type": "object"
}
IPSecVPNSession (type)
{
"abstract": true,
"additionalProperties": false,
"description": "VPN session defines connection between local and peer endpoint. Untill VPN session is defined configuration is not realized.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IPSecVPNSession",
"module_id": "IPSecVPN",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "Identifier of VPN Service linked with local endpoint.",
"readonly": true,
"title": "IPSec VPN service identifier",
"type": "string"
},
"local_endpoint_id": {
"description": "Local endpoint identifier.",
"required": true,
"title": "Local endpoint identifier",
"type": "string"
},
"peer_endpoint_id": {
"description": "Peer endpoint identifier.",
"required": true,
"title": "Peer endpoint identifier",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVPNSessionResourceType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMssClamping",
"required": false
}
},
"title": "IPSec VPN session",
"type": "object"
}
IPSecVPNSessionListParameters (type)
{
"additionalProperties": false,
"description": "Parameters to get filtered list of IPSec VPN Sessions. The filter parameters are not mutually exclusive and can be used together.",
"extends": {
"$ref": "ListRequestParameters"
},
"id": "IPSecVPNSessionListParameters",
"module_id": "IPSecVPN",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "All the IPSec VPN sessions configured with the specified VPN Service id will be included in the result.",
"required": false,
"title": "Id of the IPSec VPN service",
"type": "string"
},
"logical_router_id": {
"description": "All the VPN sessions belonging to the specified logical router id will be included in the result.",
"required": false,
"title": "Id of logical router",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"session_type": {
"$ref": "IPSecVPNSessionResourceType",
"description": "All the IPSec VPN sessions of specified type will be included in the result.",
"required": false,
"title": "Type of the vpn session"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List parameters for IPSec VPN Sessions",
"type": "object"
}
IPSecVPNSessionListResult (type)
{
"additionalProperties": false,
"description": "List all the IPSec VPN sessions.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVPNSessionListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNSession"
},
"required": true,
"title": "IPSec VPN sessions list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List IPSec VPN sessions",
"type": "object"
}
IPSecVPNSessionResourceType (type)
{
"additionalProperties": false,
"description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.",
"enum": [
"PolicyBasedIPSecVPNSession",
"RouteBasedIPSecVPNSession"
],
"id": "IPSecVPNSessionResourceType",
"module_id": "IPSecVPN",
"title": "Resource types of IPsec VPN session",
"type": "string"
}
IPSecVPNSessionState (type)
{
"description": "This holds the state of IPSec VPN Session. If there are errors in realizing session outside of MP, it gives details of the components and specific errors.",
"extends": {
"$ref": "EdgeConfigurationState"
},
"id": "IPSecVPNSessionState",
"module_id": "IPSecVPN",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement"
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"VC_VCP_ACTION_PENDING",
"VC_VCP_ACTION_FAILED",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Realization State of IPSec VPN Session.",
"type": "object"
}
IPSecVPNSessionStatistics (type)
{
"additionalProperties": false,
"description": "Session statistics gives aggregated statistics of all policies for all the tunnels.",
"id": "IPSecVPNSessionStatistics",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters",
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"display_name": {
"description": "Display name of vpn session.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"ike_status": {
"$ref": "IPSecVPNIKESessionStatus",
"description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.",
"readonly": true,
"title": "IKE status summary"
},
"ike_traffic_statistics": {
"$ref": "IPSecVPNIKETrafficStatistics",
"description": "Traffic statistics for IPSec VPN IKE session. Note - Not supported in this release.",
"readonly": true,
"title": "IKE traffic statistics"
},
"ipsec_vpn_session_id": {
"description": "UUID of vpn session.",
"readonly": true,
"title": "Session identifier",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"partial_stats": {
"description": "Partial statistics if true specifies that the statistics are only from active node.",
"readonly": true,
"title": "Partial Statistics",
"type": "boolean"
},
"policy_statistics": {
"description": "Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics.",
"items": {
"$ref": "IPSecVPNPolicyTrafficStatistics"
},
"readonly": true,
"title": "IPSec policy statistics",
"type": "array"
}
},
"title": "IPSec VPN session statistics",
"type": "object"
}
IPSecVPNSessionStatus (type)
{
"additionalProperties": false,
"description": "IKE session traffic summary provides IKE session status and aggregate of traffic across all tunnel.",
"id": "IPSecVPNSessionStatus",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters",
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"display_name": {
"description": "Display name of vpn session.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"failed_tunnels": {
"description": "Number of failed tunnels.",
"readonly": true,
"title": "Failed tunnels",
"type": "integer"
},
"ike_status": {
"$ref": "IPSecVPNIKESessionStatus",
"description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.",
"readonly": true,
"title": "IKE status"
},
"ipsec_vpn_session_id": {
"description": "UUID of vpn session.",
"readonly": true,
"title": "Session identifier",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"negotiated_tunnels": {
"description": "Number of negotiated tunnels.",
"readonly": true,
"title": "Negotiated tunnels",
"type": "integer"
},
"session_status": {
"description": "Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED.",
"enum": [
"UP",
"DOWN",
"DEGRADED"
],
"readonly": true,
"title": "Session status",
"type": "string"
},
"total_tunnels": {
"description": "Total number of tunnels.",
"readonly": true,
"title": "Total tunnels",
"type": "integer"
}
},
"title": "IKE session traffic summary",
"type": "object"
}
IPSecVPNSessionSummary (type)
{
"additionalProperties": false,
"description": "Summarized view of all selected IPSec VPN sessions.",
"id": "IPSecVPNSessionSummary",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters",
"description": "Aggregate traffic statistics across all selected sessions.",
"title": "Traffic summary"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"session_summary": {
"$ref": "IPsecVPNIKESessionSummary",
"description": "Session summary for number of total, established, failed and degraded IPSec VPN sessions.",
"readonly": true,
"title": "Session summary"
},
"traffic_summary_per_session": {
"description": "Traffic summary per session.",
"items": {
"$ref": "IPSecVPNSessionTrafficSummary"
},
"title": "Traffic summary",
"type": "array"
}
},
"title": "IPSec VPN session summary",
"type": "object"
}
IPSecVPNSessionTrafficSummary (type)
{
"additionalProperties": false,
"description": "Provides the following details for all IPSec tunnels in an IPSec VPN session since the time the tunnels are UP: - VPN session name. - Incoming packet count. - Outgoing packet count. - Dropped packet count.",
"id": "IPSecVPNSessionTrafficSummary",
"module_id": "VPNStatistics",
"properties": {
"ipsec_vpn_session": {
"$ref": "ResourceReference",
"description": "VPN Session.",
"readonly": true,
"title": "VPN session"
},
"traffic_counters": {
"$ref": "IPSecVPNTrafficCounters",
"description": "Provides the traffic statistics for all IPSec tunnels in an IPSec VPN session since the time the tunnels are UP. It includes the number of incoming, outgoing and dropped packet counters.",
"readonly": true,
"title": "Traffic statistics"
}
},
"title": "IPSec VPN session traffic summary",
"type": "object"
}
IPSecVPNTrafficCounters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"deprecation_advice": "<br> Please use below Policy APIs to get IPSecVpnTrafficCounters. <br> GET /policy/api/v1/infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/statistics <br> GET /policy/api/v1/infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/statistics",
"description": "Provides the following traffic statistics for IPSec VPN tunnels since the time the tunnels are UP: - Incoming packet count. - Outgoing packet count. - Dropped packet count.",
"id": "IPSecVPNTrafficCounters",
"module_id": "VPNStatistics",
"properties": {
"bytes_in": {
"description": "Total number of traffic bytes received on inbound security association.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of traffic bytes sent on outbound security association.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"dropped_packets_in": {
"description": "Total number of incoming packets dropped on inbound security association.",
"readonly": true,
"title": "Dropped incoming packets",
"type": "integer"
},
"dropped_packets_out": {
"description": "Total number of outgoing packets dropped on outbound security association.",
"readonly": true,
"title": "Dropped outgoing packets",
"type": "integer"
},
"packets_in": {
"description": "Total number of packets received on inbound security association.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of packets sent on outbound security association.",
"readonly": true,
"title": "Packets out",
"type": "integer"
}
},
"title": "IPSec VPN traffic counters",
"type": "object"
}
IPSecVPNTransportStatus (type)
{
"additionalProperties": false,
"description": "Provides IPSec VPN session status.",
"extends": {
"$ref": "L2VPNTransportTunnelStatus"
},
"id": "IPSecVPNTransportStatus",
"module_id": "L2VPNStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "IPSecVPNTransportStatus"
},
"properties": {
"resource_type": {
"$ref": "TransportTunnelResourceType",
"required": true
},
"status": {
"$ref": "IPSecVPNSessionStatus",
"description": "VPN session status provides IKE session status and aggregate of traffic across all tunnel.",
"readonly": true,
"title": "IPSec vpn session status"
},
"tunnel_id": {
"$ref": "ResourceReference",
"description": "Transport tunnel id.",
"readonly": true,
"title": "Transport tunnel id"
}
},
"title": "VPN Session status",
"type": "object"
}
IPSecVPNTunnelProfile (type)
{
"additionalProperties": false,
"description": "IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IPSecVPNTunnelProfile",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"df_policy": {
"default": "COPY",
"description": "Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.",
"enum": [
"COPY",
"CLEAR"
],
"title": "Policy for handling defragmentation bit",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DHGroup"
},
"title": "DH group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm \"AES_GCM_128\".",
"items": {
"$ref": "TunnelDigestAlgorithm"
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_perfect_forward_secrecy": {
"default": true,
"description": "If true, perfect forward secrecy (PFS) is enabled.",
"title": "Enable perfect forward secrecy",
"type": "boolean"
},
"encapsulation_mode": {
"default": "TUNNEL_MODE",
"description": "Encapsulation Mode to be used for encryption of packet. Tunnel mode protects internal routing information by encrypting IP header of original packet.",
"enum": [
"TUNNEL_MODE"
],
"readonly": true,
"title": "Encapsulation Mode",
"type": "string"
},
"encryption_algorithms": {
"description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.",
"items": {
"$ref": "TunnelEncryptionAlgorithm"
},
"title": "Encryption algorithm to use in tunnel establishement",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 3600,
"description": "SA life time specifies the expiry time of security association. Default is 3600 seconds.",
"maximum": 31536000,
"minimum": 900,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transform_protocol": {
"default": "ESP",
"description": "IPSec transform specifies IPSec security protocol.",
"enum": [
"ESP"
],
"readonly": true,
"title": "Tunnel protocol",
"type": "string"
}
},
"search_dsl_name": [
"ip sec vpn tunnel profile (manager)"
],
"title": "IPSec VPN tunnel profile",
"type": "object"
}
IPSecVPNTunnelProfileListResult (type)
{
"additionalProperties": false,
"description": "List all the tunnel profiles.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVPNTunnelProfileListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNTunnelProfile"
},
"required": true,
"title": "IPSec Tunnel Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List tunnel profiles",
"type": "object"
}
IPSecVPNTunnelTrafficStatistics (type)
{
"additionalProperties": false,
"description": "IPSec VPN tunnel traffic statistics.",
"id": "IPSecVPNTunnelTrafficStatistics",
"module_id": "VPNStatistics",
"properties": {
"bytes_in": {
"description": "Total number of incoming bytes on inbound Security association (SA).",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of outgoing bytes on outbound Security association (SA).",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"decryption_failures": {
"description": "Total number of packets dropped due to decryption failures.",
"readonly": true,
"title": "Decryption failures",
"type": "integer"
},
"dropped_packets_in": {
"description": "Total number of incoming packets dropped on inbound security association.",
"readonly": true,
"title": "Dropped incoming packets",
"type": "integer"
},
"dropped_packets_out": {
"description": "Total number of outgoing packets dropped on outbound security association.",
"readonly": true,
"title": "Dropped outgoing packets",
"type": "integer"
},
"encryption_failures": {
"description": "Total number of packets dropped because of failure in encryption.",
"readonly": true,
"title": "Encryption failures",
"type": "integer"
},
"integrity_failures": {
"description": "Total number of packets dropped due to integrity failures.",
"readonly": true,
"title": "Integrity failures",
"type": "integer"
},
"local_subnet": {
"description": "Local subnet to which a tunnel belongs.",
"readonly": true,
"title": "Local subnet",
"type": "string"
},
"nomatching_policy_errors": {
"description": "Number of packets dropped because of no matching policy is available.",
"readonly": true,
"title": "Nomatching Policy errors",
"type": "integer"
},
"packets_in": {
"description": "Total number of incoming packets on inbound Security association (SA).",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of outgoing packets on outbound Security association (SA).",
"readonly": true,
"title": "Packets out",
"type": "integer"
},
"packets_receive_other_error": {
"description": "Total number of incoming packets dropped on inbound Security association (SA)(misc).",
"readonly": true,
"title": "Packets receive other error",
"type": "integer"
},
"packets_sent_other_error": {
"description": "Total number of packets dropped while sending for any reason.",
"readonly": true,
"title": "Packets sent other error",
"type": "integer"
},
"peer_subnet": {
"description": "Peer subnet to which a tunnel belongs.",
"readonly": true,
"title": "Peer subnet",
"type": "string"
},
"policy_id": {
"description": "Policy UUID of IPSec Tunnel.",
"readonly": true,
"title": "Policy Identifier",
"type": "string"
},
"replay_errors": {
"description": "Total number of packets dropped due to replay check on that Security association (SA).",
"readonly": true,
"title": "Replay errors",
"type": "integer"
},
"sa_mismatch_errors_in": {
"description": "Totoal number of security association (SA) mismatch errors on incoming packets.",
"readonly": true,
"title": "Security association (SA) mismatch errors on incoming packets",
"type": "integer"
},
"sa_mismatch_errors_out": {
"description": "Totoal number of security association (SA) mismatch errors on outgoing packets.",
"readonly": true,
"title": "Security association (SA) mismatch errors on outgoing packets",
"type": "integer"
},
"seq_number_overflow_error": {
"description": "Total number of packets dropped while sending due to overflow in sequence number.",
"readonly": true,
"title": "Sequence number overflow error",
"type": "integer"
},
"tunnel_down_reason": {
"description": "Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty.",
"readonly": true,
"title": "Tunnel down reason",
"type": "string"
},
"tunnel_status": {
"description": "Specifies the status of tunnel. If all the SA (Security association) are negotiated then tunnels status will be UP. If negotiation fails for the SAs status will be DOWN, if SAs are in negotiating phase tunnels status will be NEGOTIATING.",
"enum": [
"UP",
"DOWN",
"NEGOTIATING"
],
"readonly": true,
"title": "Tunnel Status",
"type": "string"
}
},
"title": "IPSec VPN tunnel traffic statistics",
"type": "object"
}
IPSecVpnDpdProfile (type)
{
"additionalProperties": false,
"description": "Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPSecVpnDpdProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_probe_interval": {
"description": "DPD probe interval defines an interval for DPD probes (in seconds). - When the DPD probe mode is periodic, this interval is the number of seconds between DPD messages. - When the DPD probe mode is on-demand, this interval is the number of seconds during which traffic is not received from the peer before DPD retry messages are sent if there is IPSec traffic to send. For PERIODIC Mode: Minimum: 3 Maximum: 360 Default: 60 For ON_DEMAND Mode: Minimum: 1 Maximum: 10 Default: 10",
"title": "DPD Probe Interval",
"type": "integer"
},
"dpd_probe_mode": {
"default": "PERIODIC",
"description": "DPD probe mode is used to query the liveliness of the peer. Two modes are possible: - PERIODIC: is used to query the liveliness of the peer at regular intervals (dpd_probe_interval). It does not take into consideration traffic coming from the peer. The benefit of this mode over the on-demand mode is earlier detection of dead peers. However, use of periodic DPD incurs extra overhead. When communicating to large numbers of peers, please consider using on-demand DPD instead. - ON_DEMAND: is used to query the liveliness of the peer by instructing the local endpoint to send DPD message to a peer if there is traffic to send to the peer AND the peer was idle for dpd_probe_interval seconds (i.e. there was no traffic from the peer for dpd_probe_interval seconds).",
"enum": [
"PERIODIC",
"ON_DEMAND"
],
"title": "DPD Probe Mode",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable dead peer detection.",
"title": "Enable dead peer detection (DPD)",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"retry_count": {
"default": 10,
"description": "Maximum number of DPD messages' retry attempts. This value is applicable for both dpd probe modes, periodic and on-demand.",
"maximum": 100,
"minimum": 1,
"title": "Retry Count",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Dead peer detection (DPD) profile",
"type": "object"
}
IPSecVpnDpdProfileListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnDpdProfile.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPSecVpnDpdProfileListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnDpdProfile list request parameters",
"type": "object"
}
IPSecVpnDpdProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnDpdProfile.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVpnDpdProfileListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnDpdProfile list results.",
"items": {
"$ref": "IPSecVpnDpdProfile"
},
"required": true,
"title": "IPSecVpnDpdProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnDpdProfile",
"type": "object"
}
IPSecVpnIkeProfile (type)
{
"additionalProperties": false,
"description": "IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPSecVpnIkeProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DhGroup"
},
"title": "DH group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. A default value of SHA2_256 will be applied only when the supplied encryption algorithms contain either AES_128 or AES_256.",
"items": {
"$ref": "IkeDigestAlgorithm"
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encryption_algorithms": {
"description": "Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.",
"items": {
"$ref": "IkeEncryptionAlgorithm"
},
"title": "Encryption algorithm for IKE",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_version": {
"default": "IKE_V2",
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"enum": [
"IKE_V1",
"IKE_V2",
"IKE_FLEX"
],
"title": "IKE version",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 86400,
"description": "Life time for security association. Default is 86400 seconds (1 day).",
"maximum": 31536000,
"minimum": 21600,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Internet key exchange (IKE) profile",
"type": "object"
}
IPSecVpnIkeProfileListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnIkeProfile.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPSecVpnIkeProfileListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnIkeProfile list request parameters",
"type": "object"
}
IPSecVpnIkeProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnIkeProfile.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVpnIkeProfileListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnIkeProfile list results.",
"items": {
"$ref": "IPSecVpnIkeProfile"
},
"required": true,
"title": "IPSecVpnIkeProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnIkeProfile",
"type": "object"
}
IPSecVpnIkeSessionStatus (type)
{
"additionalProperties": false,
"description": "Status for IPSec VPN Ike session UP, DOWN, NEGOTIATING and fail reason if Ike session is down.",
"id": "IPSecVpnIkeSessionStatus",
"module_id": "PolicyVPNStatistics",
"properties": {
"fail_reason": {
"description": "Reason for failure.",
"readonly": true,
"title": "Fail reason",
"type": "string"
},
"ike_session_state": {
"description": "Ike session service status UP, DOWN and NEGOTIATING.",
"enum": [
"UP",
"DOWN",
"NEGOTIATING"
],
"readonly": true,
"title": "Ike session state",
"type": "string"
}
},
"title": "Ike session status",
"type": "object"
}
IPSecVpnIkeTrafficStatistics (type)
{
"additionalProperties": false,
"description": "Provides the following IKE control plane statistics for an IPSec VPN session: - Incoming packet count. - Outgoing packet count. - Dropped packet count. Note: IKE traffic statistics are not supported.",
"id": "IPSecVpnIkeTrafficStatistics",
"module_id": "PolicyVPNStatistics",
"properties": {
"bytes_in": {
"description": "The total number of IKE packet bytes received.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "The total number of IKE packet bytes sent.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"fail_count": {
"description": "The total number of IKE packets dropped.",
"readonly": true,
"title": "Fail count",
"type": "integer"
},
"packets_in": {
"description": "The total number of IKE packets received.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "The total number of IKE packets sent.",
"readonly": true,
"title": "Packets out",
"type": "integer"
}
},
"title": "IKE traffic statistics",
"type": "object"
}
IPSecVpnLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Local endpoint represents a tier-0/tier-1 on which tunnel needs to be terminated. In federation, all the configuration done for the local endpoint on GM will be realized based on the scope attribute at the corresponding LM. Local endpoint without any scope will be realized on all sites. The scope attribute is applicable only on GM not on LM.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPSecVpnLocalEndpoint",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_path": {
"description": "Policy path referencing site certificate.",
"title": "Certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"local_address": {
"$ref": "IPAddress",
"description": "IPv4 or IPv6 Address of local endpoint. Please note that configuring local_address as IPv6 address is not supported in the deprecated IPSecVpnLocalEndpoint Patch/PUT APIs.",
"required": true,
