NSX-T Data Center REST API
ALBAuthToken (schema)
Auth Token
ALB Auth Token
| Name | Description | Type | Notes |
|---|---|---|---|
| expires_at | Expiry time of the token Expiry time of the token will be set by LCM at the time of Enforcement Point Creation. |
string | |
| hours | hours Hours to validate the token |
string | Required |
| token | Token for Avi Controller Token for Avi Controller. |
string | |
| username | username controller username. |
string | Required |
ALBControllerAdminCredential (schema)
ALBControllerAdminCredential
Advanced Load Balancer Controller admin user credential for validation.
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| password | Password Password for the NSX Advanced Load Balancer Controller Cluster admin user. |
secure_string | Required |
ALBControllerBackupConfiguration (schema)
ALBControllerBackupConfiguration
Advanced Load Balancer Controller Backup Configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| backup_location | Directory in backup server Directory in backup server. |
string | Required |
| backup_passphrase | Passphrase for in the backup Passphrase for in the backup. |
secure_string | Required |
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| password | Backup server password Backup server password. |
secure_string | Required |
| server_address | Backup server address Backup server address. |
HostnameOrIPv4Address | Required |
| username | Backup server username Backup server username. |
string | Required |
ALBControllerCertificate (schema)
ALBControllerCertificate
Advanced Load Balancer Controller portal certificate
| Name | Description | Type | Notes |
|---|---|---|---|
| cert | Advanced Load Balancer Controller portal certificate or CSR Advanced Load Balancer Controller portal certificate or CSR. |
string | |
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| csr | Advanced Load Balancer Controller portal certificate or CSR Advanced Load Balancer Controller portal certificate or CSR. |
string | |
| name | Name of Advanced Load Balancer Controller portal certificate or CSR Name of Advanced Load Balancer Controller portal certificate or CSR. |
string | Required |
ALBControllerCertificateCsr (schema)
ALBControllerCertificateCsr
CSR for Advanced Load Balancer Controller portal certificate
| Name | Description | Type | Notes |
|---|---|---|---|
| algorithm | Algorithm for Advanced Load Balancer Controller portal certificate Algorithm for Advanced Load Balancer Controller portal certificate. |
string | |
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| common_name | Common name for Advanced Load Balancer Controller portal certificate Common name for Advanced Load Balancer Controller portal certificate. |
string | Required |
| country | Country name for Advanced Load Balancer Controller portal certificate Country name for Advanced Load Balancer Controller portal certificate. |
string | |
| Email for Advanced Load Balancer Controller portal certificate Email for Advanced Load Balancer Controller portal certificate. |
string | ||
| key_size | Key size for Advanced Load Balancer Controller portal certificate Key size for Advanced Load Balancer Controller portal certificate. |
string | |
| locality | Location or region for Advanced Load Balancer Controller portal certificate Location or region for Advanced Load Balancer Controller portal certificate. |
string | |
| organization | Organization for Advanced Load Balancer Controller portal certificate Organization for Advanced Load Balancer Controller portal certificate. |
string | |
| organization_unit | Organization unit for Advanced Load Balancer Controller portal certificate Organization unit for Advanced Load Balancer Controller portal certificate. |
string | |
| state_name | State name for Advanced Load Balancer Controller portal certificate State name for Advanced Load Balancer Controller portal certificate. |
string | |
| subject_alt_names | List of SAN for Advanced Load Balancer Controller portal certificate List of SAN for Advanced Load Balancer Controller portal certificate. |
array of string |
ALBControllerCertificateParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| ca_only | Add given CA certificate to NSX Truststore If set to True, given CA certificate will be added to NSX truststore, no certificate install will be performed on Advanced Load Balancer Controller. |
boolean |
ALBControllerClusterInfo (schema)
Advanced Load Balancer controller cluster info
Advanced Load Balancer controller cluster information about nodes in the cluster and cluster information.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_name | Advanced Load Balancer controller cluster name Advanced Load Balancer controller cluster name. |
string | Readonly |
| cluster_state | Advanced Load Balancer controller cluster state Advanced Load Balancer controller cluster state. |
string | Readonly |
| cluster_uuid | ID of the cluster used to recognize it ID of the Cluster maintained internally. Note: This is automatically generated and cannot be modified. |
string | Readonly |
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| error | Advanced Load Balancer controller cluster error Advanced Load Balancer controller cluster error information, if any. |
AlbControllerClusterRuntimeError | Readonly |
| nodes | Advanced Load Balancer controller node information | array of ALBControllerNodeInfo | |
| reason | Advanced Load Balancer cluster state not STABLE reason. Advanced Load Balancer cluster state not STABLE reason. |
string | Readonly |
| version | Advanced Load Balancer controller cluster version Advanced Load Balancer controller cluster version. |
string | Readonly |
| virtual_ip | Advanced Load Balancer controller cluster VIP Advanced Load Balancer controller cluster virtual_ip. |
IPAddress | Readonly |
ALBControllerClusterNodeVMFormFactor (schema)
Supported VM form factor for Advanced Load Balancer controller
Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBControllerClusterNodeVMFormFactor | Supported VM form factor for Advanced Load Balancer controller Specifies the desired "size" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM. |
string | Enum: SMALL, MEDIUM, LARGE, XLARGE, CUSTOM |
ALBControllerClusterTrigger (schema)
Advanced Load Balancer controller node clustering trigger response
Advanced Load Balancer controller node clustering trigger response.
| Name | Description | Type | Notes |
|---|---|---|---|
| status | Advanced Load Balancer controller node clustering trigger status Advanced Load Balancer controller node clustering trigger status. |
string | Readonly |
ALBControllerClusteringParameters (schema)
Filtering parameters for Advanced Load Balancer controller clusters.