"title": "IPv4 or IPv6 Address of local endpoint"
},
"local_id": {
"description": "Local identifier.",
"title": "Local identifier",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "Scope attribute refers to the Policy path identifying the LocaleService of specific site where all the local end point configurations will be realized. In federation, all the configuration done for the local endpoint on GM will be realized based on the scope at the corresponding LM. Local endpoint without any scope will be realized on all sites. This attribute will not be applicable on LM.",
"required": false,
"title": "scope identify the site to which LocalEndpoint configuration associated with. Applicable only in GM",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_LOCALE_SERVICE_RELATIONSHIP",
"rightType": [
"LocaleServices"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"trust_ca_paths": {
"description": "List of policy paths referencing certificate authority (CA) to verify peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate authority (CA) paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"trust_crl_paths": {
"description": "List of policy paths referencing certificate revocation list (CRL) to peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate revocation list (CRL) paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CRL_RELATIONSHIP",
"rightType": [
"TlsCrl"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN Local Endpoint",
"type": "object"
}
IPSecVpnLocalEndpointListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnLocalEndpoint.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPSecVpnLocalEndpointListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnLocalEndpoint list request parameters",
"type": "object"
}
IPSecVpnLocalEndpointListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnLocalEndpoint.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVpnLocalEndpointListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnLocalEndpoint list results.",
"items": {
"$ref": "IPSecVpnLocalEndpoint"
},
"required": true,
"title": "IPSecVpnLocalEndpoint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnLocalEndpoint",
"type": "object"
}
IPSecVpnRule (type)
{
"additionalProperties": false,
"description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy\u2019s match criteria.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPSecVpnRule",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"default": "PROTECT",
"description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.",
"enum": [
"PROTECT",
"BYPASS"
],
"readonly": true,
"title": "Action to be applied",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of IPv4 or IPv6 peer subnets. Specifying no value is interpreted as 0.0.0.0/0, ::/0. The maximum number of IPv4 or IPv6 local subnets allowed is 128 Please note that configuring IPv6 peer subnets is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"items": {
"$ref": "IPSecVpnSubnet"
},
"maxItems": 256,
"required": false,
"title": "Destination list",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "A flag to enable/disable the rule.",
"title": "Enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logged": {
"default": false,
"description": "A flag to enable/disable the logging for the rule.",
"title": "Logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "A sequence number is used to give a priority to an IPSecVpnRule.",
"minimum": 0,
"required": false,
"title": "Sequence number of the IPSecVpnRule",
"type": "int"
},
"sources": {
"description": "List of IPv4 or IPv6 local subnets. Specifying no value is interpreted as 0.0.0.0/0, ::/0. The maximum number of IPv4 or IPv6 local subnets allowed is 128 Please note that configuring IPv6 local subnets is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"items": {
"$ref": "IPSecVpnSubnet"
},
"maxItems": 256,
"required": false,
"title": "Source list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN Rule",
"type": "object"
}
IPSecVpnService (type)
{
"additionalProperties": false,
"description": "Create and manage IPSec VPN service under tier-0/tier-1.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPSecVpnService",
"module_id": "PolicyVpnIPSecVpn",
"policy_hierarchical_children": [
"ChildIPSecVpnLocalEndpoint",
"ChildIPSecVpnSession"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bypass_rules": {
"description": "Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session.",
"items": {
"$ref": "IPSecVpnRule"
},
"required": false,
"title": "Bypass Policy rules",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable VPN services under tier-0/tier-1.",
"title": "Enable virtual private network (VPN) service",
"type": "boolean"
},
"ha_sync": {
"default": true,
"description": "Enable/disable IPSec HA state sync. IPSec HA state sync can be disabled if in case there are performance issues w.r.t. the state sync messages.",
"title": "Flag to enable IPSec HA State Sync",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_log_level": {
"default": "INFO",
"description": "Log level for internet key exchange (IKE).",
"enum": [
"DEBUG",
"INFO",
"WARN",
"ERROR",
"EMERGENCY"
],
"title": "Internet key exchange (IKE) log level",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN service",
"type": "object"
}
IPSecVpnServiceListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnService.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPSecVpnServiceListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnService list request parameters",
"type": "object"
}
IPSecVpnServiceListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnService.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVpnServiceListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnService list results.",
"items": {
"$ref": "IPSecVpnService"
},
"required": true,
"title": "IPSecVpnService list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnService",
"type": "object"
}
IPSecVpnSession (type)
{
"abstract": true,
"additionalProperties": false,
"description": "VPN session defines connection between local and peer endpoint. Until VPN session is defined configuration is not realized.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"compliance_suite": {
"description": "Compliance suite.",
"enum": [
"CNSA",
"SUITE_B_GCM_128",
"SUITE_B_GCM_256",
"PRIME",
"FOUNDATION",
"FIPS",
"NONE"
],
"title": "Compliance suite",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_path": {
"description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.",
"title": "Dead peer detection (DPD) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
}
]
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_path": {
"description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.",
"title": "Internet key exchange (IKE) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
}
]
},
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"$ref": "IPAddress",
"description": "Public IPV4 or IPV6 address of the remote device terminating the VPN connection. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided. Please note that configuring peer_address as IPv6 address is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"required": false,
"title": "IPV4 or IPV6 address of peer endpoint on remote site"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "secure_string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVpnSessionResourceType",
"required": true
},
"site_overrides": {
"description": "A collection of site specific attributes specificed only on GM",
"items": {
"$ref": "SiteOverride"
},
"maxItems": 128,
"required": false,
"title": "SiteOverride list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMaximumSegmentSizeClamping",
"description": "TCP Maximum Segment Size Clamping Direction and Value.",
"title": "TCP MSS Clamping"
},
"tunnel_profile_path": {
"description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.",
"title": "IPSec tunnel profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN session",
"type": "object"
}
IPSecVpnSessionListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnSession.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPSecVpnSessionListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnSession list request parameters",
"type": "object"
}
IPSecVpnSessionListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnSession.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVpnSessionListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnSession list results.",
"items": {
"$ref": "IPSecVpnSession"
},
"required": true,
"title": "IPSecVpnSession list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnSession",
"type": "object"
}
IPSecVpnSessionResourceType (type)
{
"additionalProperties": false,
"description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.",
"enum": [
"PolicyBasedIPSecVpnSession",
"RouteBasedIPSecVpnSession"
],
"id": "IPSecVpnSessionResourceType",
"module_id": "PolicyVpnIPSecVpn",
"title": "Resource types of IPsec VPN session",
"type": "string"
}
IPSecVpnSessionStatisticsNsxT (type)
{
"additionalProperties": false,
"description": "Provides the following details for an IPSec VPN session for a given enforcement point: - <b>Aggregated IPSec tunnel statistics</b> which includes the number of incoming, outgoing and dropped packet counters since the time the tunnels are UP. - <b>Aggregated IPSec tunnel statistics under a policy</b> which includes the number of incoming, outgoing and dropped packet counters of all IPSec tunnels under the policy since the time the tunnels are UP. - <b>Individual tunnel statistics under a policy</b> which includes the number of incoming, outgoing and dropped packet counters. It also provides details of errors and failures causing the drops since the time the tunnel is UP. - Tunnel subnet details and state of all individual tunnels under a policy. - Alarm information details. - VPN session name. - IKE status summary. Note: IKE traffic statistics are not supported.",
"extends": {
"$ref": "IPSecVpnSessionStatisticsPerEP"
},
"id": "IPSecVpnSessionStatisticsNsxT",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"type-identifier": "IPSecVpnSessionStatisticsNsxT"
},
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVpnTrafficCounters",
"description": "Provides the aggregated traffic statistics of all IPSec tunnels since the time the tunnels are UP. It includes the number of incoming, outgoing and dropped packet counters.",
"readonly": true,
"title": "IPSec VPN traffic summary"
},
"alarm": {
"$ref": "PolicyRuntimeAlarm",
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"display_name": {
"description": "Display Name of vpn session.",
"readonly": true,
"title": "Display Name",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"ike_status": {
"$ref": "IPSecVpnIkeSessionStatus",
"description": "Status for IPSec VPN Ike session UP/DOWN and fail reason if Ike session is down.",
"readonly": true,
"title": "Ike status summary"
},
"ike_traffic_statistics": {
"$ref": "IPSecVpnIkeTrafficStatistics",
"description": "Provides the aggregated IKE control plane statistics for an IPSec VPN session. It includes the number of incoming, outgoing and dropped packet counters. Note: IKE traffic statistics are not supported.",
"readonly": true,
"title": "IKE traffic statistics"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"policy_statistics": {
"description": "Provides the aggregated traffic statistics of all IPSec tunnels under a policy and individual tunnel statistics associated with the policy. It includes the number of incoming, outgoing and dropped packet counters and, the number of errors and failures causing the drops. The counters are from the time the tunnels are UP. The individual tunnel subnets and state along with policy path referencing the IPSec VPN Rule and IPSec VPN Tunnel Interface are also available.",
"items": {
"$ref": "IpSecVpnPolicyTrafficStatistics"
},
"readonly": true,
"title": "Policy traffic statistics",
"type": "array"
},
"resource_type": {
"enum": [
"IPSecVpnSessionStatisticsNsxT"
],
"required": true,
"type": "string"
}
},
"title": "IPSec VPN session statistics",
"type": "object"
}
IPSecVpnSessionStatisticsPerEP (type)
{
"abstract": true,
"description": "IPSec VPN Session Statistics Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP"
},
"id": "IPSecVpnSessionStatisticsPerEP",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm",
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"IPSecVpnSessionStatisticsNsxT"
],
"required": true,
"type": "string"
}
},
"title": "IPSec VPN Session Statistics Per Enforcement Point",
"type": "object"
}
IPSecVpnSessionStatusNsxT (type)
{
"additionalProperties": false,
"description": "IPSec VPN Session Status represents status on an NSX-T type of enforcement point.",
"extends": {
"$ref": "IPSecVpnSessionStatusPerEP"
},
"id": "IPSecVpnSessionStatusNsxT",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"type-identifier": "IPSecVpnSessionStatusNsxT"
},
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVpnTrafficCounters",
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"alarm": {
"$ref": "PolicyRuntimeAlarm",
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"display_name": {
"description": "Display Name of vpn session.",
"readonly": true,
"title": "Display Name",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"failed_tunnels": {
"description": "Number of failed tunnels.",
"readonly": true,
"title": "Failed tunnels",
"type": "integer"
},
"ike_status": {
"$ref": "IPSecVpnIkeSessionStatus",
"description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.",
"readonly": true,
"title": "IKE status"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp",
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"negotiated_tunnels": {
"description": "Number of negotiated tunnels.",
"readonly": true,
"title": "Negotiated tunnels",
"type": "integer"
},
"resource_type": {
"enum": [
"IPSecVpnSessionStatusNsxT"
],
"required": true,
"type": "string"
},
"runtime_status": {
"description": "Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED.",
"enum": [
"UP",
"DOWN",
"DEGRADED"
],
"readonly": true,
"title": "Session Runtime Status",
"type": "string"
},
"total_tunnels": {
"description": "Total number of tunnels.",
"readonly": true,
"title": "Total tunnels",
"type": "integer"
}
},
"title": "IPSec VPN session traffic summary",
"type": "object"
}
IPSecVpnSessionStatusPerEP (type)
{
"abstract": true,
"description": "IPSec VPN Session Status Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP"
},
"id": "IPSecVpnSessionStatusPerEP",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm",
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"IPSecVpnSessionStatusNsxT"
],
"required": true,
"type": "string"
}
},
"title": "IPSec VPN Session Status Per Enforcement Point",
"type": "object"
}
IPSecVpnSubnet (type)
{
"additionalProperties": false,
"description": "Used to specify the local/peer subnets in IPSec VPN rule.",
"id": "IPSecVpnSubnet",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"subnet": {
"$ref": "IPCIDRBlock",
"description": "Subnet used in policy rule.",
"required": true,
"title": "IPv4/IPv6 Peer or local subnet"
}
},
"title": "Subnet for IPSec Policy based VPN",
"type": "object"
}
IPSecVpnTrafficCounters (type)
{
"additionalProperties": false,
"description": "Provides the following traffic statistics for IPSec VPN tunnels since the time the tunnels are UP: - Incoming packet count. - Outgoing packet count. - Dropped packet count.",
"id": "IPSecVpnTrafficCounters",
"module_id": "PolicyVPNStatistics",
"properties": {
"bytes_in": {
"description": "The total number of traffic bytes received on the inbound security association.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "The total number of traffic bytes sent on the outbound security association.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"dropped_packets_in": {
"description": "The total number of incoming packets dropped on the inbound security association.",
"readonly": true,
"title": "Dropped incoming packets",
"type": "integer"
},
"dropped_packets_out": {
"description": "The total number of outgoing packets dropped on the outbound security association.",
"readonly": true,
"title": "Dropped outgoing packets",
"type": "integer"
},
"packets_in": {
"description": "The total number of packets received on the inbound security association.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "The total number of packets sent on the outbound security association.",
"readonly": true,
"title": "Packets out",
"type": "integer"
}
},
"title": "IPSec VPN traffic counters",
"type": "object"
}
IPSecVpnTransportStatus (type)
{
"additionalProperties": false,
"description": "Provides IPSec VPN session status.",
"extends": {
"$ref": "L2VPNSessionTransportTunnelStatus"
},
"id": "IPSecVpnTransportStatus",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"type-identifier": "IPSecVpnTransportStatus"
},
"properties": {
"resource_type": {
"enum": [
"IPSecVpnTransportStatus"
],
"required": true,
"type": "string"
},
"session_status": {
"$ref": "IPSecVpnSessionStatusNsxT",
"readonly": true,
"title": "IPSec VPN Session status"
},
"transport_tunnel_path": {
"description": "Policy path referencing Transport Tunnel.",
"readonly": true,
"title": "Policy path referencing Transport Tunnel",
"type": "string"
}
},
"title": "IPSec VPN Session status",
"type": "object"
}
IPSecVpnTunnelInterface (type)
{
"additionalProperties": false,
"description": "IP tunnel interface configuration.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPSecVpnTunnelInterface",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_subnets": {
"description": "IP Tunnel interface (commonly referred as VTI) subnet. Supports assigning both IPv4 and IPV6 subnets to VTI. If two IPs are provided for VTI, both cannot be of same IP versions. Please note that configuring IPv6 subnets to VTI is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"items": {
"$ref": "TunnelInterfaceIPSubnet"
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "IP Tunnel interface subnet",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP tunnel interface configuration",
"type": "object"
}
IPSecVpnTunnelProfile (type)
{
"additionalProperties": false,
"description": "IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and IPSec tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IPSecVpnTunnelProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"df_policy": {
"default": "COPY",
"description": "Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.",
"enum": [
"COPY",
"CLEAR"
],
"title": "Policy for handling defragmentation bit",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DhGroup"
},
"title": "Dh group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm \"AES_GCM_128\".",
"items": {
"$ref": "IPSecDigestAlgorithm"
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_perfect_forward_secrecy": {
"default": true,
"description": "If true, perfect forward secrecy (PFS) is enabled.",
"title": "Enable perfect forward secrecy",
"type": "boolean"
},
"encryption_algorithms": {
"description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.",
"items": {
"$ref": "IPSecEncryptionAlgorithm"
},
"title": "Encryption algorithm to use in IPSec tunnel establishement",
"type": "array"
},
"extended_attributes": {
"description": "Collection of type specific properties. As of now, to hold encapsulation mode and transform protocol.",
"items": {
"$ref": "AttributeVal"
},
"readonly": true,
"required": false,
"title": "Extended Attributes.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 3600,
"description": "SA life time specifies the expiry time of security association. Default is 3600 seconds.",
"maximum": 31536000,
"minimum": 900,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN tunnel profile",
"type": "object"
}
IPSecVpnTunnelProfileListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnTunnelProfile.",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IPSecVpnTunnelProfileListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnTunnelProfile list request parameters",
"type": "object"
}
IPSecVpnTunnelProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnTunnelProfile.",
"extends": {
"$ref": "ListResult"
},
"id": "IPSecVpnTunnelProfileListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnTunnelProfile list results.",
"items": {
"$ref": "IPSecVpnTunnelProfile"
},
"required": true,
"title": "IPSecVpnTunnelProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnTunnelProfile",
"type": "object"
}
IPSet (type)
{
"additionalProperties": false,
"description": "IPSet is used to group individual IP addresses, range of IP addresses or subnets. An IPSet is a homogeneous group of IP addresses, either of type IPv4 or of type IPv6. IPSets can be used as source or destination in firewall rules. These can also be used as members of NSGroups.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IPSet",
"module_id": "IPSet",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"items": {
"$ref": "IPElement"
},
"maxItems": 4000,
"required": false,
"title": "IP addresses",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Set of one or more IP addresses",
"type": "object"
}
IPSetDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters"
},
"id": "IPSetDeleteRequestParameters",
"module_id": "IPSet",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "IPSet delete request parameters",
"type": "object"
}
IPSetListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters"
},
"id": "IPSetListRequestParameters",
"module_id": "IPSet",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSet list request parameters",
"type": "object"
}
IPSetListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IPSetListResult",
"module_id": "IPSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSet"
},
"required": true,
"title": "IPSet list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IPSets",
"type": "object"
}
IPSubnet (type)
{
"additionalProperties": false,
"id": "IPSubnet",
"module_id": "LogicalRouterPorts",
"properties": {
"ip_addresses": {
"description": "All IP addresses, some of which may be automatically configured. When updating this field, the payload may contain only the IP addresses that should be changed, or may contain the IP addresses to change as well as the automatically assigned addresses. Currently, only one updatable address and one system-maintained address are supported. Currently, the system-maintained address supported is Extended Unique Identifier(EUI)-64 address. EUI-64 address is generated by the system only when user configured ip-subnet has prefix length less than or equal to 64.",
"items": {
"$ref": "IPAddress"
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "IP Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
IPsecVPNIKESessionSummary (type)
{
"additionalProperties": false,
"description": "Provides the below summary of session status for all IPSec VPN sessions: - Total number of sessions configured. - Total number of failed sessions. - Total number of degraded sessions. - Total number of established sessions.",
"id": "IPsecVPNIKESessionSummary",
"module_id": "VPNStatistics",
"properties": {
"degraded_sessions": {
"description": "The number of degraded IPSec VPN sessions.",
"readonly": true,
"title": "Degraded sessions",
"type": "integer"
},
"established_sessions": {
"description": "The number of established IPSec VPN sessions.",
"readonly": true,
"title": "Established sessions",
"type": "integer"
},
"failed_sessions": {
"description": "The number of failed IPSec VPN sessions.",
"readonly": true,
"title": "Failed sessions",
"type": "integer"
},
"total_sessions": {
"description": "The total number of IPSec VPN sessions configured.",
"readonly": true,
"title": "Total sessions",
"type": "integer"
}
},
"title": "IPSec VPN session status summary",
"type": "object"
}
IPv4Address (type)
{
"format": "ipv4",
"id": "IPv4Address",
"module_id": "Common",
"title": "IPv4 address",
"type": "string"
}
IPv4AddressProperties (type)
{
"additionalProperties": false,
"id": "IPv4AddressProperties",
"properties": {
"ip_address": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface IPv4 address",
"type": "string"
},
"netmask": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface netmask",
"type": "string"
}
},
"title": "IPv4 address properties",
"type": "object"
}
IPv4CIDRBlock (type)
{
"format": "ipv4-cidr-block",
"id": "IPv4CIDRBlock",
"module_id": "Common",
"title": "IPv4 CIDR Block",
"type": "string"
}
IPv4DhcpServer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP server to support IPv4 DHCP service. Properties defined at DHCP server level can be overridden by ip-pool or static-binding level properties.",
"id": "IPv4DhcpServer",
"module_id": "Dhcp",
"properties": {
"dhcp_server_ip": {
"$ref": "IPv4CIDRBlock",
"description": "DHCP server ip in CIDR format.",
"required": true,
"title": "DHCP server ip in CIDR format"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv4Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_name": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"format": "hostname",
"required": false,
"title": "Domain name",
"type": "string"
},
"gateway_ip": {
"$ref": "IPv4Address",
"description": "Gateway ip to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"required": false,
"title": "Gateway ip"
},
"monitor_ippool_usage": {
"default": false,
"description": "Enable or disable monitoring of DHCP ip-pools usage. When enabled, system events are generated when pool usage exceeds the configured thresholds. System events can be viewed in REST API /api/v2/hpm/alarms",
"required": false,
"title": "Enable/disable monitoring DHCP ip-pool usage",
"type": "boolean"
},
"options": {
"$ref": "DhcpOptions",
"description": "Defines the default options for all ip-pools and static-bindings of this server. These options will be ignored if options are defined for ip-pools or static-bindings.",
"required": false,
"title": "DHCP options"
}
},
"title": "DHCP server to support IPv4 DHCP service",
"type": "object"
}
IPv4DiscoveryOptions (type)
{
"additionalProperties": false,
"description": "Contains IPv4 related discovery options.",
"id": "IPv4DiscoveryOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"arp_snooping_config": {
"$ref": "ArpSnoopingConfig",
"description": "Indicates ARP snooping options",
"required": false,
"title": "ARP snooping configuration"
},
"dhcp_snooping_enabled": {
"default": true,
"description": "Indicates whether DHCP snooping is enabled",
"required": false,
"title": "Is DHCP snooping enabled or not",
"type": "boolean"
},
"vmtools_enabled": {
"default": true,
"description": "Indicates whether fetching IP using vm-tools is enabled. This option is only supported on ESX where vm-tools is installed.",
"required": false,
"title": "Is VM tools enabled or not",
"type": "boolean"
}
},
"title": "IPv4 discovery options",
"type": "object"
}
IPv4Subnet (type)
{
"additionalProperties": false,
"id": "IPv4Subnet",
"module_id": "PolicyEdgeTransportNode",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPv4Address"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IPv4 Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 64,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
IPv6Address (type)
{
"format": "ipv6",
"id": "IPv6Address",
"module_id": "Common",
"title": "IPv6 address",
"type": "string"
}
IPv6AddressProperties (type)
{
"additionalProperties": false,
"id": "IPv6AddressProperties",
"properties": {
"ip6_address": {
"pattern": "^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "Interface IPv6 address",
"type": "string"
},
"ip6_gateway": {
"pattern": "^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "IPv6 Gateway",
"type": "string"
},
"prefixlen": {
"title": "Prefix length",
"type": "integer"
}
},
"title": "IPv6 address properties",
"type": "object"
}
IPv6CIDRBlock (type)
{
"format": "ipv6-cidr-block",
"id": "IPv6CIDRBlock",
"module_id": "Common",
"title": "IPv6 CIDR Block",
"type": "string"
}
IPv6DADStatus (type)
{
"additionalProperties": false,
"id": "IPv6DADStatus",
"module_id": "LogicalRouterPorts",
"properties": {
"ip_address": {
"$ref": "IPAddress",
"description": "IP address on the port for which DAD status is reported.",
"readonly": true,
"required": false,
"title": "IP address"
},
"status": {
"$ref": "DADStatus",
"description": "DAD status for IP address on the port.",
"readonly": true,
"required": false,
"title": "DAD Status"
},
"transport_node": {
"description": "Array of transport node id on which DAD status is reported for given IP address.",
"items": {
"$ref": "ResourceReference"
},
"readonly": true,
"required": false,
"title": "Transport node",
"type": "array"
}
},
"title": "IPv6 DAD status",
"type": "object"
}
IPv6DhcpServer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP server to support IPv6 DHCP service. Properties defined at DHCP server level can be overridden by ip-pool or static-binding level properties.",
"id": "IPv6DhcpServer",
"module_id": "Dhcp",
"properties": {
"dhcp_server_ip": {
"$ref": "IPv6CIDRBlock",
"description": "DHCP server ip in CIDR format.",
"required": false,
"title": "DHCP server ip in CIDR format"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_names": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"server_id": {
"description": "DHCP server id.",
"readonly": true,
"required": false,
"title": "DHCP server id",
"type": "string"
},
"sntp_servers": {
"description": "SNTP server ips.",
"items": {
"$ref": "IPv6Address"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
}
},
"title": "DHCP server to support IPv6 DHCP service",
"type": "object"
}
IPv6DiscoveryOptions (type)
{
"additionalProperties": false,
"description": "Contains IPv6 related discovery options.",
"id": "IPv6DiscoveryOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"dhcp_snooping_v6_enabled": {
"default": false,
"description": "Enable this method will snoop the DHCPv6 message transaction which a VM makes with a DHCPv6 server. From the transaction, we learn the IPv6 addresses assigned by the DHCPv6 server to this VM along with its lease time.",
"required": false,
"title": "Is DHCP snoping v6 enabled or not",
"type": "boolean"
},
"nd_snooping_config": {
"$ref": "NdSnoopingConfig",
"description": "Indicates ND snooping options",
"required": false,
"title": "ND snooping configuration"
},
"vmtools_v6_enabled": {
"default": false,
"description": "Enable this method will learn the IPv6 addresses which are configured on interfaces of a VM with the help of the VMTools software.",
"required": false,
"type": "boolean"
}
},
"title": "IPv6 discovery options",
"type": "object"
}
IPv6EndPoint (type)
{
"description": "IPv6 virtual tunnel end point",
"id": "IPv6EndPoint",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"properties": {
"default_gateway": {
"$ref": "IPAddress",
"readonly": true,
"title": "Default gateway for IPv6"
},
"ipv6": {
"$ref": "IPAddress",
"description": "Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool.",
"readonly": true,
"title": "IPv6 Address of this virtual tunnel endpoint"
},
"prefix_length": {
"readonly": true,
"title": "Prefix length for IPv6",
"type": "string"
}
},
"title": "IPv6 end point",
"type": "object"
}
IPv6Profiles (type)
{
"additionalProperties": false,
"id": "IPv6Profiles",
"module_id": "LogicalRouter",
"properties": {
"dad_profile_id": {
"description": "Identifier of Duplicate Address Detection profile. DAD profile has various configurations related to duplicate address detection. If no profile is associated manually to the router, then the system defined default DAD profile will be automatically applied.",
"required": false,
"title": "DAD profile identifier",
"type": "string"
},
"ndra_profile_id": {
"description": "Identifier of Neighbor Discovery Router Advertisement profile. NDRA profile has various configurations required for router advertisement. If no profile is associated manually to the router, then the system defined default NDRA profile will be automatically applied.",
"required": false,
"title": "NDRA profile identifier",
"type": "string"
}
},
"type": "object"
}
IPv6Status (type)
{
"additionalProperties": false,
"id": "IPv6Status",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"connected_segment_path": {
"description": "Path of the segment attached to the interface.",
"readonly": true,
"required": false,
"title": "Connected segment path",
"type": "string"
},
"dad_statuses": {
"description": "Array of DAD status which contains DAD information for IP addresses on the interface.",
"items": {
"$ref": "IPv6DADStatus"
},
"readonly": true,
"title": "IPv6 DAD status",
"type": "array"
},
"interface_id": {
"description": "Policy path or realization ID of interface for which IPv6 DAD status is returned.",
"title": "Policy path or realization ID of interface",
"type": "string"
},
"tier0_gateway": {
"description": "Tier-0 Gateway this router Link belongs to.",
"title": "Tier-0 Gateway",
"type": "string"
},
"tier1_gateway": {
"description": "Tier-1 Gateway this router Link belongs to.",
"title": "Tier-1 Gateway",
"type": "string"
}
},
"title": "IPv6 status",
"type": "object"
}
IPv6Subnet (type)
{
"additionalProperties": false,
"id": "IPv6Subnet",
"module_id": "PolicyEdgeTransportNode",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPv6Address"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IPv6 Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
IcmpEchoRequestHeader (type)
{
"additionalProperties": false,
"id": "IcmpEchoRequestHeader",
"module_id": "Traceflow",
"properties": {
"id": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "ICMP id",
"type": "integer"
},
"sequence": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "ICMP sequence number",
"type": "integer"
}
},
"type": "object"
}
Icon (type)
{
"additionalProperties": false,
"description": "Icon to be applied at dashboard for widgets and UI elements.",
"id": "Icon",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"color": {
"description": "Icon color applied to icon in hex format.",
"title": "Icon color applied to icon in hex format",
"type": "string"
},
"placement": {
"default": "PRE",
"description": "If specified as PRE, the icon appears before the UI element. If set as POST, the icon appears after the UI element.",
"enum": [
"PRE",
"POST"
],
"title": "Position at which to display icon, if any",
"type": "string"
},
"size": {
"description": "Icon size in unit applied to icon.A unit can be specified by the 'size_unit' property.",
"minimum": 1,
"title": "Icon size in unit",
"type": "number"
},
"size_unit": {
"description": "Icon size unit applied to icon along with size. if 'size' property value is provided and no value is provided for this property then default value for this proerty is set to 'px'.",
"enum": [
"px",
"rem",
"pc"
],
"title": "Icon size unit in rem/px/pc",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the icon.",
"items": {
"$ref": "Tooltip"
},
"title": "Multi-line tooltip",
"type": "array"
},
"type": {
"description": "Icon will be rendered based on its type. For example, if ERROR is chosen, then icon representing error will be rendered. or else custom svg icon name can be given.",
"title": "Type of icon",
"type": "string"
}
},
"title": "Icon",
"type": "object"
}
IdentityFirewallAdStore (type)
{
"extends": {
"$ref": "IdentityFirewallStore"
},
"id": "IdentityFirewallAdStore",
"module_id": "PolicyIdentity",
"polymorphic-type-descriptor": {
"type-identifier": "IdentityFirewallAdStore"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"base_distinguished_name": {
"description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "IdentityFirewallStore base distinguished name",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"event_log_servers": {
"description": "IdentityFirewallStore Event Log server's information including host, name, protocol and so on.",
"items": {
"$ref": "IdentityFirewallStoreEventLogServer"
},
"maxItems": 50,
"readonly": true,
"required": false,
"title": "Event Log server of IdentityFirewallStore",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "IdentityFirewallStore LDAP servers' information including host, name, port, protocol and so on.",
"items": {
"$ref": "IdentityFirewallStoreLdapServer"
},
"maxItems": 50,
"required": true,
"title": "LDAP server of IdentityFirewallStore",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"name": {
"description": "IdentityFirewallStore name which best describes the Directory domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": true,
"title": "IdentityFirewallStore name",
"type": "string"
},
"netbios_name": {
"description": "NetBIOS names can contain all alphanumeric characters except for the certain disallowed characters. Names can contain a period, but names cannot start with a period. NetBIOS is similar to DNS in that it can serve as a directory service, but more limited as it has no provisions for a name hierarchy and names are limited to 15 characters. The netbios name is case insensitive and is stored in upper case regardless of input case.",
"required": true,
"title": "IdentityFirewallStore NETBIOS name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Domain resource type comes from multiple sub-classes extending this base class. For example, IdentityFirewallAdStore is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"enum": [
"IdentityFirewallAdStore"
],
"required": true,
"title": "IdentityFirewallStore resource type",
"type": "string"
},
"selective_sync_settings": {
"$ref": "SelectiveSyncSettings",
"description": "SelectiveSync settings toggle the SelectiveSync feature and selected OrgUnits. If this is not specified, SelectiveSync is disabled by default.",
"required": false,
"title": "SelectiveSync settings"
},
"sync_settings": {
"$ref": "DirectoryDomainSyncSettings",
"description": "Each domain sync settings can be changed using this object. It is not required since there are default values used if there is no specification for this object.",
"required": false,
"title": "IdentityFirewallStore sync settings"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Active IdentityFirewallStore",
"type": "object"
}
IdentityFirewallStore (type)
{
"abstract": true,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdentityFirewallStore",
"module_id": "PolicyIdentity",
"policy_hierarchical_children": [
"ChildIdentityFirewallStoreEventLogServer",
"ChildIdentityFirewallStoreLdapServer"
],
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"event_log_servers": {
"description": "IdentityFirewallStore Event Log server's information including host, name, protocol and so on.",
"items": {
"$ref": "IdentityFirewallStoreEventLogServer"
},
"maxItems": 50,
"readonly": true,
"required": false,
"title": "Event Log server of IdentityFirewallStore",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "IdentityFirewallStore LDAP servers' information including host, name, port, protocol and so on.",
"items": {
"$ref": "IdentityFirewallStoreLdapServer"
},
"maxItems": 50,
"required": true,
"title": "LDAP server of IdentityFirewallStore",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"name": {
"description": "IdentityFirewallStore name which best describes the Directory domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": true,
"title": "IdentityFirewallStore name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Domain resource type comes from multiple sub-classes extending this base class. For example, IdentityFirewallAdStore is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"enum": [
"IdentityFirewallAdStore"
],
"required": true,
"title": "IdentityFirewallStore resource type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IdentityFirewallStore",
"type": "object"
}
IdentityFirewallStoreEventLogServer (type)
{
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdentityFirewallStoreEventLogServer",
"module_id": "PolicyIdentity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "IdentityFirewallStore name which best describes the IdentityFirewallStore. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for IdentityFirewallStore name among different IdentityFirewallStores.",
"required": false,
"title": "IdentityFirewallStore name",
"type": "string"
},
"host": {
"description": "Directory Event Log server DNS host name or ip address which is reachable by NSX manager to be connected and do event fetching.",
"format": "hostname-or-ip",
"required": true,
"title": "Event log server host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"password": {
"description": "IdentityFirewallStore event log server connection password.",
"required": false,
"sensitive": true,
"title": "Event log server password",
"type": "secure_string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "DirectoryEventLogServerStatus",
"description": "Event log server connection status object",
"required": false,
"title": "Event log server connection status"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"username": {
"description": "Directory event log server connection user name.",
"required": false,
"title": "Event log server username",
"type": "string"
}
},
"title": "Event log server of IdentityFirewallStore",
"type": "object"
}
IdentityFirewallStoreLdapServer (type)
{
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdentityFirewallStoreLdapServer",
"module_id": "PolicyIdentity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_path": {
"description": "IdentityFirewallStore LDAP server certificate used in secure LDAPS connection.",
"nsx_feature": "IdfwLdapLoadBalancer",
"required": false,
"title": "LDAP server certificate",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IdentityFirewallStoreLdapServer"
],
"relationshipType": "LDAP_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "IdentityFirewallStore name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for IdentityFirewallStore name among different IdentityFirewallStores.",
"required": false,
"title": "IdentityFirewallStore name",
"type": "string"
},
"host": {
"description": "IdentityFirewallStore LDAP server DNS host name or ip address which is reachable by NSX manager to be connected and do object synchronization.",
"format": "hostname-or-ip",
"required": true,
"title": "LDAP server host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"password": {
"description": "IdentityFirewallStore LDAP server connection password.",
"required": false,
"sensitive": true,
"title": "LDAP server password",
"type": "secure_string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port": {
"default": 389,
"description": "IdentityFirewallStore LDAP server connection TCP/UDP port.",
"max": 65535,
"min": 1,
"required": false,
"title": "LDAP server TCP/UDP port",
"type": "integer"
},
"protocol": {
"default": "LDAP",
"description": "IdentityFirewallStore LDAP server connection protocol which is either LDAP or LDAPS.",
"enum": [
"LDAP",
"LDAPS"
],
"required": false,
"title": "LDAP server protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"deprecated": true,
"deprecation_advice": "<br> Use certificate instead of thumbprint.",
"description": "IdentityFirewallStore LDAP server certificate thumbprint used in secure LDAPS connection.",
"required": false,
"title": "LDAP server certificate thumbprint using SHA-256 algorithm",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"use_certificate": {
"description": "This flag helps in deciding whether to use thumbprint or certificate.",
"nsx_feature": "IdfwLdapLoadBalancer",
"required": false,
"title": "Flag for certificate usage",
"type": "boolean"
},
"username": {
"description": "IdentityFirewallStore LDAP server connection user name.",
"required": false,
"title": "LDAP server username",
"type": "string"
}
},
"title": "LDAP server of directory domain",
"type": "object"
}
IdentityFirewallStoreLdapServerListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdentityFirewallStoreLdapServerListResults",
"module_id": "PolicyIdentity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdentityFirewallStoreLdapServer"
},
"maxItems": 50,
"required": true,
"title": "List of directory domain LDAP servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of FirewallIdentityStore LDAP servers",
"type": "object"
}
IdentityFirewallStoreListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdentityFirewallStoreListResults",
"module_id": "PolicyIdentity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdentityFirewallStore"
},
"maxItems": 500,
"required": true,
"title": "List of IdentityFirewallStores",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IdentityFirewallStore",
"type": "object"
}
IdentityFirewallStoreUserOrGroup (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "IdentityFirewallStoreUserOrGroup",
"module_id": "PolicyIdentity",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"distinguished_name": {
"required": true,
"title": "IdentityFirewallStore user or group distinguished name",
"type": "string"
},
"domain_id": {
"required": true,
"title": "Domain id",
"type": "string"
},
"domain_name": {
"required": true,
"title": "IdentityFirewallStore domain name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"required": true,
"title": "IdentityFirewallStore user or group resource type for this domain",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IdentityFirewallStore User or Group",
"type": "object"
}
IdentityFirewallStoreUserOrGrouptListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdentityFirewallStoreUserOrGrouptListResults",
"module_id": "PolicyIdentity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdentityFirewallStoreUserOrGroup"
},
"required": true,
"title": "IdentityFirewallStoreUserOrGroup list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IdentityGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing Identity Group external ID and enforcement point path",
"extends": {
"$ref": "RealizationListRequestParameters"
},
"id": "IdentityGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"identity_group_external_id": {
"required": true,
"title": "Identity Group external ID",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing Identity Group external ID and enforcement point path",
"type": "object"
}
IdentityGroupExpression (type)
{
"additionalProperties": false,
"description": "Represents a list of identity group (Ad group SID) expressions.",
"extends": {
"$ref": "Expression"
},
"id": "IdentityGroupExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IdentityGroupExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"identity_groups": {
"description": "This array consists of set of identity group object. All members within this array are implicitly OR'ed together.",
"items": {
"$ref": "IdentityGroupInfo"
},
"maxItems": 500,
"minItems": 1,
"required": true,
"title": "Array of identity group",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression",
"GeoLocationExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IdentityGroup expression node",
"type": "object"
}
IdentityGroupInfo (type)
{
"id": "IdentityGroupInfo",
"module_id": "PolicyIdentity",
"properties": {
"distinguished_name": {
"description": "Each LDAP object is uniquely identified by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas. e.g. CN=Larry Cole,CN=admin,DC=corp,DC=acme,DC=com. A valid fully qualified distinguished name should be provided to include specific groups else the create / update realization of the Group containing an invalid/ partial DN will fail. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.",
"required": true,
"title": "LDAP distinguished name",
"type": "string"
},
"domain_base_distinguished_name": {
"description": "This is the base distinguished name for the domain where this particular group resides. (e.g. dc=example,dc=com) Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Identity (Directory) domain base distinguished name",
"type": "string"
},
"sid": {
"description": "A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components: The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID. This field is only populated for Microsoft Active Directory identity store.",
"required": false,
"title": "Identity (Directory) Group SID (security identifier)",
"type": "string"
}
},
"title": "Identity (Directory) group",
"type": "object"
}
IdentitySourceLdapServer (type)
{
"description": "Information about a single LDAP server.",