Parameters for filtering the Advanced Load Balancer controller clusters.
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Id to filter NSX Advanced Load Balancer Controllers, if not provided NSX ALB Controllers without clustering Id will be returned. |
string |
ALBControllerConfiguration (schema)
ALBControllerConfiguration
Alb Controller config details
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_ip | Cluster IP of Advanced Load Balancer controller cluster The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well. |
IPAddress | Required |
| default_cert | Advanced Load Balancer controller using default portal certificate. Advanced Load Balancer controller using default portal certificate. |
string | Enum: True, False |
| dns_servers | DNS servers. List of DNS servers. |
array of IPv4Address | |
| infra_admin_password | Advanced Load Balancer controller admin password Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length. |
secure_string | Required |
| infra_admin_username | Username Username for server authentication. |
secure_string | Required |
| ntp_servers | NTP servers. List of NTP servers. |
array of HostnameOrIPv4Address | |
| owned_by | owned_by OnBoarding workflow initiates by VCF/Others. |
string | Required Enum: LCM, VCF |
ALBControllerNodeFormFactor (schema)
Advanced Load Balancer controller node form factor
Advanced Load Balancer node form factor.
| Name | Description | Type | Notes |
|---|---|---|---|
| disk | Disk size of the Advanced Load Balancer controller node in Bytes Disk size of the Advanced Load Balancer controller node in Bytes. |
integer | Readonly |
| memory | Memory size of the Advanced Load Balancer controller node in Bytes Memory size of the Advanced Load Balancer controller node in Bytes. |
integer | Readonly |
| type | Advanced Load Balancer controller node form factor type Advanced Load Balancer controller node form factor type. |
ALBControllerClusterNodeVMFormFactor | Readonly |
| vcpu | Number of virtual cpus on the Advanced Load Balancer controller node Number of virtual cpus on the Advanced Load Balancer controller node. |
integer | Readonly |
ALBControllerNodeFormFactorParameters (schema)
Filtering parameters for NSX Advanced Load Balancer Controller Form Factors.
parameters for NSX Advanced Load Balancer Controller Form Factors.
| Name | Description | Type | Notes |
|---|---|---|---|
| alb_major_version | Major release version of NSX Advanced Load Balancer Controller for which form factor details will be returned. Major release version of NSX Advanced Load Balancer Controller for which form factor details will be returned. |
string |
ALBControllerNodeFormFactors (schema)
Advanced Load Balancer controller form factors list result
| Name | Description | Type | Notes |
|---|---|---|---|
| form_factors | Advanced Load Balancer controller form factor list | array of ALBControllerNodeFormFactor |
ALBControllerNodeInfo (schema)
Information for Advanced Load Balancer controller nodes
Advanced Load Balancer controller node information like node IP and node name.
| Name | Description | Type | Notes |
|---|---|---|---|
| is_dhcp | Is DHCP based IP assignment Advanced Load Balancer controller node IP configuration is static or DHCP. |
boolean | Readonly |
| node_ip | Advanced Load Balancer controller node IP Advanced Load Balancer controller node IP. |
IPAddress | Readonly |
| node_name | Advanced Load Balancer controller node name Advanced Load Balancer controller node name. |
string | Readonly |
| node_role | Advanced Load Balancer controller node role Advanced Load Balancer controller node role in cluster. |
string | Readonly |
| node_start_time | Advanced Load Balancer controller node start time Advanced Load Balancer controller node start time in its local timezone. |
EpochMsTimestamp | Readonly |
| node_state | Advanced Load Balancer controller node state Advanced Load Balancer controller node current state in the cluster. |
string | Readonly |
| vm_id | ID of VM used to recognize it ID of the VM maintained internally. Note: This is automatically generated and cannot be modified. |
string | Readonly |
ALBControllerNodeParameters (schema)
List parameters for Advanced Load Balancer controller nodes
Parameters for listing the Advanced Load Balancer controller nodes.
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Id to filter NSX Advanced Load Balancer Controllers, if not provided NSX ALB Controllers without clustering Id will be returned. |
string | |
| state | the current state of the Advanced Load Balancer controller VM If state is pending then pending requests for Advanced Load Balancer controller VMs are shown. If state is deployed then deployed requests for Advanced Load Balancer controller VMs are shown. else show all the Advanced Load Balancer controller deployment requests. |
string | Enum: DEPLOYED, PENDING |
ALBControllerNodeUserSettings (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| admin_password | Advanced Load Balancer controller admin password Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length. |
secure_string | Required |
| admin_ssh_key | Admin User SSH key To configure ssh into the Advanced Load Balancer controller, this property is required. |
string |
ALBControllerNodeVMClusterConfig (schema)
Info for Advanced Load Balancer controller node cluster configuration
Contains the cluster configuration for a Advanced Load Balancer controller node VM cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cluster_ip | Cluster IP of Advanced Load Balancer controller cluster The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well. |
IPAddress | Required |
| cluster_name | Cluster name of Advanced Load Balancer controller cluster The cluster name of the Advanced Load Balancer controller node cluster. |
string | |
| cluster_uuid | ID of the Advanced Load Balancer controller cluster used to recognize it ID of the Cluster maintained internally. This is different from cluster_uuid internal to Advanced Load Balancer controller. Note: This is automatically generated and cannot be modified. |
string | Readonly |
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ALBControllerNodeVMClusterConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ALBControllerNodeVMDeletionParameters (schema)
Parameters for deleting a deployed Advanced Load Balancer Controller
Parameters for deletion of a Advanced Load Balancer controller node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| force_delete | Delete by force If true, the VM will be undeployed even if it cannot be removed from its cluster. |
boolean | |
| inaccessible | Delete when controller is inaccessible If inaccessible is provided along with force_delete and if this is the last node then deployment request will be deleted from NSX even if Policy objects are present. |
string |
ALBControllerNodeVMDeploymentConfig (schema)
Configuration for deploying Advanced Load Balancer controller node VM
Contains info used to configure the VM on deployment.