"id": "IdentitySourceLdapServer",
"module_id": "LdapIdentitySources",
"properties": {
"bind_identity": {
"description": "A username used to authenticate to the directory when admnistering roles in NSX. This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. [email protected]) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).",
"title": "Username or DN for LDAP authentication",
"type": "string"
},
"certificates": {
"description": "If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.",
"items": {
"type": "string"
},
"title": "TLS certificate(s) for LDAP server(s)",
"type": "array"
},
"enabled": {
"default": true,
"description": "Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users.",
"title": "If true, this LDAP server is enabled",
"type": "boolean"
},
"password": {
"description": "A password used when authenticating to the directory.",
"sensitive": true,
"title": "Username for LDAP authentication",
"type": "secure_string"
},
"url": {
"description": "The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.",
"required": true,
"title": "The URL for the LDAP server",
"type": "string"
},
"use_starttls": {
"default": false,
"description": "If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.",
"title": "Enable/disable StartTLS",
"type": "boolean"
}
},
"title": "An LDAP server",
"type": "object"
}
IdentitySourceLdapServerEndpoint (type)
{
"description": "Information about a single LDAP server endpoint.",
"id": "IdentitySourceLdapServerEndpoint",
"module_id": "LdapIdentitySources",
"properties": {
"url": {
"description": "The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.",
"required": true,
"title": "The URL for the LDAP server",
"type": "string"
},
"use_starttls": {
"default": false,
"description": "If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.",
"title": "Enable/disable StartTLS",
"type": "boolean"
}
},
"title": "An LDAP server endpoint",
"type": "object"
}
IdentitySourceLdapServerProbeResult (type)
{
"description": "The results of probing an individual LDAP server.",
"id": "IdentitySourceLdapServerProbeResult",
"module_id": "LdapIdentitySources",
"properties": {
"errors": {
"description": "Detail about errors encountered during the probe.",
"items": {
"$ref": "LdapProbeError"
},
"title": "Error details",
"type": "array"
},
"result": {
"description": "Overall result of the probe. If the probe was able to connect to the LDAP service, authenticate using the provided credentials, and perform searches of the configured user and group search bases without error, the result is SUCCESS. Otherwise, the result is FAILURE, and additional details may be found in the errors property.",
"enum": [
"SUCCESS",
"FAILURE"
],
"title": "Overall result",
"type": "string"
},
"url": {
"description": "THe URL of the probed LDAP host.",
"title": "LDAP Server URL",
"type": "string"
}
},
"title": "Results from one LDAP server probe",
"type": "object"
}
IdfwComputeCollectionCondition (type)
{
"description": "Status of the Identity Firewall enabled Compute collection.",
"id": "IdfwComputeCollectionCondition",
"module_id": "IdentityFirewall",
"properties": {
"status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DFW_DISABLED",
"IDFW_ENABLED",
"IDFW_DISABLED"
],
"required": true,
"title": "IDFW enabled Compute collection status.",
"type": "string"
},
"status_detail": {
"description": "Status of the Compute collection.",
"required": false,
"title": "Compute collection status.",
"type": "string"
}
},
"title": "IDFW Compute collection status.",
"type": "object"
}
IdfwComputeCollectionListResult (type)
{
"description": "List of compute collection ids and status connected to VC.",
"extends": {
"$ref": "ListResult"
},
"id": "IdfwComputeCollectionListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of IDFW compute collection Ids and status connected to VC.",
"items": {
"$ref": "IdfwComputeCollectionStatus"
},
"required": true,
"title": "List of IDFW ComputeCollection.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IDFW enabled compute collections connected to VC",
"type": "object"
}
IdfwComputeCollectionStatus (type)
{
"description": "compute collection ID and status connected to VC.",
"id": "IdfwComputeCollectionStatus",
"module_id": "IdentityFirewall",
"properties": {
"compute_collection_id": {
"description": "IDFW compute collection ID connected to VC.",
"required": true,
"title": "IDFW compute collection ID.",
"type": "string"
},
"compute_collection_status": {
"description": "IDFW enabled compute collection status.",
"items": {
"$ref": "IdfwComputeCollectionCondition"
},
"title": "Compute collection status.",
"type": "array"
}
},
"title": "IDFW compute collection ID and status.",
"type": "object"
}
IdfwDirGroupUserSessionMapping (type)
{
"additionalProperties": false,
"description": "Identity Firewall NSGorup to user mapping to link DirGroup to user session data.",
"id": "IdfwDirGroupUserSessionMapping",
"module_id": "IdentityFirewall",
"properties": {
"dir_group_id": {
"description": "Directory Group ID.",
"readonly": true,
"required": true,
"title": "Directory Group ID",
"type": "string"
},
"user_id": {
"description": "User ID.",
"readonly": true,
"required": true,
"title": "User ID",
"type": "string"
}
},
"title": "Identity Firewall NSGorup to user mapping to link DirGroup to user session data",
"type": "object"
}
IdfwEnabledComputeCollection (type)
{
"additionalProperties": false,
"description": "Compute collection enabled for Identity Firewall where login events will be collected.",
"extends": {
"$ref": "ManagedResource"
},
"id": "IdfwEnabledComputeCollection",
"module_id": "IdentityFirewall",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"compute_collection_id": {
"description": "Compute collection ID.",
"required": true,
"title": "Compute collection ID",
"type": "string"
},
"compute_collection_name": {
"description": "Compute collection name.",
"title": "Compute collection name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "Compute collection enabled status (true=Enabled / false=Disabled).",
"required": true,
"title": "Enabled/disabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Identity Firewall enabled compute collection",
"type": "object"
}
IdfwEnabledComputeCollectionListResult (type)
{
"additionalProperties": false,
"description": "List of compute collections enabled for IDFW where login events will be collected.",
"extends": {
"$ref": "ListResult"
},
"id": "IdfwEnabledComputeCollectionListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of IDFW Enabled Compute Collections.",
"items": {
"$ref": "IdfwEnabledComputeCollection"
},
"required": true,
"title": "List of IDFW Enabled Compute Collections",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Identity Firewall enabled compute collection list",
"type": "object"
}
IdfwMasterSwitchSetting (type)
{
"description": "Identity Firewall master switch setting. This setting enables or disables Identity Firewall feature across the system. It affects compute collections, hypervisor and virtual machines. This operation is expensive and also has big impact and implication on system perforamce.",
"id": "IdfwMasterSwitchSetting",
"module_id": "IdentityFirewall",
"properties": {
"idfw_master_switch_enabled": {
"description": "IDFW master switch (true=Enabled / false=Disabled).",
"required": true,
"title": "IDFW master switch",
"type": "boolean"
}
},
"title": "Identity Firewall master switch setting",
"type": "object"
}
IdfwNsgroupVmDetailListResult (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single NSGroup.",
"extends": {
"$ref": "ListResult"
},
"id": "IdfwNsgroupVmDetailListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"ns_group_id": {
"readonly": true,
"required": true,
"title": "NSGroup ID",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdfwVmDetail"
},
"required": true,
"title": "List of user login/session data for a single VM",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Identity Firewall user login/session data for a single NSGroup",
"type": "object"
}
IdfwStandaloneHostsSwitchSetting (type)
{
"description": "Identity Firewall standalone hosts switch setting. This setting enables or disables Identity Firewall feature on all standalone hosts.",
"id": "IdfwStandaloneHostsSwitchSetting",
"module_id": "IdentityFirewall",
"properties": {
"standalone_hosts_enabled": {
"description": "IDFW standalone hosts switch (true=Enabled / false=Disabled).",
"required": true,
"title": "IDFW standalone hosts switch",
"type": "boolean"
}
},
"title": "Identity Firewall standalone hosts switch setting",
"type": "object"
}
IdfwSystemStats (type)
{
"additionalProperties": false,
"description": "Identity Firewall statistics data.",
"id": "IdfwSystemStats",
"module_id": "IdentityFirewall",
"properties": {
"num_concurrent_users": {
"description": "Number of concurrent logged on users (across VDI & RDSH). Multiple logins by the same user is counted as 1.",
"required": true,
"title": "Number of concurrent logged on users (across VDI & RDSH)",
"type": "int"
},
"num_user_sessions": {
"description": "Number of active user sessions/logins in IDFW enabled compute collections (including both UP and DOWN hosts). N sessions/logins by the same user is counted as n.",
"required": true,
"title": "Number of active user sessions/logins",
"type": "int"
}
},
"title": "Identity Firewall statistics data",
"type": "object"
}
IdfwTransportNodeCondition (type)
{
"description": "Status of the Identity Firewall Compute Collection's transport node.",
"id": "IdfwTransportNodeCondition",
"module_id": "IdentityFirewall",
"properties": {
"status": {
"description": "Transport node status for IDFW compute collection.",
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"NOT_PREPARED",
"IDFW_COMPONENT_NOT_INSTALLED",
"DFW_DISABLED",
"IDFW_DISABLED"
],
"required": true,
"title": "IDFW TransportNode status.",
"type": "string"
},
"status_detail": {
"description": "IDFW Compute collection's transport node condition.",
"required": false,
"title": "IDFW transport node condition.",
"type": "string"
}
},
"title": "IDFW transport node status.",
"type": "object"
}
IdfwTransportNodeStatus (type)
{
"description": "ID and status of the Identity Firewall enabled Compute collection's transport node.",
"id": "IdfwTransportNodeStatus",
"module_id": "IdentityFirewall",
"properties": {
"transport_node_id": {
"description": "TransportNode ID of the Identity Firewall enabled Compute collection's transport node.",
"required": true,
"title": "IDFW TransportNode ID.",
"type": "string"
},
"transport_node_status": {
"description": "Status of the IDFW transport node.",
"items": {
"$ref": "IdfwTransportNodeCondition"
},
"required": true,
"title": "IDFW TransportNode status.",
"type": "array"
}
},
"title": "IDFW transport node ID and status.",
"type": "object"
}
IdfwTransportNodeStatusListResult (type)
{
"description": "Status of the Identity Firewall enabled Compute collection transport nodes.",
"extends": {
"$ref": "ListResult"
},
"id": "IdfwTransportNodeStatusListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of transport node ids and status for idfw enabled Compute collection.",
"items": {
"$ref": "IdfwTransportNodeStatus"
},
"required": true,
"title": "IDFW enabled Compute collection transport node list.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDFW enabled Compute collection transport node and status list.",
"type": "object"
}
IdfwUserSessionData (type)
{
"additionalProperties": false,
"description": "Identity Firewall user session data on a client machine (typically a VM). Multiple entries for the same user can be returned if the user logins to multiple sessions on the same VM.",
"id": "IdfwUserSessionData",
"module_id": "IdentityFirewall",
"properties": {
"domain_name": {
"description": "AD Domain of user.",
"required": true,
"title": "AD Domain",
"type": "string"
},
"id": {
"description": "Identifier of user session data.",
"readonly": true,
"required": false,
"title": "User session data Identifier",
"type": "string"
},
"login_time": {
"$ref": "EpochMsTimestamp",
"description": "Login time.",
"required": true,
"title": "Login time"
},
"logout_time": {
"$ref": "EpochMsTimestamp",
"description": "Logout time if applicable. An active user session has no logout time. Non-active user session is stored (up to last 5 most recent entries) per VM and per user.",
"required": false,
"title": "Logout time if applicable"
},
"session_source": {
"description": "User session source can be one of: - GI (Guest Introspection) - ELS (AD Event log server) - LI (Log Insight)",
"enum": [
"GI",
"ELS",
"LI"
],
"readonly": true,
"title": "Source for the user session",
"type": "string"
},
"user_id": {
"description": "AD user ID (may not exist).",
"readonly": true,
"required": false,
"title": "AD user ID (may not exist)",
"type": "string"
},
"user_name": {
"description": "AD user name.",
"required": true,
"title": "AD user name",
"type": "string"
},
"user_session_id": {
"description": "User session ID. This also indicates whether this is VDI / RDSH.",
"required": true,
"title": "User session ID",
"type": "integer"
},
"vm_ext_id": {
"description": "Virtual machine (external ID or BIOS UUID) where login/logout events occurred.",
"readonly": true,
"required": true,
"title": "Virtual machine external ID or BIOS UUID",
"type": "string"
}
},
"title": "Identity Firewall user session data on client machine",
"type": "object"
}
IdfwUserSessionDataAndMappings (type)
{
"additionalProperties": false,
"description": "Identity Firewall user session data list and Directory Group to user mappings.",
"id": "IdfwUserSessionDataAndMappings",
"module_id": "IdentityFirewall",
"properties": {
"active_user_sessions": {
"items": {
"$ref": "IdfwUserSessionData"
},
"required": true,
"title": "Active user session data list",
"type": "array"
},
"archived_user_sessions": {
"items": {
"$ref": "IdfwUserSessionData"
},
"required": true,
"title": "Archived user session data list",
"type": "array"
},
"dir_group_to_user_session_data_mappings": {
"items": {
"$ref": "IdfwDirGroupUserSessionMapping"
},
"required": true,
"title": "Directory Group to user session data mappings",
"type": "array"
}
},
"title": "Identity Firewall user session data list and Directory Group to user mappings",
"type": "object"
}
IdfwUserStats (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single user.",
"id": "IdfwUserStats",
"module_id": "IdentityFirewall",
"properties": {
"active_sessions": {
"items": {
"$ref": "IdfwUserSessionData"
},
"required": true,
"title": "List of active (still logged in) user login/sessions data (no limit)",
"type": "array"
},
"archived_sessions": {
"description": "Optional list of up to 5 most recent archived (previously logged in) user login/session data.",
"items": {
"$ref": "IdfwUserSessionData"
},
"required": false,
"title": "List of archived (previously logged in) user login/session data",
"type": "array"
},
"user_id": {
"readonly": true,
"required": true,
"title": "AD user Identifier (String ID)",
"type": "string"
}
},
"title": "Identity Firewall user login/session data for a single user",
"type": "object"
}
IdfwVirtualMachineCondition (type)
{
"description": "Status of the Identity Firewall compute collection's VM.",
"id": "IdfwVirtualMachineCondition",
"module_id": "IdentityFirewall",
"properties": {
"status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"VM_TOOLS_NOT_INSTALLED",
"IDFW_NOT_SUPPORTED",
"DFW_DISABLED",
"IDFW_DISABLED"
],
"required": true,
"title": "VM IDFW Status.",
"type": "string"
},
"status_detail": {
"description": "IDFW compute collection's VM condition.",
"required": false,
"title": "IDFW VM condition.",
"type": "string"
}
},
"title": "IDFW VM Status.",
"type": "object"
}
IdfwVirtualMachineStatus (type)
{
"description": "ID and status of the VM on Identity Firewall compute collection.",
"id": "IdfwVirtualMachineStatus",
"module_id": "IdentityFirewall",
"properties": {
"vm_id": {
"description": "VM ID of the VM on Identity Firewall compute collection.",
"required": true,
"title": "IDFW Virtual Machine ID.",
"type": "string"
},
"vm_status": {
"description": "Status of the Identity Firewall compute collection's Virtual Machine.",
"items": {
"$ref": "IdfwVirtualMachineCondition"
},
"required": true,
"title": "IDFW VM status.",
"type": "array"
}
},
"title": "IDFW VM ID and status.",
"type": "object"
}
IdfwVirtualMachineStatusListResult (type)
{
"description": "VM ID and status of the Identity Firewall Compute collection.",
"extends": {
"$ref": "ListResult"
},
"id": "IdfwVirtualMachineStatusListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of VM's on Identity Firewall Compute collection.",
"items": {
"$ref": "IdfwVirtualMachineStatus"
},
"required": true,
"title": "IDFW Virtual machine list.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDFW VM ID and status.",
"type": "object"
}
IdfwVmDetail (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single VM",
"id": "IdfwVmDetail",
"module_id": "IdentityFirewall",
"properties": {
"last_login_user_session": {
"$ref": "ResourceReference",
"description": "Record of the last logged in user session (if exists).",
"required": false,
"title": "Last logged in user and time (if exists)"
},
"user_sessions": {
"description": "List of user session data.",
"items": {
"$ref": "IdfwUserSessionData"
},
"required": true,
"title": "List of user session data",
"type": "array"
},
"vm_ext_id": {
"description": "Virtual machine (external ID or BIOS UUID) where login/logout event occurred.",
"required": true,
"title": "Virtual machine external ID or BIOS UUID",
"type": "string"
},
"vm_ip_addresses": {
"description": "List of client machine IP addresses.",
"items": {
"type": "string"
},
"required": false,
"title": "Client VM IP addresses",
"type": "array"
}
},
"title": "Identity Firewall user login/session data for a single VM",
"type": "object"
}
IdfwVmStats (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single VM.",
"id": "IdfwVmStats",
"module_id": "IdentityFirewall",
"properties": {
"active_sessions": {
"items": {
"$ref": "IdfwUserSessionData"
},
"required": true,
"title": "List of active (still logged in) user login/sessions data (no limit)",
"type": "array"
},
"archived_sessions": {
"description": "Optional list of up to 5 most recent archived (previously logged in) user login/session data.",
"items": {
"$ref": "IdfwUserSessionData"
},
"required": false,
"title": "Optional list of archived (previously logged in) user login/session data (maximum 5)",
"type": "array"
},
"vm_ext_id": {
"description": "Virtual machine (external ID or BIOS UUID) where login/logout event occurred.",
"required": true,
"title": "Virtual machine external ID or BIOS UUID",
"type": "string"
}
},
"title": "Identity Firewall user login/session data for a single VM",
"type": "object"
}
IdsClusterConfig (type)
{
"additionalProperties": false,
"description": "IDS configuration to activate/deactivate IDS on cluster level.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsClusterConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster": {
"$ref": "PolicyResourceReference",
"description": "Contains policy resource reference object",
"readonly": false,
"required": true,
"title": "PolicyResourceReference"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_enabled": {
"description": "If set to true, IDS is enabled on the respective cluster",
"readonly": false,
"required": true,
"title": "Ids enabled flag",
"type": "boolean"
},
"is_stale": {
"description": "If set to true, this cluster has been deleted from NSX.",
"readonly": true,
"title": "Cluster stale flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System cluster configuration",
"type": "object"
}
IdsClusterConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RealizationListRequestParameters"
},
"id": "IdsClusterConfigListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS cluster config request parameters",
"type": "object"
}
IdsClusterConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsClusterConfigListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsClusterConfig"
},
"required": true,
"title": "Cluster wise IDS configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS cluster configuration",
"type": "object"
}
IdsCustomSignature (type)
{
"additionalProperties": false,
"extends": {
"$ref": "IdsSignature"
},
"id": "IdsCustomSignature",
"module_id": "PolicyIDSMetrics",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Signature action.",
"required": false,
"title": "Represents the signature's action",
"type": "string"
},
"attack_target": {
"description": "Target of the signature.",
"required": false,
"title": "Signature attack target",
"type": "string"
},
"categories": {
"description": "Represents the internal categories a signature belongs to.",
"items": {
"$ref": "IdsSignatureInternalCategory"
},
"required": false,
"title": "IDS Signature Internal category",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"class_type": {
"description": "Class type of Signature.",
"required": false,
"title": "Signature class type",
"type": "string"
},
"confidence": {
"description": "Signature's confidence score.",
"title": "Confidence",
"type": "string"
},
"cves": {
"description": "CVE score",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the cve score.",
"type": "array"
},
"cvss": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. NONE means cvssv3/cvssv2 score as 0.0 LOW means cvssv3/cvssv2 score as 0.1-3.9 MEDIUM means cvssv3/cvssv2 score as 4.0-6.9 HIGH means cvssv3/cvssv2 score as 7.0-8.9 CRITICAL means cvssv3/cvssv2 score as 9.0-10.0",
"enum": [
"NONE",
"LOW",
"MEDIUM",
"HIGH",
"CRITICAL"
],
"required": false,
"title": "CVSS of signature",
"type": "string"
},
"cvss_score": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. If cvssv3 exists, then this is the cvssv3 score, else it is the cvssv2 score.",
"required": false,
"title": "Signature CVSS score",
"type": "string"
},
"cvssv2": {
"description": "Signature cvssv2 score.",
"required": false,
"title": "Signature cvssv2 score",
"type": "string"
},
"cvssv3": {
"description": "Signature cvssv3 score.",
"required": false,
"title": "Signature cvssv3 score",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"direction": {
"description": "Source-destination direction.",
"title": "Direction",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"description": "Flag which tells whether the signature is enabled or not.",
"required": false,
"title": "Activate/Deactivate flag",
"type": "boolean"
},
"flow": {
"description": "Flow established from server, from client etc.",
"required": false,
"title": "Flow established.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"impact": {
"description": "Impact of Signature.",
"title": "Impact",
"type": "string"
},
"malware_family": {
"description": "Family of the malware tracked in the signature.",
"title": "Malware Family",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mitre_attack": {
"description": "Mitre Attack details of Signature.",
"items": {
"$ref": "MitreAttack"
},
"title": "MitreAttack",
"type": "array"
},
"name": {
"description": "Signature name.",
"required": false,
"title": "Represents the signature name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"original_signature": {
"description": "Represents the original signature provided by the user.",
"readonly": true,
"required": false,
"title": "Original Signature",
"type": "string"
},
"original_signature_id": {
"description": "Represents the original signature Id provided by the user.",
"readonly": true,
"required": false,
"title": "Original Signature Id",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"performance_impact": {
"description": "Performance impact of the signature.",
"title": "Performance impact",
"type": "string"
},
"policy": {
"description": "Signature policy.",
"items": {
"type": "string"
},
"title": "Policy",
"type": "array"
},
"product_affected": {
"description": "Product affected by this signature.",
"required": false,
"title": "Signature product affected",
"type": "string"
},
"protocol": {
"description": "Protocol used in the packet analysis.",
"title": "Protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"risk_score": {
"description": "Risk score of signature.",
"title": "Risk Score",
"type": "string"
},
"severity": {
"description": "Represents the severity of the Signature.",
"required": false,
"title": "Signature severity",
"type": "string"
},
"signature": {
"description": "Decoded Signature.",
"title": "Signature",
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": false,
"title": "Signature ID",
"type": "string"
},
"signature_revision": {
"description": "Represents revision of the Signature.",
"required": false,
"title": "Signature revision",
"type": "string"
},
"signature_severity": {
"description": "Signature vendor set severity of the signature rule.",
"title": "Signature severity",
"type": "string"
},
"tag": {
"description": "Vendor assigned classification tag.",
"items": {
"type": "string"
},
"title": "Signature tag",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"threshold": {
"$ref": "IdsSignatureThreshold",
"description": "Default threshold values for IDS signature.",
"nsx_feature": "IdsThreshold",
"title": "IDS signature threshold values"
},
"type": {
"description": "Signature type.",
"items": {
"type": "string"
},
"title": "Type",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urls": {
"description": "List of mitre attack URLs pertaining to signature",
"items": {
"type": "string"
},
"required": false,
"title": "List of mitre attack URLs pertaining to signature.",
"type": "array"
},
"validation_errors": {
"description": "Validation errors of Signature.",
"items": {
"$ref": "IdsValidationError"
},
"readonly": true,
"required": false,
"title": "IdsValidationError",
"type": "array"
},
"validation_message": {
"description": "Represents the warning/error message for the custom signature if any.",
"readonly": true,
"required": false,
"title": "Warning/Error message",
"type": "string"
},
"validation_notes": {
"description": "Validation notes for Signature.",
"items": {
"$ref": "ValidationNote"
},
"readonly": true,
"required": false,
"title": "ValidationNote",
"type": "array"
},
"validation_status": {
"description": "Validation status of the custom signature.",
"enum": [
"VALID",
"INVALID",
"PENDING",
"WARNING"
],
"readonly": true,
"required": false,
"title": "Validation status",
"type": "string"
}
},
"title": "IDS custom signature",
"type": "object"
}
IdsCustomSignatureActionParameter (type)
{
"additionalProperties": false,
"id": "IdsCustomSignatureActionParameter",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"action": {
"description": "Different Actions on Custom signatures.",
"enum": [
"CANCEL",
"PUBLISH",
"VALIDATE"
],
"required": true,
"title": "Different Actions on Custom signatures",
"type": "string"
}
},
"title": "IDS custom signature action parameter",
"type": "object"
}
IdsCustomSignatureExportActionParameter (type)
{
"additionalProperties": false,
"id": "IdsCustomSignatureExportActionParameter",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"include": {
"description": "Custom signatures to be exported.",
"enum": [
"VALID",
"INVALID",
"ALL"
],
"required": true,
"title": "Custom signatures to be exported",
"type": "string"
}
},
"title": "Action parameter to export custom signatures",
"type": "object"
}
IdsCustomSignatureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsCustomSignatureListRequestParameters",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include": {
"description": "Custom signatures to be returned.",
"enum": [
"PREVIEW_CUSTOM_SIGNATURES",
"CUSTOM_SIGNATURES"
],
"title": "Custom signatures to be returned",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS custom signature request parameters",
"type": "object"
}
IdsCustomSignatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsCustomSignatureListResult",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"publish_time": {
"$ref": "EpochMsTimestamp",
"description": "Time when the custom signature was published.",
"readonly": true,
"title": "IDS Custom Signature publish time"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsCustomSignature"
},
"required": true,
"title": "IDS custom signature list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS custom signatures",
"type": "object"
}
IdsCustomSignatureSettings (type)
{
"additionalProperties": false,
"description": "Represents the IDS Custom Signature settings.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsCustomSignatureSettings",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_custom_signatures": {
"default": false,
"description": "Flag to enable custom signatures globally.",
"required": false,
"title": "Custom signatures global enablement flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS Custom Signature settings\n",
"type": "object"
}
IdsCustomSignatureVersion (type)
{
"additionalProperties": false,
"extends": {
"$ref": "IdsSignatureVersion"
},
"id": "IdsCustomSignatureVersion",
"module_id": "PolicyIDSCustomSignature",
"policy_hierarchical_children": [
"ChildIdsCustomSignature",
"ChildIdsCustomSignatureSettings",
"ChildIdsCustomSignaturesDiff"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_update": {
"description": "Flag which tells whether the Signature version is come via auto update mechanism. It can be via auto update periodic task or via update now mechanism.",
"nsx_feature": "IDPSFederation",
"readonly": true,
"title": "Auto update Signature bundle flag",
"type": "boolean"
},
"change_log": {
"description": "Represents the version's change log.",
"readonly": true,
"title": "Change log",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_time": {
"$ref": "EpochMsTimestamp",
"description": "Time when the custom signature was published.",
"readonly": true,
"title": "IDS Custom Signature publish time"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sites": {
"description": "Contains the path of sites that has been mapped with the Signature Version.",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the Sites mapped with the Signature Version.",
"type": "array"
},
"state": {
"description": "This flag tells which Version is currently active. ACTIVE: It means the signatures under this version is currently been used under IDS Profiles. NOTACTIVE: It means signatures of this version are available but not being used in IDS Profiles.",
"enum": [
"ACTIVE",
"NOTACTIVE"
],
"readonly": true,
"title": "State of the Version",
"type": "string"
},
"status": {
"description": "This flag tells the status of the signatures under a custom signature version. VALIDATION_PENDING: Signatures are not yet validated. PUBLISH_PENDING: Signatures are validated but not yet published. PUBLISHED: Signatures are published.",
"enum": [
"VALIDATION_PENDING",
"PUBLISH_PENDING",
"PUBLISHED",
"IN_PROGRESS"
],
"readonly": true,
"title": "Status of the version",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"update_time": {
"$ref": "EpochMsTimestamp",
"description": "Time when this version was downloaded and saved.",
"readonly": true,
"title": "IDS Signature Version update time"
},
"user_uploaded": {
"description": "Flag which tells whether the Signature version is uploaded by user or not.",
"readonly": true,
"title": "User Uploaded Signature bundle flag",
"type": "boolean"
},
"version_id": {
"description": "Represents the version id.",
"readonly": true,
"title": "Version Id",
"type": "string"
}
},
"title": "IDS custom signature version",
"type": "object"
}
IdsCustomSignatureVersionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsCustomSignatureVersionListRequestParameters",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS custom signature version request parameters",
"type": "object"
}
IdsCustomSignatureVersionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsCustomSignatureVersionListResult",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsCustomSignatureVersion"
},
"required": true,
"title": "IDS custom signature version list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS custom signature versions",
"type": "object"
}
IdsCustomSignaturesDiff (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsCustomSignaturesDiff",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"deleted_signatures": {
"description": "List of deleted custom signature Ids.",
"items": {
"type": "string"
},
"required": false,
"title": "Deleted signatures",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"existing_signatures": {
"description": "List of existing custom signature Ids.",
"items": {
"type": "string"
},
"required": false,
"title": "Existing signatures",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"newly_added_signatures": {
"description": "List of newly added custom signature Ids.",
"items": {
"type": "string"
},
"required": false,
"title": "Newly added signatures",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS custom signatures difference",
"type": "object"
}
IdsCustomSignaturesFileUpload (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NoRestRequestParameters"
},
"id": "IdsCustomSignaturesFileUpload",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"file": {
"description": "The File should be a valid zip file, containing only a signature file with extension .rules for example : signature.rules If the ZIP is created on MAC then please make sure that there will be no extra file/content added in the zip file, like .DS_Store, _MACOSX etc. To zip the signature file on MAC. One can use the below command. zip -r <name-of-zip-file> <signature-file> -x '**/.DS_Store'",
"required": true,
"title": "IDS custom signatures file",
"type": "multipart_file"
},
"version_name": {
"description": "IDS custom signature version name. If not provided custom signature version Id will be used as display name.",
"required": false,
"title": "IDS custom signature version name",
"type": "string"
}
},
"title": "File containing IDS custom signatures that needs to be uploaded",
"type": "object"
}
IdsEventFlowData (type)
{
"additionalProperties": false,
"description": "IDS event flow data specific to each IDS event. The data includes source ip, source port, destination ip, destination port, protocol, rule id, profile id, and the action.",
"id": "IdsEventFlowData",
"module_id": "IDSMetrics",
"properties": {
"action_type": {
"description": "The action pertaining to the detected intrusion. Possible values are ALERT, DROP, REJECT, and INVALID. ALERT - If there is a signature match on the packet, it is allowed to pass but a notification is sent to the user notifying an intrusion was detected. DROP - On a signature match, the packet is silently dropped. An alert is sent to the user that an intrusion was detected. REJECT - On a signature match, the packet is dropped and TCP RST or ICMP error messages (for non-TCP pkts) are sent to the endpoints. An alert is sent to the user that an intrusion was detected. INVALID - If the action doesn't belong to any of the above mentioned categories, it is marked as INVALID.",
"enum": [
"ALERT",
"DROP",
"REJECT",
"INVALID"
],
"readonly": true,
"required": false,
"title": "IDS Event action",
"type": "string"
},
"bytes_toclient": {
"description": "Bytes sent to client.",
"readonly": true,
"required": false,
"title": "Bytes to client",
"type": "integer"
},
"bytes_toserver": {
"description": "Bytes sent to server.",
"readonly": true,
"required": false,
"title": "Bytes to server",
"type": "integer"
},
"client_ip": {
"description": "IP address of the VM that initiated the communication.",
"readonly": true,
"required": false,
"title": "IP address of the client VM",
"type": "string"
},
"destination_ip": {
"description": "IP address of the destination VM on the intrusion flow.",
"readonly": true,
"required": false,
"title": "IP address of the destination VM",
"type": "string"
},
"destination_port": {
"description": "Port on the destination VM where the traffic was sent to.",
"readonly": true,
"required": false,
"title": "Destination port",
"type": "integer"
},
"local_vm_ip": {
"description": "IP address of VM on the host where IDS engine is running.",
"readonly": true,
"required": false,
"title": "IP address of the local VM",
"type": "string"
},
"profile_id": {
"description": "The IDS profile id that is associated with the IDS rule pertaining to the intrusion event detected.",
"readonly": true,
"required": false,
"title": "IDS profile id",
"type": "string"
},
"protocol": {
"description": "Traffic protocol pertaining to the detected intrusion, could be TCP/UDP etc.",
"readonly": true,
"required": false,
"title": "Traffic protocol pertaining to the intrusion",
"type": "string"
},
"rule_id": {
"description": "The IDS Rule id pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "IDS Rule id of detected intrusion",
"type": "integer"
},
"source_ip": {
"description": "IP address of the source VM on the intrusion flow.",
"readonly": true,
"required": false,
"title": "IP address of the source VM",
"type": "string"
},
"source_port": {
"description": "Source port through which traffic was initiated that caused the intrusion to be detected.",
"readonly": true,
"required": false,
"title": "Source port",
"type": "integer"
}
},
"title": "IDS event flow data",
"type": "object"
}
IdsFileUpload (type)
{
"additionalProperties": false,
"id": "IdsFileUpload",
"module_id": "PolicyIDS",
"properties": {
"file": {
"required": true,
"title": "IDS signatures file",
"type": "multipart_file"
}
},
"title": "File of IDS signatures that is uploaded",
"type": "object"
}
IdsGatewayPolicy (type)
{
"description": "Represents the Intrusion Detection System Gateway Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "IdsPolicy"
},
"id": "IdsGatewayPolicy",
"module_id": "PolicyIDSGateway",
"policy_hierarchical_children": [
"ChildIdsRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp",
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule"
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsGatewayPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult"
},
"id": "IdsGatewayPolicyListResult",
"module_id": "PolicyIDSGateway",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsGatewayPolicy"
},
"required": true,
"title": "IDS Gateway policy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS Gateway policies",
"type": "object"
}
IdsGlobalConfig (type)
{
"extends": {
"$ref": "GlobalConfigs"
},
"id": "IdsGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "IdsGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_idsevents_to_syslog_enabled": {
"default": false,
"description": "When this flag is set to true, IDS events would be sent to syslog.",
"title": "A flag to indicate if IDS events need to be sent to syslog",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "GlobalConfigType",
"required": true
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for Distributed Intrusion Services",
"type": "object"
}
IdsGlobalEventConfig (type)
{
"additionalProperties": false,
"description": "Represents IDS event publishing configuration for NSX-I and NDR.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsGlobalEventConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_data_topic_name": {
"default": "ids_data",
"required": false,
"title": "kafka topic into which to publish IDS events.",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_ids_events": {
"default": false,
"description": "When this flag is set to true, IDS events will be sent to kafka, for consumption by components such as NSX-I and NDR.",
"required": false,
"title": "A flag to indicate if IDS events need to be sent to kafka",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System global event configuration\n",
"type": "object"
}
IdsPcapConfig (type)
{
"additionalProperties": false,
"description": "Pcap Configuration for IdsProfile.",
"id": "IdsPcapConfig",
"module_id": "PolicyIDS",
"properties": {
"pcap_byte_count": {
"default": 10000,
"description": "Determine how many bytes will be captured.",
"maximum": 65536,
"minimum": 1524,
"required": false,
"title": "IDPS Byte capture count.",
"type": "int"
},
"pcap_enabled": {
"default": false,
"description": "Flag which determines whether packet capturing is enabled or not.",
"required": false,
"title": "A flag to activate/deactivate pcap for IDPS Profile.",
"type": "boolean"
},
"pcap_packet_count": {
"default": 5,
"description": "Determine how many packets will be captured.",
"maximum": 15,
"minimum": 1,
"required": false,
"title": "IDPS Packet capture count.",
"type": "int"
}
},
"title": "IDPS Pcap configuration\n",
"type": "object"
}
IdsPcapExport (type)
{
"description": "Export the pcap file of all the mentioned pcap_ids.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsPcapExport",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pcap_ids": {
"description": "List of all pcap ids for which the pcap file are requested by the user.",
"items": {
"type": "string"
},
"maxItems": 50,
"minItems": 1,
"required": true,
"title": "Pcap Ids.",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_ids": {
"description": "List of all signature ids which are part of the events whose pcap files is requested by the user.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Signature Ids.",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Export IDPS pcap file\n",
"type": "object"
}
IdsPcapFileMetadata (type)
{
"additionalProperties": false,
"description": "Represents pcap file as requested by the User.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsPcapFileMetadata",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"available_until": {
"description": "Time until which the file will be avilable for download.",
"readonly": true,
"title": "Available untill",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"exported_on": {
"description": "Time when the file extraction started.",
"readonly": true,
"title": "Extracted Time",
"type": "string"
},
"failure_cause": {
"description": "If creation of zipped pcap file fails then this will tell the failure cause.",
"readonly": true,
"title": "Failure Cause",
"type": "string"
},
"file_name": {
"description": "Name of the Pcap File requested by the user.",
"required": false,
"title": "Pcap File Name.",
"type": "string"
},
"file_size": {
"description": "Tells the size of the zipped pcap file.",
"readonly": true,
"title": "File size",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"node_id": {
"description": "Node wher file extraction is triggered.",
"readonly": true,
"title": "Node Id",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pcap_ids": {
"description": "List of all pcap ids which are requested by the user as part of this File.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Pcap Ids.",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_ids": {
"description": "List of all signature ids which are part of the events whose pcap files is selected by the user as part of this File.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Signature Ids.",
"type": "array"
},
"status": {
"description": "READY means zipped pcap file is succesfully created and ready to download. IN_PROGRESS means creation of zipped pcap file is in progress. FAILED means some error occurred during creation of zipped pcap file. INCOMPLETE means zipped pcap file doea not have all the specified pcaps.",
"enum": [
"READY",
"IN_PROGRESS",
"FAILED",
"INCOMPLETE"
],
"readonly": true,
"title": "IDS zipped pcap file status",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDPS pcap file\n",
"type": "object"
}
IdsPcapFileMetadataListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsPcapFileMetadataListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of PCAPs needs to be fetched.",
"nsx_feature": "IDPSFederation",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS Pcap File request parameters",
"type": "object"
}
IdsPcapFileMetadataListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsPcapFileMetadataListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsPcapFileMetadata"
},
"required": true,
"title": "IDS Pcap File list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS Pcap File",
"type": "object"
}
IdsPcapFileRequestParameters (type)
{
"additionalProperties": false,
"id": "IdsPcapFileRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"enforcement_point_path": {
"description": "The path of the enforcement point from which the PCAPs needs to be exported, downloaded or deleted.",
"nsx_feature": "IDPSFederation",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "IDS Pcap File request parameters",
"type": "object"
}
IdsPolicy (type)
{
"description": "Represents the Intrusion Detection System Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "Policy"
},
"id": "IdsPolicy",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp",
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule"
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsProfile (type)
{
"additionalProperties": false,
"description": "IDS Profile which contains the signatures and will be used in IDS rules.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsProfile",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"criteria": {
"description": "Represents the filtering criteria for the IDS Profile. 1. A non-empty criteria list, must be of odd size. In a list, with indices starting from 0, all IdsProfileFilterCriteria must be at even indices, separated by the IdsProfileConjunctionOperator AND at odd indices. 2. There may be at most 7 IdsProfileCriteria objects inside a list.",
"items": {
"$ref": "IdsProfileCriteria"
},
"maxItems": 7,
"required": false,
"title": "Filtering criteria of IDS Profile",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"include_custom_signatures": {
"description": "Represents the flag to enable/disable the inclusion of custom signatures in the profile.",
"nsx_feature": "IDSCustomSignatures",
"title": "Include Custom Signatures flag",
"type": "boolean"
},
"include_system_signatures": {
"description": "Represents the flag to enable/disable the inclusion of system signatures in the profile. By default this flag will be true.",
"nsx_feature": "IDSCustomSignatures",
"title": "Include System Signatures flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"overridden_signatures": {
"description": "Represents the signatures that has been overridden for this Profile.",
"items": {
"$ref": "IdsProfileLocalSignature"
},
"required": false,
"title": "Represents the signatures that is overridden for the Profile",
"type": "array"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pcap_config": {
"$ref": "IdsPcapConfig",
"description": "Tells about the Pcap configuration for a IDS Profile. Only supported on Local Manager.",
"required": false,
"title": "Represents pcap configuration"
},
"profile_severity": {
"description": "Represents the severities of signatures which are part of this profile.",
"items": {
"$ref": "ProfileSeverity"
},
"required": false,
"title": "IDS Profile severity",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"severities": {
"deprecated": true,
"description": "Represents the severities of signatures which are part of this profile.",
"items": {
"$ref": "IdsProfileSeverity"
},
"required": false,
"title": "IDS Profile severity",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System Profile",
"type": "object"
}
IdsProfileConjunctionOperator (type)
{
"additionalProperties": false,
"description": "Represents the operator AND.",
"extends": {
"$ref": "IdsProfileCriteria"
},
"id": "IdsProfileConjunctionOperator",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "IdsProfileConjunctionOperator"
},
"properties": {
"operator": {
"enum": [
"AND"
],
"required": true,
"title": "IDS Profile Filter Condition",
"type": "string"
},
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "Represents the operator AND",
"type": "object"
}
IdsProfileCriteria (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the filtering criteria objects extend from this abstract class. This is present for extensibility.",
"id": "IdsProfileCriteria",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "Base class for IDS Profile criteria",
"type": "object"
}
IdsProfileFilterCriteria (type)
{
"additionalProperties": false,
"description": "Represents the filtering criteria of a IDS Profile.",
"extends": {
"$ref": "IdsProfileCriteria"
},