This is an abstract type. Concrete child types:
AlbControllerVsphereClusterNodeVmDeploymentConfig
| Name | Description | Type | Notes |
|---|---|---|---|
| placement_type | Type of deployment Specifies the config for the platform through which to deploy the VM. |
string | Required Enum: AlbControllerVsphereClusterNodeVmDeploymentConfig |
ALBControllerNodeVMDeploymentProgressState (schema)
Deployment progress of Advanced Load Balancer controller VM
Deployment progress state of Advanced Load Balancer controller VM. This Object contains name of current deployment step and overall progress percentage.
| Name | Description | Type | Notes |
|---|---|---|---|
| current_step_title | Name of the current step Name of the current running step of deployment |
string | Readonly |
| progress | Progress percentage Overall progress percentage of deployment completed |
integer | Readonly |
ALBControllerNodeVMDeploymentRequest (schema)
Info for Advanced Load Balancer controller node deployment request
Contains the deployment information for a Advanced Load Balancer controller node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| deployment_config | Deployment config for Advanced Load Balancer controller node VM Deployment information and basic configuration for the Advanced Load Balancer controller. |
ALBControllerNodeVMDeploymentConfig (Abstract type: pass one of the following concrete types) AlbControllerVsphereClusterNodeVmDeploymentConfig |
Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| form_factor | Form factor for Advanced Load Balancer controller VMs. Specifies the desired "size" of the VM |
ALBControllerClusterNodeVMFormFactor | Default: "LARGE" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ALBControllerNodeVMDeploymentRequest | string | |
| sddc_manager | FQDN or IP of SDDC Manager for VCF workflow. FQDN or IP of SDDC Manager for VCF workflow |
HostnameOrIPv4Address | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| user_settings | User settings for the VM SSH key and password for the Advanced Load Balancer controller node VM. Note: SSH key settings will be honored only during VM deployment. |
ALBControllerNodeUserSettings | Required |
| vm_id | ID of Advanced Load Balancer controller VM used to recognize it ID of the VM maintained internally. Note: This is automatically generated and cannot be modified. |
string | Readonly |
ALBControllerNodeVMDeploymentRequestList (schema)
ALBControllerNodeVMDeploymentRequest list
List of Advanced Load Balancer Controller Deployment Requests.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Id to filter NSX Advanced Load Balancer Controllers, if not provided NSX ALB Controllers without clustering Id will be returned. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of existing Advanced Load Balancer Controller Deployment Requests. |
array of ALBControllerNodeVMDeploymentRequest | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ALBControllerNodeVMDeploymentStatusReport (schema)
Report of a VM's deployment status
Contains up-to-date information relating to an auto-deployed VM, including
its status and (potentially) an error message.
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_progress_state | Deployment progress state of node VM Detailed progress state of node VM deployment realization. |
ALBControllerNodeVMDeploymentProgressState | Readonly |
| failure_code | Error code for failure In case of auto-deployment-related failure, the code for the error will be stored here. |
integer | |
| failure_message | Error message for failure In case of auto-deployment-related failure, an error message will be stored here. |
string | |
| status | Auto-deployed VM's deployment status Status of the addition or deletion of an auto-deployed Advanced Load Balancer controller node VM. |
string | Required Enum: NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, VM_POWER_ON_SUCCESSFUL, VM_REGISTRATION_IN_PROGRESS, VM_REGISTRATION_SUCCESSFUL, VM_REGISTRATION_FAILED, VM_WAITING_TO_COME_ONLINE, VM_ONLINE_FAILED, VM_CONFIGURATION_IN_PROGRESS, VM_CONFIGURATION_SUCCESSFUL, VM_CONFIGURATION_FAILED, VM_CLUSTERING_QUEUED, VM_CLUSTERING_IN_PROGRESS, VM_CLUSTERING_SUCCESSFUL, VM_CLUSTERING_FAILED, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, WAITING_TO_UNDEPLOY_VM, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, UNKNOWN_STATE |
ALBControllerNodeVMUpdateParameters (schema)
Parameters for updating Advanced Load Balancer Controller request
Parameters for updating Advanced Load Balancer Controller node VM password,
DNS and NTP related configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| running_config | Update Advanced Load Balancer Controller runtime config as well If true, then the configuration will be updated in the running Advanced Load Balancer Controllers as well. |
boolean |
ALBControllerSystemConfiguration (schema)
ALBControllerSystemConfiguration
Advanced Load Balancer Controller System Configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| backup_server_config | Backup server configuration for Advanced Load Balancer Controller Backup server configuration for Advanced Load Balancer Controller. |
ALBControllerBackupConfiguration | |
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| dns_servers | DNS servers. List of DNS servers. |
array of IPv4Address | |
| ntp_servers | NTP servers. List of NTP servers. |
array of HostnameOrIPv4Address |
ALBControllerSystemConfigurationResponse (schema)
Advanced Load Balancer controller node system configuration update response
Advanced Load Balancer controller node system configuration update response.
| Name | Description | Type | Notes |
|---|---|---|---|
| status | Advanced Load Balancer controller node system configuration update status Advanced Load Balancer controller node system configuration update status. |
string | Readonly |
ALBControllerUserCredential (schema)
ALBControllerServiceUserCredential
Advanced Load Balancer Controller service user credential.