"id": "IdsProfileFilterCriteria",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "IdsProfileFilterCriteria"
},
"properties": {
"filter_name": {
"description": "Represents the filter for IDS Profile.",
"enum": [
"CVSS",
"ATTACK_TARGET",
"ATTACK_TYPE",
"PRODUCT_AFFECTED"
],
"required": true,
"title": "Represents the filter name",
"type": "string"
},
"filter_value": {
"description": "Represents the value of selected filter name. Note : The supported values for filter name CVSS are NONE, LOW, MEDIUM, HIGH, CRITICAL. NONE means CVSS score as 0.0 LOW means CVSS score as 0.1-3.9 MEDIUM means CVSS score as 4.0-6.9 HIGH means CVSS score as 7.0-8.9 CRITICAL means CVSS score as 9.0-10.0",
"items": {
"type": "string"
},
"required": true,
"title": "Represents the value of selected filter name",
"type": "array"
},
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "IDS Profile filter criteria",
"type": "object"
}
IdsProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsProfileListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS profile request parameters",
"type": "object"
}
IdsProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsProfileListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsProfile"
},
"required": true,
"title": "IDS profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS profiles",
"type": "object"
}
IdsProfileLocalSignature (type)
{
"additionalProperties": false,
"description": "IDS Profile local signature.",
"extends": {
"$ref": "GlobalIdsSignature"
},
"id": "IdsProfileLocalSignature",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "It denotes the global action of a IDS Signature. This will take precedence over IDS signature's action.",
"enum": [
"ALERT",
"DROP",
"REJECT"
],
"title": "Global IDS signature's action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"description": "Flag through which user can Activate/Deactivate a Signature at Global Level.",
"title": "Flag to Activate/Deactivate a IDS Signature globally.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_custom_signature": {
"description": "It represents whether the overridden signature is custom or system signature.",
"nsx_feature": "IDSCustomSignatures",
"readonly": true,
"title": "Flag to determine custom signature",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": true,
"title": "Signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS Profile local signature",
"type": "object"
}
IdsProfileSeverity (type)
{
"additionalProperties": false,
"description": "Intrusion Detection System Profile severity.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsProfileSeverity",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_signatures": {
"description": "Contains the id of signatures that will be ignored as part of the profile. This field is deprecated, please use ignore_signatures field under IdsProfile to ignore the signatures.",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the signatures that will be ignored",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"severity": {
"description": "Represents the severity of a profile.",
"enum": [
"CRITICAL",
"HIGH",
"MEDIUM",
"LOW",
"SUSPICIOUS",
"NONE"
],
"required": true,
"title": "Severity of profile",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System Profile severity",
"type": "object"
}
IdsProfileSignatures (type)
{
"additionalProperties": false,
"description": "An entity that holds the list of IDS signatures attached to an IDS Profile depending upon the Profile's criteria. These are the Signatures which needs to be detected.",
"id": "IdsProfileSignatures",
"module_id": "PolicyIDS",
"properties": {
"profile_path": {
"description": "Represents the Path of the IDS Profile.",
"title": "IDS Profile path",
"type": "string"
},
"signatures": {
"description": "List of IDS signature ids which need to be detected.",
"items": {
"type": "string"
},
"maxItems": 30000,
"minItems": 1,
"title": "IDS Signatures",
"type": "array"
}
},
"title": "IDS Profile Signatures",
"type": "object"
}
IdsRawSignatures (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsRawSignatures",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signatures": {
"description": "The list of raw signatures that user wants to add.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "IDS raw signatures",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version_name": {
"description": "IDS custom signature version name. If provided custom signature version displayName will be updated accordingly.",
"required": false,
"title": "IDS custom signature version name",
"type": "string"
}
},
"title": "IDS raw signatures",
"type": "object"
}
IdsRealizationRequestParameters (type)
{
"additionalProperties": false,
"id": "IdsRealizationRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"enforcement_point_path": {
"description": "The path of the enforcement point.",
"nsx_feature": "IDPSFederation",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "IDS pass through APIs request parameters",
"type": "object"
}
IdsRule (type)
{
"additionalProperties": false,
"description": "Represents the Intrusion Detection System rule which indicates the action to be performed for the corresponding workload groups.",
"extends": {
"$ref": "BaseRule"
},
"id": "IdsRule",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied.",
"enum": [
"DETECT",
"DETECT_PREVENT"
],
"title": "Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_profiles": {
"description": "collections of IDS or Anti-Malware profiles. At Max 1 each Profile will be supported.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 1,
"required": false,
"title": "IDS profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"MalwarePreventionProfile"
]
}
]
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"oversubscription": {
"$ref": "Oversubscription",
"default": "INHERIT_GLOBAL",
"description": "Following are the choices for oversubscription configuration at the rule-level. INHERIT_GLOBAL: Inherit the behavior from the global settings BYPASSED: Oversubscribed packets would be bypassed from the IDPS Engine DROPPED: Oversubscribed packets would be dropped",
"title": "Rule-level selection for oversubscription behavior"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"Rule"
],
"relationshipType": "COMMUNICATION_ENTRY_L7_ACCESS_PROFILE_RELATIONSHIP",
"rightType": [
"L7AccessProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group",
"Segment"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry"
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule specifies the IDS security policy rule between the workload groups",
"type": "object"
}
IdsRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsRuleListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS rule request parameters",
"type": "object"
}
IdsRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRuleListResult"
},
"id": "IdsRuleListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsRule"
},
"required": true,
"title": "IDS rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS rules",
"type": "object"
}
IdsRuleStatistics (type)
{
"additionalProperties": false,
"description": "IDS Rule Statistics.",
"extends": {
"$ref": "RuleStatistics"
},
"id": "IdsRuleStatistics",
"module_id": "PolicyIDSStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"byte_count": {
"description": "Aggregated number of bytes processed by the rule.",
"readonly": true,
"required": false,
"title": "Bytes count",
"type": "integer"
},
"hit_count": {
"description": "Aggregated number of hits received by the rule.",
"readonly": true,
"required": false,
"title": "Hits count",
"type": "integer"
},
"internal_rule_id": {
"description": "Realized id of the rule on NSX MP. Policy Manager can create more than one rule per policy rule, in which case this identifier helps to distinguish between the multple rules created.",
"readonly": true,
"required": false,
"title": "NSX internal rule id",
"type": "string"
},
"l7_accept_count": {
"description": "Aggregated number of L7 Profile Accepted counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Accept count",
"type": "integer"
},
"l7_reject_count": {
"description": "Aggregated number of L7 Profile Rejected counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject count",
"type": "integer"
},
"l7_reject_with_response_count": {
"description": "Aggregated number of L7 Profile Rejected with Response counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject with response count",
"type": "integer"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Edge FW.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"max_popularity_index": {
"description": "Maximum value of popularity index of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "The maximum popularity index",
"type": "integer"
},
"max_session_count": {
"description": "Maximum value of sessions count of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Maximum Sessions count",
"type": "integer"
},
"packet_count": {
"description": "Aggregated number of packets processed by the rule.",
"readonly": true,
"required": false,
"title": "Packets count",
"type": "integer"
},
"popularity_index": {
"description": "This is calculated by sessions count divided by age of the rule.",
"readonly": true,
"required": false,
"title": "The index of the popularity of rule",
"type": "integer"
},
"rule": {
"description": "Path of the rule.",
"readonly": true,
"required": false,
"title": "Rule path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"segment_path": {
"description": "Path of the Segment on which the section is applied in case of Bridge Firewall.",
"readonly": true,
"required": false,
"title": "Segment path",
"type": "string"
},
"session_count": {
"description": "Aggregated number of sessions processed by the rule.",
"readonly": true,
"required": false,
"title": "sessions count",
"type": "integer"
},
"total_session_count": {
"description": "Aggregated number of sessions processed by all the rules This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Total Sessions count",
"type": "integer"
}
},
"title": "IDS Rule Statistics",
"type": "object"
}
IdsRuleStatisticsForEnforcementPoint (type)
{
"description": "IDS Rule statistics for a specfic enforcement point.",
"id": "IdsRuleStatisticsForEnforcementPoint",
"module_id": "PolicyIDSStats",
"properties": {
"enforcement_point": {
"description": "IDS Rule statistics for a single enforcement point",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"statistics": {
"$ref": "IdsRuleStatistics",
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "IDS Rule Statistics"
}
},
"title": "IDS Rule statistics for an enforcement point",
"type": "object"
}
IdsRuleStatisticsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsRuleStatisticsListResult",
"module_id": "PolicyIDSStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsRuleStatisticsForEnforcementPoint"
},
"required": true,
"title": "IdsRuleStatistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IDS rule statistics",
"type": "object"
}
IdsSecurityPolicy (type)
{
"description": "Represents the Intrusion Detection System Security Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "IdsPolicy"
},
"id": "IdsSecurityPolicy",
"module_id": "PolicyIDS",
"policy_hierarchical_children": [
"ChildIdsRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp",
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule"
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsSecurityPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsSecurityPolicyListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"include_rule_count": {
"default": false,
"description": "If true, populate the rule_count field with the count of rules in the particular policy. By default, rule_count will not be populated.",
"required": false,
"title": "Include the count of rules in policy",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS security policy request parameters",
"type": "object"
}
IdsSecurityPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult"
},
"id": "IdsSecurityPolicyListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSecurityPolicy"
},
"required": true,
"title": "IDS security policy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS security policies",
"type": "object"
}
IdsSecurityPolicyStatistics (type)
{
"additionalProperties": false,
"description": "IDS RSecurity Policy Statistics.",
"extends": {
"$ref": "SecurityPolicyStatistics"
},
"id": "IdsSecurityPolicyStatistics",
"module_id": "PolicyIDSStats",
"properties": {
"internal_section_id": {
"description": "Realized id of the section on NSX MP. Policy Manager can create more than one section per SecurityPolicy, in which case this identifier helps to distinguish between the multiple sections created.",
"readonly": true,
"required": false,
"title": "NSX internal section id",
"type": "string"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Gateway Firewall.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string"
},
"result_count": {
"description": "Total count for rule statistics",
"readonly": true,
"required": true,
"title": "Rule stats count",
"type": "integer"
},
"results": {
"description": "List of rule statistics.",
"items": {
"$ref": "RuleStatistics"
},
"maxItems": 1000,
"readonly": true,
"required": false,
"title": "Statistics for all rules",
"type": "array"
},
"segment_path": {
"description": "Path of the Segment on which the section is applied in case of Bridge Firewall.",
"readonly": true,
"required": false,
"title": "Segment path",
"type": "string"
}
},
"title": "IDS Security Policy Statistics",
"type": "object"
}
IdsSecurityPolicyStatisticsForEnforcementPoint (type)
{
"description": "Aggregate statistics of all the IDS rules in a security policy for a specific enforcement point.",
"id": "IdsSecurityPolicyStatisticsForEnforcementPoint",
"module_id": "PolicyIDSStats",
"properties": {
"enforcement_point": {
"description": "Enforcement point to fetch the statistics from.",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string"
},
"statistics": {
"$ref": "IdsSecurityPolicyStatistics",
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "IDS Security Policy Statistics"
}
},
"title": "IDS Security policy statistics for an enforcement point",
"type": "object"
}
IdsSecurityPolicyStatisticsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsSecurityPolicyStatisticsListResult",
"module_id": "PolicyIDSStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSecurityPolicyStatisticsForEnforcementPoint"
},
"required": true,
"title": "IDS Security Policy statistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IDS Security Policy statistics",
"type": "object"
}
IdsSettings (type)
{
"additionalProperties": false,
"description": "Represents the Intrusion Detection System settings.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsSettings",
"module_id": "PolicyIDS",
"policy_hierarchical_children": [
"ChildGlobalIdsSignature",
"ChildIdsClusterConfig",
"ChildIdsCustomSignatureVersion",
"ChildIdsProfile",
"ChildIdsSignatureVersion",
"ChildIdsSiteVersionMapping",
"ChildIdsStandaloneHostConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_update": {
"default": false,
"description": "Parameter to let the user decide whether to update the IDS Signatures automatically or not.",
"required": false,
"title": "Auto update signatures flag",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_events_to_syslog": {
"default": false,
"description": "Flag to send IDS events to syslog server.",
"required": false,
"title": "Flag to send IDS events to syslog server.",
"type": "boolean"
},
"ids_ever_enabled": {
"description": "Flag which tells whether IDS was ever enabled.",
"readonly": true,
"required": false,
"title": "Flag which tells whether IDS was ever enabled.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"oversubscription": {
"$ref": "Oversubscription",
"default": "BYPASSED",
"description": "Following are the choices for oversubscription configuration at the global level. BYPASSED: Oversubscribed packets would be bypassed from the IDPS Engine DROPPED: Oversubscribed packets would be dropped",
"required": false,
"title": "Global toggle for whether the IDS oversubscribed packets need to be bypassed or dropped"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System settings\n",
"type": "object"
}
IdsSignature (type)
{
"additionalProperties": false,
"description": "Intrusion Detection System Signature .",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsSignature",
"module_id": "PolicyIDSMetrics",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Signature action.",
"required": false,
"title": "Represents the signature's action",
"type": "string"
},
"attack_target": {
"description": "Target of the signature.",
"required": false,
"title": "Signature attack target",
"type": "string"
},
"categories": {
"description": "Represents the internal categories a signature belongs to.",
"items": {
"$ref": "IdsSignatureInternalCategory"
},
"required": false,
"title": "IDS Signature Internal category",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"class_type": {
"description": "Class type of Signature.",
"required": false,
"title": "Signature class type",
"type": "string"
},
"confidence": {
"description": "Signature's confidence score.",
"title": "Confidence",
"type": "string"
},
"cves": {
"description": "CVE score",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the cve score.",
"type": "array"
},
"cvss": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. NONE means cvssv3/cvssv2 score as 0.0 LOW means cvssv3/cvssv2 score as 0.1-3.9 MEDIUM means cvssv3/cvssv2 score as 4.0-6.9 HIGH means cvssv3/cvssv2 score as 7.0-8.9 CRITICAL means cvssv3/cvssv2 score as 9.0-10.0",
"enum": [
"NONE",
"LOW",
"MEDIUM",
"HIGH",
"CRITICAL"
],
"required": false,
"title": "CVSS of signature",
"type": "string"
},
"cvss_score": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. If cvssv3 exists, then this is the cvssv3 score, else it is the cvssv2 score.",
"required": false,
"title": "Signature CVSS score",
"type": "string"
},
"cvssv2": {
"description": "Signature cvssv2 score.",
"required": false,
"title": "Signature cvssv2 score",
"type": "string"
},
"cvssv3": {
"description": "Signature cvssv3 score.",
"required": false,
"title": "Signature cvssv3 score",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"direction": {
"description": "Source-destination direction.",
"title": "Direction",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"description": "Flag which tells whether the signature is enabled or not.",
"required": false,
"title": "Activate/Deactivate flag",
"type": "boolean"
},
"flow": {
"description": "Flow established from server, from client etc.",
"required": false,
"title": "Flow established.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"impact": {
"description": "Impact of Signature.",
"title": "Impact",
"type": "string"
},
"malware_family": {
"description": "Family of the malware tracked in the signature.",
"title": "Malware Family",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mitre_attack": {
"description": "Mitre Attack details of Signature.",
"items": {
"$ref": "MitreAttack"
},
"title": "MitreAttack",
"type": "array"
},
"name": {
"description": "Signature name.",
"required": false,
"title": "Represents the signature name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"performance_impact": {
"description": "Performance impact of the signature.",
"title": "Performance impact",
"type": "string"
},
"policy": {
"description": "Signature policy.",
"items": {
"type": "string"
},
"title": "Policy",
"type": "array"
},
"product_affected": {
"description": "Product affected by this signature.",
"required": false,
"title": "Signature product affected",
"type": "string"
},
"protocol": {
"description": "Protocol used in the packet analysis.",
"title": "Protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"risk_score": {
"description": "Risk score of signature.",
"title": "Risk Score",
"type": "string"
},
"severity": {
"description": "Represents the severity of the Signature.",
"required": false,
"title": "Signature severity",
"type": "string"
},
"signature": {
"description": "Decoded Signature.",
"title": "Signature",
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": false,
"title": "Signature ID",
"type": "string"
},
"signature_revision": {
"description": "Represents revision of the Signature.",
"required": false,
"title": "Signature revision",
"type": "string"
},
"signature_severity": {
"description": "Signature vendor set severity of the signature rule.",
"title": "Signature severity",
"type": "string"
},
"tag": {
"description": "Vendor assigned classification tag.",
"items": {
"type": "string"
},
"title": "Signature tag",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"threshold": {
"$ref": "IdsSignatureThreshold",
"description": "Default threshold values for IDS signature.",
"nsx_feature": "IdsThreshold",
"title": "IDS signature threshold values"
},
"type": {
"description": "Signature type.",
"items": {
"type": "string"
},
"title": "Type",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urls": {
"description": "List of mitre attack URLs pertaining to signature",
"items": {
"type": "string"
},
"required": false,
"title": "List of mitre attack URLs pertaining to signature.",
"type": "array"
}
},
"title": "Intrusion Detection System Signature",
"type": "object"
}
IdsSignatureInternalCategory (type)
{
"additionalProperties": false,
"description": "Represents the internal categories. APPLICATION : IDS signature having protocol comes under APPLICATION internal category. MALWARE: IDS signature having malware_family comes under this internal category. VULNERABILITY : IDS signature having cvssv3 score comes under this internal category.",
"enum": [
"APPLICATION",
"MALWARE",
"VULNERABILITY"
],
"id": "IdsSignatureInternalCategory",
"module_id": "PolicyIDSMetrics",
"title": "IDS signature internal categories",
"type": "string"
}
IdsSignatureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsSignatureListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS signature request parameters",
"type": "object"
}
IdsSignatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsSignatureListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSignature"
},
"required": true,
"title": "IDS signature list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS signatures",
"type": "object"
}
IdsSignatureRateFilter (type)
{
"additionalProperties": false,
"description": "Rate filter for IDS signature can be used to change signature action when thresholds are met.",
"id": "IdsSignatureRateFilter",
"module_id": "PolicyIDSMetrics",
"nsx_feature": "IdsThreshold",
"properties": {
"count": {
"description": "Number of signature hits before rate filter is activated.",
"maximum": 60,
"minimum": 1,
"required": true,
"title": "Rate filter threshold count",
"type": "integer"
},
"new_action": {
"default": "DROP",
"description": "Indicates the new action to be applied when rate filter is activated for the signature. DROP - Traffic will be dropped when rate filter is activated.",
"enum": [
"DROP"
],
"required": false,
"title": "New action for rate filter",
"type": "string"
},
"time_period": {
"description": "Time period (in seconds) during which signature must be hit 'count' number of times in order to activate rate filter.",
"maximum": 3600,
"minimum": 1,
"required": true,
"title": "Rate filter time period in seconds",
"type": "integer"
},
"timeout": {
"description": "Time period (in seconds) during which rate filter will remain active once activated.",
"maximum": 3600,
"minimum": 1,
"required": true,
"title": "Rate filter activation timeout in seconds",
"type": "integer"
}
},
"title": "IDS signature rate filter",
"type": "object"
}
IdsSignatureStatus (type)
{
"additionalProperties": false,
"description": "Ids signature status.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsSignatureStatus",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"download_status": {
"description": "READY means signatures were downloaded and parsed successfully. PENDING means that signatures download is in progress. ERROR means error occurred during signature processing. DISABLED means IDS is deactivated.",
"enum": [
"READY",
"PENDING",
"ERROR",
"DISABLED"
],
"readonly": true,
"title": "IDS signature download status",
"type": "string"
},
"failure_cause": {
"description": "If signature download fails then this will tell the failure cause.",
"readonly": true,
"title": "Failure Cause",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_status": {
"description": "AVAILABLE means the signatures are available for the version. UNAVAILABLE means there are no available signatures for the version.",
"enum": [
"AVAILABLE",
"UNAVAILABLE"
],
"readonly": true,
"title": "IDS signature status",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version_id": {
"description": "Represents the version id.",
"readonly": true,
"title": "Version Id",
"type": "string"
}
},
"title": "Intrusion Detection System signature status",
"type": "object"
}
IdsSignatureStatusRequestParameters (type)
{
"additionalProperties": false,
"id": "IdsSignatureStatusRequestParameters",
"module_id": "PolicyIDS",
"nsx_feature": "IDPSFederation",
"properties": {
"enforcement_point_path": {
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "IDS Download Status request parameters",
"type": "object"
}
IdsSignatureThreshold (type)
{
"additionalProperties": false,
"description": "Threshold values for IDS signature can be used to control IDS event generation frequency.",
"id": "IdsSignatureThreshold",
"module_id": "PolicyIDSMetrics",
"properties": {
"count": {
"description": "Number of signature hits for threshold.",
"maximum": 60,
"minimum": 1,
"required": true,
"title": "Threshold count",
"type": "integer"
},
"threshold_type": {
"description": "THRESHOLD - An IDS event is generated if signature is hit at least 'count' times within specified time period. LIMIT - At most 'count' number of IDS events are generated for this signature within specified time period. BOTH - A single IDS event is generated if signature is hit at least 'count' times within specified time period.",
"enum": [
"THRESHOLD",
"LIMIT",
"BOTH"
],
"required": true,
"title": "Threshold type",
"type": "string"
},
"time_period": {
"description": "Time period (in seconds) for signature threshold.",
"maximum": 3600,
"minimum": 1,
"required": true,
"title": "Time period (in seconds) for threshold",
"type": "integer"
},
"track_by": {
"description": "This property is read-only and shows existing track by value from the signature. SOURCE - Track signature matches for threshold by source. DESTINATION - Track signature matches for threshold by destination.",
"enum": [
"SOURCE",
"DESTINATION"
],
"readonly": true,
"title": "Signature threshold tracking type",
"type": "string"
}
},
"title": "IDS signature threshold values",
"type": "object"
}
IdsSignatureVersion (type)
{
"additionalProperties": false,
"description": "It represents the version information corresponding to which the signatures will be available.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsSignatureVersion",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_update": {
"description": "Flag which tells whether the Signature version is come via auto update mechanism. It can be via auto update periodic task or via update now mechanism.",
"nsx_feature": "IDPSFederation",
"readonly": true,
"title": "Auto update Signature bundle flag",
"type": "boolean"
},
"change_log": {
"description": "Represents the version's change log.",
"readonly": true,
"title": "Change log",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sites": {
"description": "Contains the path of sites that has been mapped with the Signature Version.",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the Sites mapped with the Signature Version.",
"type": "array"
},
"state": {
"description": "This flag tells which Version is currently active. ACTIVE: It means the signatures under this version is currently been used under IDS Profiles. NOTACTIVE: It means signatures of this version are available but not being used in IDS Profiles.",
"enum": [
"ACTIVE",
"NOTACTIVE"
],
"readonly": true,
"title": "State of the Version",
"type": "string"
},
"status": {
"description": "This flag tells the status of the signatures under a version. OUTDATED: It means the signatures under this version are outdated and new version is available. LATEST: It means the signatures of this version are up to date.",
"enum": [
"OUTDATED",
"LATEST"
],
"readonly": true,
"title": "Status of the Version",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"update_time": {
"$ref": "EpochMsTimestamp",
"description": "Time when this version was downloaded and saved.",
"readonly": true,
"title": "IDS Signature Version update time"
},
"user_uploaded": {
"description": "Flag which tells whether the Signature version is uploaded by user or not.",
"readonly": true,
"title": "User Uploaded Signature bundle flag",
"type": "boolean"
},
"version_id": {
"description": "Represents the version id.",
"readonly": true,
"title": "Version Id",
"type": "string"
}
},
"title": "Intrusion Detection System signature version",
"type": "object"
}
IdsSignatureVersionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsSignatureVersionListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS signature version request parameters",
"type": "object"
}
IdsSignatureVersionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsSignatureVersionListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSignatureVersion"
},
"required": true,
"title": "IDS signature version list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS signature versions",
"type": "object"
}
IdsSiteSettings (type)
{
"additionalProperties": false,
"description": "IDS configuration to map a version to a site. When this object is included in the IdsSiteVersionMapping, all the properties in this object need to be provided.",
"id": "IdsSiteSettings",
"module_id": "IDSSiteVersionMapping",
"properties": {
"ids_events_to_syslog": {
"default": "DEFAULT_TO_LM",
"description": "If true, send the IDS events to the syslog server on the provided site.",
"enum": [
"TRUE",
"FALSE",
"DEFAULT_TO_LM"
],
"readonly": false,
"required": true,
"title": "Flag to send IDS events to syslog server.",
"type": "string"
},
"oversubscription": {
"$ref": "Oversubscription",
"default": "DEFAULT_TO_LM",
"description": "For the provided site, define if the oversubscribed packets need to be bypassed or dropped. Following are the choices for oversubscription configuration at the global level. BYPASSED: Oversubscribed packets would be bypassed from the IDPS Engine DROPPED: Oversubscribed packets would be dropped DEFAULT_TO_LM: This value is only applicable on the global manager in a federated environment. If this value is provided, the local manager's value is honored for oversubscription.",
"required": true,
"title": "Toggle for whether the IDS oversubscribed packets need to be bypassed or dropped"
}
},
"title": "IDS version site mapping",
"type": "object"
}
IdsSiteVersionMapping (type)
{
"additionalProperties": false,
"description": "IDS configuration to map a version to a site. Configuring an IdsSiteVersionMapping for a site pushes the IDPS configuration from global manager to the site. This includes Profiles, GlobalIdsSignatures, Policies and Rule (both gateway and distributed). This does not include Threshold and Rate limiting configuration. The threshold and Rate limiting configuration needs to be managed from the site even after the mapping is created for a site. After mapping, in case of custom signatures, everything is still configurable from the site, except the GlobalIdsSignatures (signature overrides). The GlobalIdsSignatures are controlled by the global manager for system signatures.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsSiteVersionMapping",
"module_id": "IDSSiteVersionMapping",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"effective_signature_version_path": {
"description": "This readonly field provides which version is associated with the provided site. This flag is useful when the auto_update flag is true.",
"readonly": true,
"required": false,
"title": "Effective signature version for the site",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_version_path": {
"description": "Associate the provided site to this signature version. To associate the provided site with the auto updated version on the GM, set this field to \"AUTO_UPDATE\".",
"readonly": false,
"required": true,
"title": "Signature version path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IdsSiteVersionMapping"
],
"relationshipType": "IDS_SITE_VERSION_MAPPING_SIGNATURE_VERSION_RELATIONSHIP",
"rightType": [
"IdsSignatureVersion"
]
}
]
},
"site_path": {
"description": "Associate the provided signature version to this site.",
"readonly": false,
"required": true,
"title": "Site path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IdsSiteVersionMapping"
],
"relationshipType": "IDS_SITE_VERSION_MAPPING_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
}
]
},
"site_settings": {
"$ref": "IdsSiteSettings",
"description": "This field holds the site specific settings such as syslog and oversubscription. If this field is not provided, LM setting take effect.",
"required": false,
"title": "Site specific settings"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS version site mapping",
"type": "object"
}
IdsSiteVersionMappingListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsSiteVersionMappingListRequestParameters",
"module_id": "IDSSiteVersionMapping",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS version site mapping request parameters",
"type": "object"
}
IdsSiteVersionMappingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsSiteVersionMappingListResult",
"module_id": "IDSSiteVersionMapping",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSiteVersionMapping"
},
"required": true,
"title": "IDS version site mapping list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS version site mapping",
"type": "object"
}
IdsStandaloneHostConfig (type)
{
"additionalProperties": false,
"description": "IDS configuration to activate/deactivate IDS on standalone host level.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsStandaloneHostConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_enabled": {
"description": "If set to true, IDS is enabled on standalone hosts.",
"readonly": false,
"required": true,
"title": "IDS enabled flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System configuration",
"type": "object"
}
IdsThresholdConfig (type)
{
"additionalProperties": false,
"description": "Threshold configuration for IDS signature.",
"extends": {
"$ref": "PolicyConfigResource"
},
"id": "IdsThresholdConfig",
"module_id": "PolicyIDSMetrics",
"nsx_feature": "IdsThreshold",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"rate_filter": {
"$ref": "IdsSignatureRateFilter",
"description": "Rate filter for IDS signature can be used to change signature action when threshold is met.",
"required": false,
"title": "IDS signature rate filter"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"threshold": {
"$ref": "IdsSignatureThreshold",
"description": "Threshold values for IDS signature can be used to control IDS event generation frequency.",
"required": false,
"title": "IDS signature threshold values"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS signature threshold configuration",
"type": "object"
}
IdsThresholdConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IdsThresholdConfigListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Ids Threshold Config request parameters",
"type": "object"
}
IdsThresholdConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult"
},
"id": "IdsThresholdConfigListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsThresholdConfig"
},
"required": true,
"title": "Ids Threshold Config list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IdsThresholdConfig",
"type": "object"
}
IdsUserList (type)
{
"additionalProperties": false,
"description": "List of all affected users pertaining to a specific signature.",
"extends": {
"$ref": "ListResult"
},
"id": "IdsUserList",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all affected users specific to a particular signature.",
"items": {
"type": "string"
},
"readonly": true,
"title": "List of all affected users",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of affected Users",
"type": "object"
}
IdsUserStats (type)
{
"additionalProperties": false,
"description": "List of Users logged into VMs where intrusions of a given signature were detected.",
"id": "IdsUserStats",
"module_id": "IDSMetrics",
"properties": {
"count": {
"description": "Number of unique users logged into VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of unique users",
"type": "integer"
},
"user_list": {
"description": "List of users logged into VMs on which a particular signature was detected.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of users",
"type": "array"
}
},
"title": "List of Users",
"type": "object"
}
IdsValidationError (type)
{
"additionalProperties": false,
"description": "Contain Validation Error messages for the fields",
"id": "IdsValidationError",
"module_id": "PolicyIDSMetrics",
"properties": {
"field": {
"description": "Represents the field or property of signature.",
"title": "Field",
"type": "string"
},
"message": {
"description": "Represents the validation message.",
"title": "Message",
"type": "string"
}
},
"title": "Validation Error",
"type": "object"
}
IdsVmList (type)
{
"additionalProperties": false,
"description": "List of all affected VMs pertaining to a specific signature.",
"extends": {
"$ref": "ListResult"
},
"id": "IdsVmList",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all affected VMs specific to a particular signature.",
"items": {
"type": "string"
},
"readonly": true,
"title": "List of all affected VMs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of affected VMs",
"type": "object"
}
IdsVmStats (type)
{
"additionalProperties": false,
"description": "List of VMs on which a particular signature was detected with the count.",
"id": "IdsVmStats",
"module_id": "IDSMetrics",
"properties": {
"count": {
"description": "Number of unique VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of unique VMs",
"type": "integer"
},
"vm_list": {
"description": "List of VM names on which intrusions of that particular signature type were detected.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of VM names",
"type": "array"
}
},
"title": "List of VMs where signature was detected",
"type": "object"
}
IfaceFlowInfo (type)
{
"additionalProperties": false,
"id": "IfaceFlowInfo",
"properties": {
"entity": {
"description": "Logical entity",
"readonly": true,
"title": "Logical entity",
"type": "string"
},
"flows": {
"description": "Flows",
"items": {
"type": "string"
},
"readonly": true,
"title": "Flows",
"type": "array"
},
"name": {
"description": "Logical entity name",
"readonly": true,
"title": "Logical entity name",
"type": "string"
},
"uuid": {
"description": "Logical entity UUID",
"readonly": true,
"title": "Logical entity UUID",
"type": "string"
}
},
"type": "object"
}
IgmpMembership (type)
{
"additionalProperties": false,
"description": "IGMP (Internet Group Management Protocol) membership details.",
"id": "IgmpMembership",
"module_id": "AggSvcLogicalRouter",
"properties": {
"group": {
"$ref": "IPAddress",
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"igmp_version": {
"description": "IGMP version.",
"readonly": true,
"required": true,
"title": "IGMP version",
"type": "integer"
},
"interface": {
"description": "Interface on which multicast group membership is learned.",
"readonly": true,
"required": true,
"title": "Interface name",
"type": "string"
},
"no_of_sources": {
"description": "Number of multicast sources.",
"readonly": true,
"required": true,
"title": "Number of multicast sources",
"type": "string"
},
"source_address": {
"$ref": "IPAddress",
"description": "IP address of multicast source.",
"readonly": true,
"required": true,
"title": "IP address multicast source"
},
"uptime": {
"description": "Multicast group membership active time.",
"readonly": true,
"required": true,
"title": "Group membership active time",
"type": "string"
}
},
"title": "IGMP membership details",
"type": "object"
}
IgmpMembershipCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord"
},
"id": "IgmpMembershipCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"group": {
"$ref": "IPAddress",
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"igmp_version": {
"description": "IGMP version.",
"readonly": true,
"required": true,
"title": "IGMP version",
"type": "integer"
},
"interface": {
"description": "Interface on which multicast group membership is learned.",
"readonly": true,
"required": true,
"title": "Interface name",
"type": "string"
},
"no_of_sources": {
"description": "Number of multicast sources.",
"readonly": true,
"required": true,
"title": "Number of multicast sources",
"type": "string"
},
"source_address": {
"$ref": "IPAddress",
"description": "IP address of multicast source.",
"readonly": true,
"required": true,
"title": "IP address multicast source"
},
"transport_node": {
"description": "Transport node uuid or policy path.",
"readonly": true,
"required": true,
"title": "Transport node uuid or policy path",
"type": "string"
},
"uptime": {
"description": "Multicast group membership active time.",
"readonly": true,
"required": true,
"title": "Group membership active time",
"type": "string"
}
},
"type": "object"
}
IgmpMemberships (type)
{
"additionalProperties": false,
"description": "IGMP Memberships.",
"extends": {
"$ref": "ListResult"
},
"id": "IgmpMemberships",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"gateway_path": {
"description": "Policy path to Tier0 or Tier1 gateway.",
"required": true,
"title": "Policy path to Tier0 or Tier1 gateway",
"type": "string"
},
"igmp_memberships_per_edge": {
"items": {
"$ref": "IgmpMembershipsPerEdge"
},
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IGMP Memberships",
"type": "object"
}
IgmpMembershipsInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult"
},
"id": "IgmpMembershipsInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "IgmpMembershipCsvRecord"
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
IgmpMembershipsPerEdge (type)
{
"additionalProperties": false,
"description": "IGMP Memberships Per Edge.",
"extends": {
"$ref": "ListResult"
},
"id": "IgmpMembershipsPerEdge",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path to edge node.",
"required": true,
"title": "Policy path to edge node",
"type": "string"
},
"igmp_memberships": {
"items": {
"$ref": "IgmpMembership"
},
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IGMP Memberships Per Edge",
"type": "object"
}
IkeDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The IkeDigestAlgorithms are used to verify message integrity during Ike negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "IkeDigestAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Digest Algorithms used in IKE negotiations",
"type": "string"
}
IkeEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "IkeEncryptionAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Encryption algorithms used in IKE",
"type": "string"
}
ImportErrorMessage (type)
{
"additional_properties": false,
"description": "Error message during import of network policy",
"id": "ImportErrorMessage",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"errors": {
"description": "Contains a list of errors against all network policy rules and fields failed during import.",
"items": {
"$ref": "ImportErrorMessageDetail"
},
"title": "List of errors, if any",
"type": "array"
},
"network_policy_id": {
"description": "K8s Network Policy ID. If it's not set, the error_message is related to the overall import operation but not to specific K8s Network Policy.",
"required": false,
"title": "K8s network policy identifier.",
"type": "string"
}
},
"title": "Error Message during import of network policy",
"type": "object"
}
ImportErrorMessageDetail (type)
{
"additional_properties": false,
"description": "Detailed Error message during import of network policy rule or field.",
"id": "ImportErrorMessageDetail",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"error_code": {
"title": "Error Code",
"type": "string"
},
"error_message": {
"required": false,
"title": "Error message",
"type": "string"
}
},
"title": "Detailed Error Message of a K8s NetworkPolicy Rule or Field",
"type": "object"
}
ImportRequestParameter (type)
{
"additionalProperties": false,
"description": "This holds the request parameters required to invoke the import task.",
"extends": {
"$ref": "NoRestRequestParameters"
},
"id": "ImportRequestParameter",
"module_id": "PolicyTask",
"properties": {
"draft_description": {
"description": "Description to be set on the draft, which will hold the imported configuration.",
"required": false,
"title": "Description to be set on the draft",
"type": "string"
},
"draft_display_name": {
"description": "Display name to be set on the draft, which will hold the imported configuration.",
"minLength": 1,
"required": true,
"title": "Display name to be set on the draft",
"type": "string"
},
"file": {
"description": "The file having stored firewall configuration. Only zip file will be accepted.",
"required": true,
"title": "File to be imported",
"type": "multipart_file"
},
"passphrase": {
"description": "Passphrase to verify imported files. Passphrase needs to be same as provided earlier to export operation which generated these imported files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one non-space special character.",
"required": true,
"sensitive": true,
"title": "Passphrase to verify imported files",
"type": "secure_string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.weak_passprase.message"
}
},
"title": "Import task request parameters",
"type": "object"
}
ImportTask (type)
{
"additionalProperties": false,
"description": "This object holds the information of the import task.",
"extends": {
"$ref": "PolicyTask"
},
"id": "ImportTask",
"module_id": "PolicyTask",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"draft_path": {
"description": "Policy path of a draft in which the imported configuration gets stored after completion of import task.",
"readonly": true,
"title": "Policy path of a draft",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp",
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"failure_msg": {
"description": "This property holds the reason of the task failure, if any.",
"readonly": true,
"title": "Reason of the task failure",
"type": "string"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp",
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus",
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Import task information",
"type": "object"
}
IncludedFieldsParameters (type)
{
"additionalProperties": false,
"id": "IncludedFieldsParameters",
"module_id": "Common",
"properties": {
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
}
},
"title": "A list of fields to include in query results",
"type": "object"
}
Infra (type)
{
"additionalProperties": false,
"description": "Infra space related policy.",
"extends": {
"$ref": "AbstractSpace"
},
"id": "Infra",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildBfdProfile",
"ChildCaBundle",
"ChildConstraint",
"ChildConstraintGlobalConfig",
"ChildDeploymentZone",
"ChildDhcpRelayConfig",
"ChildDhcpServerConfig",
"ChildDistributedVlanConnection",
"ChildDnsSecurityProfile",
"ChildDomain",
"ChildEnforcementPoint",
"ChildEvpnTenantConfig",
"ChildFloodProtectionProfile",
"ChildFullSyncState",
"ChildGatewayConnection",
"ChildGatewayQosProfile",
"ChildGlobalConfig",
"ChildGlobalManager",
"ChildGlobalManagerConfig",
"ChildIPDiscoveryProfile",
"ChildIPFIXDFWCollectorProfile",
"ChildIPFIXDFWProfile",
"ChildIPFIXL2CollectorProfile",
"ChildIPFIXL2Profile",
"ChildIPReputationSiteMapping",
"ChildIPSecVpnDpdProfile",
"ChildIPSecVpnIkeProfile",
"ChildIPSecVpnTunnelProfile",
"ChildIdentityFirewallStore",
"ChildIpAddressBlock",
"ChildIpAddressPool",
"ChildIpv6DadProfile",