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_id | Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX. |
string | Readonly |
| password | Password Password for the user credential object. |
secure_string | Required |
| user_credential_type | Type of user credential Type of user credential. |
string | Required Enum: CONTROLLER_ADMIN_USER_CREDENTIAL, VCENTER_SERVICE_USER_CREDENTIAL, NSX_SERVICE_USER_CREDENTIAL |
| username | Username Username for the credential object. |
string | Required |
ALBControllerUserCredentialResponse (schema)
ALBControllerUserCredentialResponse
Advanced Load Balancer Controller service user credential response
| Name | Description | Type | Notes |
|---|---|---|---|
| user_credential_type | Type of user credential Type of user credential. |
string | Required Enum: CONTROLLER_ADMIN_USER_CREDENTIAL, VCENTER_SERVICE_USER_CREDENTIAL, NSX_SERVICE_USER_CREDENTIAL |
| username | Username Username for the user credential object. |
string | Required |
ALBEnforcementPointState (schema)
Enforcement point state for ALB
Valid ENUM values for ALBEnforcementPointState
| Name | Description | Type | Notes |
|---|---|---|---|
| ALBEnforcementPointState | Enforcement point state for ALB Valid ENUM values for ALBEnforcementPointState |
string | Enum: ACTIVATE, DEACTIVATE_PROVIDER, DEACTIVATE_API |
ALGTypeNSService (schema)
An NSService element that represents an ALG protocol
| Name | Description | Type | Notes |
|---|---|---|---|
| alg | The Application Layer Gateway (ALG) protocol The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead. |
string | Required Enum: ORACLE_TNS, FTP, SUN_RPC_TCP, SUN_RPC_UDP, MS_RPC_TCP, MS_RPC_UDP, NBNS_BROADCAST, NBDG_BROADCAST, TFTP |
| destination_ports | The destination_port cannot be empty and must be a single value. | array of PortElement | Required Minimum items: 1 Maximum items: 15 |
| resource_type | Must be set to the value ALGTypeNSService | string | Required Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService |
| source_ports | Source ports | array of PortElement | Maximum items: 15 |
ALGTypeServiceEntry (schema)
An ServiceEntry that represents an ALG protocol
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alg | The Application Layer Gateway (ALG) protocol The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead. |
string | Required Enum: ORACLE_TNS, FTP, SUN_RPC_TCP, SUN_RPC_UDP, MS_RPC_TCP, MS_RPC_UDP, NBNS_BROADCAST, NBDG_BROADCAST, TFTP |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_ports | The destination_port cannot be empty and must be a single value. | array of PortElement | Required Minimum items: 1 Maximum items: 1 |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ALGTypeServiceEntry | string | Required Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry, NestedServiceServiceEntry |
| source_ports | array of PortElement | Maximum items: 15 | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AbstractSpace (schema)
The space in which policy is being defined
Represents the space in which the policy is being defined.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| connectivity_strategy | Connectivity strategy used by this tenant The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use "allow" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use "drop" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelisting with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added. |
string | Deprecated Enum: WHITELIST, BLACKLIST, WHITELIST_ENABLE_LOGGING, BLACKLIST_ENABLE_LOGGING, NONE |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value AbstractSpace | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AcceptableComponentVersion (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| acceptable_versions | List of component versions | array of string | Required |
| component_type | Node type | string | Required Enum: HOST, EDGE, CCP, MP |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value AcceptableComponentVersion | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AcceptableComponentVersionList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| results | Acceptable version whitelist for different components | array of AcceptableComponentVersion | Required |
Action (schema)
Reaction Action
Reaction Action is the action to take when the stipulated criteria specified
in the event exist over the source. Some example actions include:
- Notify Admin (or VMC's SRE) via email.
- Populate a specific label with the IPSec VPN Session.
- Remove the IPSec VPN Session from a specific label.
This is an abstract type. Concrete child types:
PatchResources
SetFields
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Resource Type Reaction Action resource type. |
string | Required Enum: PatchResources, SetFields |
ActionRequest (schema)
Action request object
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action to be performed Action required to be performed on intent |
string |
ActionableResource (schema)
Resources managed during restore process
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip_address | A resource reference on which actions can be performed | string | Format: hostname-or-ip |
| ipv6_address | ipv6 address IPv6 address of the current node |
string | Format: hostname-or-ip |
| resource_type | Must be set to the value ActionableResource | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ActionableResourceListRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| instruction_id | Id of the instruction set whose instructions are to be returned | string | Required |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ActionableResourceListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List results | array of ActionableResource | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ActiveDirectoryIdentitySource (schema)
An Active Directory identity source service
An identity source service that runs Microsoft Active Directory. The service allows selected user accounts defined in Active Directory to log into and access NSX-T.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alternative_domain_names | Additional domains to be directed to this identity source After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes. |
array of string | |
| base_dn | DN of subtree for user and group searches The subtree of the LDAP identity source to search when locating users and groups. |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| domain_name | Authentication domain name The name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use. |
string | Required |
| group_cache_ttl | Group cache time-to-live, in seconds NSX keeps a cache of Active Directory group membership for groups that have a configured NSX role, in order to speed up authentication. The cache will be refreshed after the time-to-live has expired. Until the cache is refreshed, any new groups added to Active Directory will not be visible to NSX. By default, the cached is refreshed once per minute. |
int | Default: "60" |
| id | Unique identifier of this resource | string | Sortable |
| ldap_servers | LDAP servers for this identity source The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported. |
array of IdentitySourceLdapServer | Maximum items: 3 |
| resolve_nested_groups | Resolve nested groups If true, NSX will recursively find all groups that the user belongs to, even if the groups are nested. This can perform slowly for users who are in many deeply nested groups. You can disable this option to improve performance, but only the groups that directly contain the user will be considered for access control decisions. |
boolean | Default: "True" |
| resource_type | Must be set to the value ActiveDirectoryIdentitySource | string | Required Enum: ActiveDirectoryIdentitySource, OpenLdapIdentitySource |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ActiveStandbySyncStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| description | Description of the status. | string | Required |
| full_sync_status | Status of full sync. | FullSyncStatus | Required |
| is_data_consistent | Indicates whether the data is consistent. Always returned as true when queried on an active Global Manager node. | boolean | Required |
| percentage_completed | Percentage estimate of synchronization progress. Ranges from 0 to 100. This value is only returned when queried on an active Global Manager node. | integer | |
| remaining_entries_to_send | Number of entries pending synchronization. This value is only returned when queried on an active Global Manager node. | integer | |
| standby_site | Name of standby site. | string | Required |
| status | Status of synchronization between active and standby Global Manager nodes. | string | Required Enum: UNAVAILABLE, ERROR, ONGOING, NOT_STARTED |
| sync_type | Type of synchronization currently in effect between active and standby Global Manager nodes. | string | Required Enum: UNAVAILABLE, DELTA_SYNC, FULL_SYNC |
AddALBControllerNodeVMInfo (schema)
Info for AddALBControllerNodeVM
Contains a list of Advanced Load Balancer controller node VM deployment requests.
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_requests | List of deployment requests Advanced Load Balancer Controller deployment requests to be deployed by NSX. |
array of ALBControllerNodeVMDeploymentRequest | Required Minimum items: 1 |
AddClusterNodeAction (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | string | Required Enum: add_cluster_node |
AddClusterNodeSpec (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| controller_role_config | AddControllerNodeSpec | ||
| display_name | Display name for the node | string | |
| external_id | External identifier of the node | string | |
| mgr_role_config | AddManagementNodeSpec |
AddClusterNodeVMInfo (schema)
Info for AddClusterNodeVM
Contains a list of cluster node VM deployment requests and optionally
a clustering configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_config | Configuration for auto-clustering of VMs post-deployment This property is deprecated since ClusteringConfig is no longer needed for auto-installation and will be ignored if provided. |
ClusteringConfig | Deprecated |
| deployment_requests | List of deployment requests Cluster node VM deployment requests to be deployed by the Manager. |
array of ClusterNodeVMDeploymentRequest | Required Minimum items: 1 |
AddControllerNodeSpec (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_params | Clustering parameters for the node The details of the controller node required for cluster initialization or joining to an existing cluster. If this property is set, the node will be added to an existing cluster or used to create a new cluster. Otherwise no clustering operation/s will be performed. |
ClusteringInfo | |
| control_plane_server_certificate | Deprecated. Do not supply a value for this property. | string | Deprecated |
| host_msg_client_info | MsgClientInfo | Required | |
| mpa_msg_client_info | MsgClientInfo | Required | |
| node_id | Internal identifier of the node Only use this if an id for the node already exists with MP. If not specified, then the node_id will be set to a random id. |
string | |
| type | must be set to AddControllerNodeSpec | string | Required Enum: AddControllerNodeSpec |
AddIdsCustomSignatureActionParameter (schema)
Action parameter to add custom signatures
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action to add custom signatures Action to add custom signatures. |
string | Required Enum: ADD_CUSTOM_SIGNATURES |
AddManagementNodeSpec (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cert_thumbprint | The certificate thumbprint of the remote node. | string | |
| mpa_msg_client_info | MsgClientInfo | ||
| password | The password to be used to authenticate with the remote node. | secure_string | Required |