"ChildIpv6NdraProfile",
"ChildL7AccessProfile",
"ChildLBAppProfile",
"ChildLBClientSslProfile",
"ChildLBMonitorProfile",
"ChildLBPersistenceProfile",
"ChildLBPool",
"ChildLBServerSslProfile",
"ChildLBService",
"ChildLBVirtualServer",
"ChildLimit",
"ChildLiveTraceConfig",
"ChildMacDiscoveryProfile",
"ChildMetadataProxyConfig",
"ChildOpsGlobalConfig",
"ChildPolicyBaseHostSwitchProfile",
"ChildPolicyContextProfile",
"ChildPolicyDnsForwarderZone",
"ChildPolicyDraft",
"ChildPolicyFirewallIpReputationConfig",
"ChildPolicyFirewallScheduler",
"ChildPolicyFirewallSessionTimerProfile",
"ChildPolicyHostTransportNodeProfile",
"ChildPolicyIgmpProfile",
"ChildPolicyLabel",
"ChildPolicyLatencyStatProfile",
"ChildPolicyManualHealthCheck",
"ChildPolicyPimProfile",
"ChildPolicyServiceChain",
"ChildPolicyTransportZoneProfile",
"ChildPortMirroringProfile",
"ChildQoSProfile",
"ChildRealTimeEthProfile",
"ChildSegment",
"ChildSegmentSecurityProfile",
"ChildService",
"ChildServiceReference",
"ChildShare",
"ChildSite",
"ChildSpan",
"ChildSpoofGuardProfile",
"ChildStaticMimeContent",
"ChildTier0",
"ChildTier1",
"ChildTlsCertificate",
"ChildTlsCrl",
"ChildTlsCsr",
"ChildTlsPolicy",
"ChildTlsProfile",
"ChildTraceflowConfig",
"ChildVMTagReplicationPolicy",
"ChildVniPoolConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource"
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connectivity_strategy": {
"deprecated": true,
"description": "The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelisting with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy used by this tenant",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domains": {
"description": "This field is used while creating or updating the infra space.",
"items": {
"$ref": "Domain"
},
"required": false,
"title": "Domains for infra",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object get deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified locally by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Infra",
"type": "object"
}
InfraSecurityConfig (type)
{
"extends": {
"$ref": "ManagedResource"
},
"id": "InfraSecurityConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"automatic_appliance_certificate_renewal_enabled": {
"description": "When this flag is set to true, NSX will periodically check if any of the appliance certificates used for NSX internal communications are about to expire. If any are due to expire, new certificates will be created and installed automatically. If not provided, this defaults to true.",
"nsx_feature": "CertificateAutoReplace",
"readonly": false,
"title": "Renew appliance certificates automatically",
"type": "boolean"
},
"automatic_appliance_certificate_renewal_lead_time": {
"description": "The number of days before certificate expiration that NSX will automatically renew expiring appliance certificates. By default, this is 31 days.",
"minimum": 31,
"nsx_feature": "CertificateAutoReplace",
"readonly": false,
"title": "Lead time for automatic renewal of appliance certificates",
"type": "int"
},
"ca_signed_only": {
"description": "When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates. Since this check has now moved to the compliance-report, enabling this check is no longer required if the NDcPP Security alarms have been enabled.",
"readonly": false,
"title": "A flag to indicate whether the server certs are only allowed to be ca-signed.",
"type": "boolean"
},
"crl_checking_enabled": {
"description": "When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not. Setting this property to false results in lower security. It is not advisable to import certificate without CRL info while CRL checking is deactivated, and then re-enable CRL checking.",
"readonly": false,
"title": "A flag to indicate whether the Java trust-managers check certificate revocation",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"eku_checking_enabled": {
"description": "When this flag is set to true, during certificate checking the Extended Key Usage extension is expected to be present, indicating whether the certificate is to be used a client certificate or server certificate. Setting this value to false is not recommended as it leads to lower security and operational risk. Since this check has now moved to the compliance-report, enabling/disabling this flag no longer has any effect when applying certificates.",
"readonly": false,
"title": "A flag to indicate whether the Extended Key Usage extension in the certificate is checked.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for security purposes, like trust store and trust manager.",
"type": "object"
}
IngressBroadcastRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter"
},
"id": "IngressBroadcastRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "IngressBroadcastRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"descrption": "Set custom average_bandwidth for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Average bandwidth in kb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"descrition": "Set custom burst_size for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"desription": "Set custom peak_bandwidth for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Peak bandwidth in kb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in kb/s",
"type": "object"
}
IngressBroadcastRateShaper (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "QosBaseRateShaper"
},
"id": "IngressBroadcastRateShaper",
"module_id": "QosSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "IngressBroadcastRateShaper"
},
"properties": {
"average_bandwidth_kbps": {
"default": 0,
"minimum": 0,
"title": "Average bandwidth in kb/s",
"type": "int"
},
"burst_size_bytes": {
"default": 0,
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth_kbps": {
"default": 0,
"minimum": 0,
"title": "Peak bandwidth in kb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateShaper",
"enum": [
"IngressRateShaper",
"IngressBroadcastRateShaper",
"EgressRateShaper"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in kb/s",
"type": "object"
}
IngressRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter"
},
"id": "IngressRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "IngressRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"description": "You can use the average bandwidth to reduce network congestion.",
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"description": "The burst duration is set in the burst size setting.",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"description": "The peak bandwidth rate is used to support burst traffic.",
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in Mb/s",
"type": "object"
}
IngressRateShaper (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "QosBaseRateShaper"
},
"id": "IngressRateShaper",
"module_id": "QosSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "IngressRateShaper"
},
"properties": {
"average_bandwidth_mbps": {
"default": 0,
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size_bytes": {
"default": 0,
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth_mbps": {
"default": 0,
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateShaper",
"enum": [
"IngressRateShaper",
"IngressBroadcastRateShaper",
"EgressRateShaper"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in Mb/s",
"type": "object"
}
InitiateClusterRestoreRequest (type)
{
"id": "InitiateClusterRestoreRequest",
"module_id": "ClusterRestore",
"properties": {
"ip_address": {
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IP address or FQDN of the node from which the backup was taken",
"type": "string"
},
"ipv6_address": {
"description": "IPv6 address or FQDNv6 of the node which would be used for the restoration. This should be same as the one on which backup was taken",
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IPv6 address or FQDNv6 of the node from which the backup was taken",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "Unique id of the backed-up configuration from which\nthe appliance will be restored\n",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp",
"readonly": true,
"required": true,
"title": "Timestamp of the backed-up configuration from which\nthe appliance will be restored\n"
}
},
"type": "object"
}
Injection (type)
{
"additionalProperties": false,
"description": "Injection holding a key and a corresponding value.",
"id": "Injection",
"module_id": "PolicyReaction",
"properties": {
"key": {
"description": "Injection key.",
"required": true,
"title": "Key",
"type": "string"
},
"value": {
"$ref": "InjectionValue",
"description": "Injection value.",
"required": true,
"title": "Value"
}
},
"title": "Injection",
"type": "object"
}
InjectionValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Injection Value.",
"id": "InjectionValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Injection Value resource type.",
"enum": [
"UnaryOperationBasedInjectionValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Injection Value",
"type": "object"
}
InstallUpgradeServiceProperties (type)
{
"additionalProperties": false,
"id": "InstallUpgradeServiceProperties",
"properties": {
"enabled": {
"required": true,
"title": "True if service enabled; otherwise, false",
"type": "boolean"
},
"enabled_on": {
"readonly": true,
"title": "IP of manager on which install-upgrade is enabled",
"type": "string"
}
},
"title": "install-upgrade service properties",
"type": "object"
}
InstanceDeploymentConfig (type)
{
"description": "The Instance Deployment Config contains settings that is applied during install time.",
"id": "InstanceDeploymentConfig",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"compute_id": {
"description": "Resource Pool or Compute Id.",
"readonly": false,
"required": true,
"title": "compute id",
"type": "string"
},
"context_id": {
"description": "Context Id or VCenter Id.",
"readonly": false,
"required": true,
"title": "Context Id",
"type": "string"
},
"host_id": {
"description": "The service VM will be deployed on the specified host in the specified server within the cluster if host_id is specified. Note: You must ensure that storage and specified networks are accessible by this host.",
"readonly": false,
"required": false,
"title": "Host id",
"type": "string"
},
"storage_id": {
"description": "Storage Id.",
"readonly": false,
"required": true,
"title": "storage id",
"type": "string"
},
"vm_nic_infos": {
"description": "List of NIC information for VMs",
"items": {
"$ref": "VmNicInfo"
},
"maxItems": 2,
"minItems": 1,
"readonly": false,
"required": true,
"title": "List of VM NIC information",
"type": "array"
}
},
"title": "Instance Deployment Config",
"type": "object"
}
InstanceEndpoint (type)
{
"description": "An InstanceEndpoint belongs to one ServiceInstance and represents a redirection target for a Rule. For Example - It can be an L3 Destination. Service Attachments is required for a InstanceEndpoint of type LOGICAL, and deployed_to if its a VIRTUAL InstanceEndpoint.",
"extends": {
"$ref": "ManagedResource"
},
"id": "InstanceEndpoint",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"endpoint_type": {
"default": "LOGICAL",
"description": "LOGICAL - It must be created with a ServiceAttachment and identifies a destination connected to the Service Port of the ServiceAttachment, through the ServiceAttachment's Logical Switch. VIRTUAL - It represents a L3 destination the router can route to but does not provide any further information about its location in the network. Virtual InstanceEndpoints are used for redirection targets that are not connected to Service Ports, such as the next-hop routers on the Edge uplinks.",
"enum": [
"LOGICAL",
"VIRTUAL"
],
"readonly": false,
"required": false,
"title": "Instance Endpoint Type",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"link_ids": {
"description": "Link Ids are mandatory for VIRTUAL Instance Endpoint. Even though VIRTUAL, the Instance Endpoint should be connected/accessible through an NSX object. The link id is this NSX object id. Example - For North-South Service Insertion, this is the LogicalRouter Id through which the targetIp/L3 destination accessible.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": false,
"title": "Link Id list",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_attachments": {
"description": "Id(s) of the Service Attachment where this enndpoint is connected to. Service Attachment is mandatory for LOGICAL Instance Endpoint.",
"items": {
"$ref": "ResourceReference"
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": false,
"title": "Service Attachment list",
"type": "array"
},
"service_instance_id": {
"description": "The Service instancee with which the instance endpoint is associated.",
"readonly": true,
"required": false,
"title": "Service instance Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "Target IPs on an interface of the Service Instance.",
"items": {
"$ref": "IPInfo"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Target IPs",
"type": "array"
}
},
"title": "EndPoint of an Instance",
"type": "object"
}
InstanceEndpointListResult (type)
{
"description": "List of instance endpoints.",
"extends": {
"$ref": "ListResult"
},
"id": "InstanceEndpointListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of instance endpoints.",
"items": {
"$ref": "InstanceEndpoint"
},
"readonly": true,
"required": true,
"title": "Instance End Point list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Instance Endpoint List",
"type": "object"
}
InstanceRuntime (type)
{
"description": "A Service Runtime is the runtime entity associated with ever Service-VM deployed.",
"extends": {
"$ref": "ManagedResource"
},
"id": "InstanceRuntime",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp",
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"compute_collection_id": {
"description": "Resource Pool or cluster Id.",
"readonly": true,
"required": false,
"title": "Compute Collection Id",
"type": "string"
},
"deployment_status": {
"description": "Service-Instance Runtime deployment status of the Service-VM. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment of VM.",
"enum": [
"DEPLOYMENT_IN_PROGRESS",
"DEPLOYMENT_FAILED",
"DEPLOYMENT_SUCCESSFUL",
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"UNDEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_FAILED",
"UNDEPLOYMENT_SUCCESSFUL",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Instance Runtime deployment status",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error_message": {
"description": "Error message for the Service Instance Runtime if any.",
"readonly": true,
"required": false,
"title": "Error Message",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"maintenance_mode": {
"description": "The maintenance mode indicates whether the corresponding service VM is in maintenance mode. The service VM will not be used to service new requests if it is in maintenance mode.",
"enum": [
"OFF",
"ENTERING",
"ON",
"EXITING"
],
"readonly": true,
"required": false,
"title": "Instance Runtime maintenance mode",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_health_status_by_partner": {
"description": "Service-Instance runtime health status set by partner to indicate whether the service is running properly or not.",
"enum": [
"HEALTHY",
"STOPPED",
"NOT_RESPONDING"
],
"readonly": true,
"required": false,
"title": "Instance runtime health status set by partner",
"type": "string"
},
"runtime_status": {
"description": "Service-Instance Runtime status of the deployed Service-VM.",
"enum": [
"IN_SERVICE",
"OUT_OF_SERVICE",
"NEEDS_ATTENTION",
"NOT_AVAILABLE"
],
"readonly": true,
"required": false,
"title": "Instance Runtime Status",
"type": "string"
},
"service_instance_id": {
"description": "Id of an instantiation of a registered service.",
"readonly": true,
"required": false,
"title": "Service instance id",
"type": "string"
},
"service_vm_id": {
"description": "Service-VM/SVM id of deployed virtual-machine.",
"readonly": true,
"required": false,
"title": "Service VM id",
"type": "string"
},
"storage_id": {
"description": "Moref of the datastore in VC.",
"readonly": true,
"required": false,
"title": "Storage Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag"
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unhealthy_reason": {
"description": "Reason provided by partner for the service being unhealthy. This could be due to various reasons such as connectivity lost as an example.",
"readonly": true,
"required": false,
"title": "Reason for service status when unhealthy",
"type": "string"
},
"vm_nic_info": {
"$ref": "VmNicInfo",
"readonly": true,
"required": false,
"title": "VM NIC info"
}
},
"title": "Runtime of a Service-Instance.",
"type": "object"
}
InstanceRuntimeListResult (type)
{
"additionalProperties": false,
"description": "Result of List of InstanceRuntimes",
"extends": {
"$ref": "ListResult"
},
"id": "InstanceRuntimeListResult",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink"
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink",
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of existing InstanceRuntimes in database",
"items": {
"$ref": "InstanceRuntime"
},
"required": true,
"title": "Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "InstanceRuntime list result",
"type": "object"
}
InstanceRuntimeStatistic (type)
{
"description": "Statistics for data NICs on an instance runtime",
"id": "InstanceRuntimeStatistic",
"module_id": "PolicyServiceInsertion",
"properties": {
"interface_statistics": {
"description": "List of statistics for all data NICs on a runtime.",
"items": {
"$ref": "RuntimeInterfaceStatistics"
},
"readonly": true,
"title": "List of statistics for all NICs",
"type": "array"
},
"primary_runtime_stats": {
"description": "Specifies whether statistics are for primary runtime.",
"readonly": true,
"title": "Specifies whether statistics are for primary",
"type": "boolean"
},
"runtime_id": {
"description": "Id of the instance runtime",
"readonly": true,
"title": "Id of the instance runtime",
"type": "string"
},
"runtime_name": {
"description": "Name of the instance runtime",
"readonly": true,
"title": "Name of the instance runtime",
"type": "string"
}
},
"title": "Instance runtime statistic",
"type": "object"
}
InstructionInfo (type)
{
"id": "InstructionInfo",
"module_id": "ClusterRestore",
"properties": {
"actions": {
"description": "A list of actions that are to be applied to resources",
"help_detail": "This attribute lists actions that are to be applied to the resources\nreferenced in the \"resources\" attribute. There is an m x n relationship\nbetween these actions and resources.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Actions list",
"type": "array"
},
"fields": {
"description": "A list of fields that are displayable to users in a table",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Displayable fields",
"type": "array"
},
"id": {
"readonly": true,
"required": true,
"title": "UUID of the instruction",
"type": "string"
},
"name": {
"readonly": true,
"required": true,
"title": "Instruction name",
"type": "string"
}
},
"title": "Details of the instructions displayed during restore process",
"type": "object"
}
IntegerArrayConstraintValue (type)
{
"additionalProperties": false,
"description": "List of values",
"extends": {
"$ref": "ConstraintValue"
},
"id": "IntegerArrayConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "IntegerArrayConstraintValue"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
},
"values": {
"description": "Array of integer values",
"items": {
"type": "int"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Array of Integer",
"type": "array"
}
},
"title": "Array of Integer Values to perform operation",
"type": "object"
}
IntelligenceClusterNodeVMFormFactor (type) (Deprecated)
{
"deprecated": true,
"description": "Specifies the desired \"size\" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM. Enum value SMALL, LARGE and EXTRA_LARGE will be deprecated.",
"enum": [
"EVALUATION",
"STANDARD",
"ADVANCED",
"SMALL",
"LARGE",
"EXTRA_LARGE"
],
"id": "IntelligenceClusterNodeVMFormFactor",
"title": "Supported VM form factor for NSX-Intelligence cluster nodes",
"type": "string"
}
IntelligenceFormFactor (type)
{
"additionalProperties": false,
"description": "Napp cluster form factor",
"id": "IntelligenceFormFactor",
"properties": {
"default_worker_count": {
"description": "Default number of Napp worker nodes.",
"readonly": true,
"title": "Default number of Napp worker nodes.",
"type": "integer"
},
"disk": {
"description": "Disk size of the Napp worker nodes in GBs.",
"readonly": true,
"title": "Disk size of the Napp worker nodes in GBs",
"type": "integer"
},
"memory": {
"description": "Memory size of the Napp worker nodes in GBs",
"readonly": true,
"title": "Memory size of the Napp worker nodes in GBs",
"type": "integer"
},
"type": {
"$ref": "IntelligenceClusterNodeVMFormFactor",
"description": "NSX Intelligence node form factor type",
"readonly": true,
"title": "Napp cluster form factor type"
},
"vcpu": {
"description": "Number of virtual cpus on the Napp worker nodes",
"readonly": true,
"title": "Number of virtual cpus on the Napp worker nodes",
"type": "integer"
}
},
"title": "Napp cluster form factor",
"type": "object"
}
IntelligenceFormFactors (type)
{
"id": "IntelligenceFormFactors",
"properties": {
"form_factors": {
"items": {
"$ref": "IntelligenceFormFactor"
},
"title": "Napp cluster form factor list",
"type": "array"
}
},
"title": "Napp cluster form factors list result",
"type": "object"
}
IntentEnforcementPointListRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing intent path and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters"
},
"id": "IntentEnforcementPointListRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"intent_path": {
"required": true,
"title": "String path of the intent object",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing intent path and enforcement point path",
"type": "object"
}
IntentPathRequestParameter (type)
{
"description": "Intent path for which state/realized entities would be fetched.",
"id": "IntentPathRequestParameter",
"module_id": "PolicyRealizedState",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F",
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"site_path": {
"description": "Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites",
"required": false,
"title": "Policy Path of the site",
"type": "string"
}
},
"title": "Parameter to filter realized entities by intent path",
"type": "object"
}
IntentPathRequestParams (type)
{
"additionalProperties": false,
"description": "Request parameter containing intent path",
"id": "IntentPathRequestParams",
"module_id": "PolicyIpam",
"nsx_feature": "IpBlockQuota",
"properties": {
"intent_path": {
"required": true,
"title": "String path of the intent object",
"type": "string"
}
},
"title": "Request parameter containing intent path",
"type": "object"
}
IntentRuntimeRequestParameters (type)
{
"description": "Request parameters that represents a an intent path.",
"id": "IntentRuntimeRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"intent_path": {
"description": "Policy Path referencing an intent object.",
"required": true,
"title": "Policy Path of the intent object",
"type": "string"
},
"site_path": {
"description": "Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites",
"required": false,
"title": "Policy Path of the site from where the realization status needs to be fetched",
"type": "string"
}
},
"title": "Request Parameters for Intent Runtime Information",
"type": "object"
}
IntentStatusRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents a binding between an intent path and whether the enforcement point specific status shall be retrieved from the enforcement point or not. A request can be parameterized with this pair and will be evaluated as follows: - <intent_path>: the request is evaluated on all enforcement points for the given intent with no enforced statuses' details returned. - <intent_path, include_enforced_status=true>: the request is evaluated on all enforcement points for the given intent with enforced statuses' details returned.",
"extends": {
"$ref": "IntentRuntimeRequestParamete