| remote_address | The host address of the remote node to which to send this join request. | IPAddress | Required |
| type | must be set to AddManagementNodeSpec | string | Required Enum: AddManagementNodeSpec |
| user_name | The username to be used to authenticate with the remote node. | string | Required |
AdditionalMetadata (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| edge_number_of_edge_node_cpu_cores | Number of Edge node cores Telemetry info about the 'edge_number_of_edge_node_cpu_cores' |
string | Readonly |
| host_number_of_host_node_cpu_cores | Number of Host node cores Telemetry info about the 'host_number_of_host_node_cpu_cores' |
string | Readonly |
| intelligence_deployed | intelligence deployed Telemetry info about the 'k8s_deployed' |
string | Readonly |
| license_edition_type | license edition types Telemetry info about the 'license_edition_type' |
array of string | Readonly |
| license_key | license keys Telemetry info about the 'license_key' |
array of string | Readonly |
| max_raw_core_count_per_host | Max raw cores count found on host. | string | Readonly |
| max_raw_core_count_per_socket | Max raw cores per socket count found on host. | string | Readonly |
| max_socket_count_per_host | Max socket count found on host. | string | Readonly |
| mps_number_of_dfw_ids_rules_with_custom_mps_profiles | mps number of dfw ids rules with custom mps profiles Telemetry info about the 'mps_number_of_dfw_ids_rules_with_custom_mps_profiles' |
string | Readonly |
| mps_number_of_gateway_ids_rules_with_custom_mps_profiles | mps number of gateway ids rules with custom mps profiles Telemetry info about the 'mps_number_of_gateway_ids_rules_with_custom_mps_profiles' |
string | Readonly |
| mps_total_number_of_profiles | Total number of mps custom and default profiles. Telemetry info about the 'mps_total_number_of_profiles' |
string | Readonly |
| napp_appliance_version | napp version Telemetry info about the 'napp_appliance_version' |
string | Readonly |
| nsx_deployment_id | deployment id Telemetry info about the 'deployment_id' |
string | Readonly |
| nsx_manager_version | nsx manager version Telemetry info about the 'version' |
string | Readonly |
| nsx_site_id | nsx site id NSX default site id. |
string | Readonly |
| nta_enabled | nta enabled true if value of any one of "nta_detectorstate_*" events in SSP telemetry is enabled. Does not show if unable to get events. |
string | Readonly |
| num_edge_baremetal_at_minimum_cores | Number of edge baremetals cores between 8-24 cores. | string | Readonly |
| num_edge_baremetal_at_recommended_cores | Number of edge baremetals cores between 25-80 cores. | string | Readonly |
| num_edge_large_factor | Number of edges with 8 cores. | string | Readonly |
| num_edge_medium_factor | Number of edges with 4 cores. | string | Readonly |
| num_edge_small_factor | Number of edges with 2 cores. | string | Readonly |
| num_edge_xlarge_factor | Number of edges with 16 cores. | string | Readonly |
| number_of_dfw_rules | number of dfw rules Telemetry info about the 'number_of_dfw_rules' |
string | Readonly |
| number_of_firewall_rules | number of firewall rules Telemetry info about the 'number_of_firewall_rules' |
string | Readonly |
| number_of_ids_gateway_rules | number of ids gateway rules Telemetry info about the 'number_of_ids_gateway_rules' |
string | Readonly |
| number_of_ids_security_policies | number of ids security policies Telemetry info about the 'number_of_ids_security_policies' |
string | Readonly |
| number_of_nsgroups | number of NSGroup Telemetry info about the 'number_of_nsgroup' |
string | Readonly |
| number_of_prepared_hosts | number of prepared hosts Telemetry info about the 'number_of_prepared_hosts' |
string | Readonly |
| number_of_tier_0_gateways | number of tier 0 gateways Telemetry info about the 'tier0_gateways' |
string | Readonly |
| number_of_tier_1_gateways | count of number of vms used by this feature Telemetry info about the 'tier1_gateways' |
string | Readonly |
| number_of_virtual_machines | number of virtual machines Telemetry info about the 'number_of_virtual_machines' |
string | Readonly |
| recommendation_sessions_total | recommendation sessions total Telemetry info about the 'recommendation_sessions_total' |
string | Readonly |
| total_firewall_ipfix_profiles | total firewall ipfix profiles Telemetry info about the 'total_firewall_ipfix_profiles' |
string | Readonly |
AdditionalSearchParameters (schema) (Experimental)
Represents search object that provides additional search capabilities
This object presents additional search capabilities over any API through free text query string. e.g. query="Web-VM-1".
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| dsl | Search DSL (domain specific language) query It's human readable and context-based query language for retreiving information from search indices. For example: Find router where ip is 10.10.1.10 |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| query | Search query | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AddressBindingEntry (schema) (Deprecated)
Combination of IP-MAC-VLAN binding
An address binding entry is a combination of the IP-MAC-VLAN binding for
a logical port. The address bindings can be obtained via various methods
like ARP snooping, DHCP snooping etc. or by user configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| binding | Combination of IP-MAC-VLAN binding | PacketAddressClassifier | |
| binding_timestamp | Timestamp of binding Timestamp at which the binding was discovered via snooping or manually specified by the user |
EpochMsTimestamp | |
| source | Address binding source Source from which the address binding entry was obtained |
AddressBindingSource | Default: "UNKNOWN" |
AddressBindingSource (schema) (Deprecated)
Source from which the address binding is obtained
| Name | Description | Type | Notes |
|---|---|---|---|
| AddressBindingSource | Source from which the address binding is obtained | string | Deprecated Enum: INVALID, UNKNOWN, USER_DEFINED, ARP_SNOOPING, DHCP_SNOOPING, VM_TOOLS, ND_SNOOPING, DHCPV6_SNOOPING, VM_TOOLS_V6 |
AddressFamilyType (schema)
Type of Address Family
| Name | Description | Type | Notes |
|---|---|---|---|
| AddressFamilyType | Type of Address Family | string | Enum: IPV4_UNICAST, VPNV4_UNICAST, IPV6_UNICAST, L2VPN_EVPN |
AdvanceClusterRestoreInput (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| id | Unique id of an instruction (as returned by the GET /restore/status call) for which input is to be provided | string | Required Readonly |
| resources | List of resources for which the instruction is applicable. | array of SelectableResourceReference | Required |
AdvanceClusterRestoreRequest (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| data | List of instructions and their associated data | array of AdvanceClusterRestoreInput | Required |
AdvanceServiceConfig (schema)
Advanced deployment configuration
Contain optional configuration for deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| kubectl_tool | Filename of uploaded Kubernetes tools | string | Readonly |
| messaging_service_name | Messaging service FQDN FQDN to access kafka messaging service pod. |
string | |
| service_name | Service FQDN FQDN to access deployment pod. |
string |
AdvancedConfig (schema)
These are advanced configuration options.
| Name | Description | Type | Notes |
|---|---|---|---|
| high_performance_config_params | List of parameters that could be used to configure high performance. | array of HighPerformanceConfigParams | |
| high_performance_config_type | Must be set to the value AdvancedConfig | string | Required Enum: ADV_CONFIG, DRIVER_CONFIG, MISC_CONFIG |
| version | Based on the high_performance_config_type, it could be either driver version or host version. For high_performance_config_type as ADV_CONFIG or MISC_CONFIG, this represents host version. For high_performance_config_type as DRIVER_CONFIG, this represents physical NIC driver version. | array of string |
AdvertiseRule (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action to ALLOW or DENY advertisement of routes ALLOW action enables the advertisment and DENY action disables the advertisement of a filtered routes to the connected TIER0 router. |
string | Enum: DENY, ALLOW Default: "ALLOW" |
| description | Description | string | Maximum length: 1024 |
| display_name | Display name | string | Maximum length: 255 |
| networks | network(CIDR) to be routed | array of IPCIDRBlock | Required |
| rule_filter | Rule filter for the advertise rule | AdvertisementRuleFilter |
AdvertiseRuleList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| logical_router_id | Logical router id | string | Readonly |
| resource_type | Must be set to the value AdvertiseRuleList | string | |
| rules | List of advertisement rules | array of AdvertiseRule | Minimum items: 0 Default: "[]" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AdvertisedNetworkCsvRecord (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| network | Advertised Network Advertised network address. |
string | Required Readonly |
| rule_filter_type | Advertised rule filter type Advertised rule filter type |
string | Readonly |
| status | Advertisement status of network advertisement status of network to connected gateway SUCCESS - network route successfully plumbed on target gateway DENIED_BY_TARGET_GATEWAY - network denied by target gateway because of in filter rules or missing inter vrf config |
string | Readonly |
AdvertisedNetworksListRequestParameters (schema)
Advertised networks list parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AdvertisementConfig (schema)
Advertisement config
Advertisement config for different types of
routes which need to be advertised from TIER1 logical
router to the linked TIER0 logical router
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| advertise_dns_forwarder | Advertise dns forwarder ips Flag to advertise all routes of dns forwarder listener ips and source ips |
boolean | Default: "False" |
| advertise_ipsec_local_ip | Advertise IPSec VPN local endpoint ips Flag to advertise all IPSec VPN local endpoint ips to linked TIER0 logical router |
boolean | Default: "False" |
| advertise_lb_snat_ip | Advertise lb SNAT ips Flag to advertise all lb SNAT ips |
boolean | Default: "False" |
| advertise_lb_vip | Advertise lb vip ips Flag to advertise lb vip ips |
boolean | Default: "False" |
| advertise_nat_routes | Advertise NAT routes Flag to advertise all routes of nat |
boolean | Default: "False" |
| advertise_nsx_connected_routes | Advertise connected routes Flag to advertise all connected routes |
boolean | Default: "False" |
| advertise_static_routes | Advertise static routes Flag to advertise all static routes |
boolean | Default: "False" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Enable advertisement Flag to enable this configuration |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| logical_router_id | Logical router id TIER1 logical router id on which to enable this configuration |
string | Readonly |
| resource_type | Must be set to the value AdvertisementConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AdvertisementRuleFilter (schema)
To filter the routes advertised by the TIER1 LR to TIER0 LR. Filtering will be based on the type of route and the prefix operator configured.
| Name | Description | Type | Notes |
|---|---|---|---|
| match_route_types | Array of route types to filter routes | array of AdvertisementRuleFilterRouteType | Required Minimum items: 1 |
| prefix_operator | Prefix operator to apply on networks GE prefix operator filters all the routes having network subset of any of the networks configured in Advertise rule. EQ prefix operator filter all the routes having network equal to any of the network configured in Advertise rule. |
string | Required Enum: GE, EQ Default: "GE" |
AdvertisementRuleFilterRouteType (schema)
Route types to filter TIER1 LR advertised routes
Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised.
| Name | Description | Type | Notes |
|---|---|---|---|
| AdvertisementRuleFilterRouteType | Route types to filter TIER1 LR advertised routes Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised. |
string | Enum: ANY, STATIC, T1_STATIC, NSX_CONNECTED, T1_CONNECTED, T1_NAT, T1_LB_VIP, T1_LB_SNAT, T1_DNSFORWARDER, T1_IPSEC_LOCAL_IP |
AgentResource (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| memory_total | Total available memory Total available memory in kilobytes. |
integer | |
| memory_used | Used memory Used memory in kilobytes. |
integer |
AgentStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| components | agent subcomponent statuses List of agent subcomponent statuses |
array of AgentSubStatus | |
| last_status_changed_time | Timestamp of the last status change, in epoch milliseconds | EpochMsTimestamp | |
| name | Agent name | string | Enum: NSX_AGENT, NSX_OPSAGENT, NSX_CFGAGENT, NSX_NESTDB, NSX_EXPORTER, NSX_VDPI |
| resource_usage | Resource usage of this agent Periodically collected critical resource usage including memory usage. |
AgentResource | |
| status | Agent status | string | Enum: UP, DOWN, UNKNOWN, DEGRADED |
| status_description | Status description Describe what makes the status not UP |
string |
AgentStatusCount (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| agents | NSX agents status List of agent statuses belonging to the transport node |
array of AgentStatus | |
| degraded_count | Degraded count | int | |
| down_count | Down count | int | |
| last_status_changed_time | Timestamp of the last status change, in epoch milliseconds | EpochMsTimestamp | |
| smartnic_agents | NSX smartnic agents status List of Smartnic agent statuses |
array of SmartnicAgentStatus | |
| status | Roll-up agent status | string | Enum: UP, DOWN, UNKNOWN, DEGRADED |
| up_count | Up count | int |
AgentSubStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| name | Agent subcomponent name | string | |
| status | Agent subcomponent status | string | Enum: UP, DOWN, UNKNOWN |
| status_description | Status description Describe what makes the status not UP |
string |
AggregateDNSForwarderStatistics (schema)
Aggregate of DNS forwarder statistics
Aggregate of DNS forwarder statistics across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String path of the DNS forwarder intent String path of the DNS forwarder intent. |
string | Required |
| statistics_per_enforcement_point | List of DNS forwarder statistics per enforcement point List of DNS forwarder statistics per enforcement point. |
array of DNSForwarderStatisticsPerEnforcementPoint (Abstract type: pass one of the following concrete types) NsxTDNSForwarderStatistics |
Readonly |
AggregateDNSForwarderStatus (schema)
Aggregate of DNS forwarder status
Aggregate of DNS forwarder status across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String path of the DNS forwarder intent String path of the DNS forwarder intent. |
string | Required |
| status_per_enforcement_point | List of DNS forwarder status per enforcement point List of DNS forwarder status per enforcement point. |
array of DNSForwarderStatusPerEnforcementPoint (Abstract type: pass one of the following concrete types) NsxTDNSForwarderStatus |
Readonly |
AggregateIPSecVpnSessionStatistics (schema)
Aggregate of IPSec VPN session statistics
Provides the following details for an IPSec VPN session across all enforcement points:
- Aggregated statistics of all IPSec tunnels.
- Aggregated statistics of all IPSec tunnels under a policy.
- Individual tunnel statistics under a policy.
- Alarm information details.
- VPN session name.
- IKE status summary.
Note: IKE traffic statistics are not supported.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of IPSec VPN session statistics per enforcement point For every enforcement point, it lists the aggregated IPSec tunnel statistics, policy statistics, IKE status summary, VPN session name and any associated alarm details. |
array of IPSecVpnSessionStatisticsPerEP (Abstract type: pass one of the following concrete types) IPSecVpnSessionStatisticsNsxT |
Readonly |
AggregateIPSecVpnSessionStatus (schema)
Aggregate of IPSec VPN Session Status
Aggregate of IPSec VPN Session Status across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of IPSec VPN Session Status per Enforcement Point List of IPSec VPN Session Status per Enforcement Point. |
array of IPSecVpnSessionStatusPerEP (Abstract type: pass one of the following concrete types) IPSecVpnSessionStatusNsxT |
Readonly |
AggregateL2VPNSessionPeerConfig (schema)
Aggregate of L2VPN Session Peer Config
Aggregate of L2VPN Session peer config across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of L2VPN Session Peer config per Enforcement Point List of L2VPN Session peer config per Enforcement Point. |
array of L2VPNSessionPeerConfigPerEP (Abstract type: pass one of the following concrete types) L2VPNSessionPeerConfigNsxT |
Readonly |
AggregateL2VPNSessionStatistics (schema)
Aggregate of L2VPN session statistics
Provides the following details for L2VPN sessions across all enforcement points:
- Traffic statistics of an L2VPN tunnel.
- Traffic statistics of all L2VPN stretched segment ports.
- Alarm information details.
- L2VPN session name.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of L2VPN session statistics per enforcement point For every enforcement point, it lists the VPN session name, alarm details, and statistics of L2VPN tunnels and L2VPN segments. |
array of L2VPNSessionStatisticsPerEP (Abstract type: pass one of the following concrete types) L2VPNSessionStatisticsNsxT |
Readonly |
AggregateL2VPNSessionStatus (schema)
Aggregate of L2VPN Session Status
Aggregate of L2VPN Session Status across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | List of L2VPN Session Status per Enforcement Point List of L2VPN Session Status per Enforcement Point. |
array of L2VPNSessionStatusPerEP (Abstract type: pass one of the following concrete types) L2VPNSessionStatusNsxT |
Readonly |
AggregateL2VpnSessionRemoteMac (schema)
Aggregate of L2Vpn Session Remote Mac
Aggregate of L2Vpn session remote mac across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| l2vpn_session_remote_macs | List of L2Vpn Session remote mac | array of L2VpnSessionRemoteMacPerEP (Abstract type: pass one of the following concrete types) L2VpnSessionRemoteMacNsxT |
Readonly |
AggregateLBNodeUsageSummary (schema)
Aggregate of LBNodeUsageSummary across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBNodeUsageSummary list results LBNodeUsageSummary list results. |
array of LBNodeUsageSummary | Readonly |
AggregateLBPoolStatistics (schema)
Paged Collection of LBPoolStatisticsPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBPoolStatisticsPerEP list results LBPoolStatisticsPerEP list results. |
array of LBPoolStatisticsPerEP (Abstract type: pass one of the following concrete types) LBPoolStatistics |
Readonly |
AggregateLBPoolStatus (schema)
Paged Collection of LBPoolStatusPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBPoolStatusPerEP list results LBPoolStatusPerEP list results. |
array of LBPoolStatusPerEP (Abstract type: pass one of the following concrete types) LBPoolStatus |
Readonly |
AggregateLBServiceStatistics (schema)
Paged Collection of LBServiceStatisticsPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBServiceStatisticsPerEP list results LBServiceStatisticsPerEP list results. |
array of LBServiceStatisticsPerEP (Abstract type: pass one of the following concrete types) LBServiceStatistics |
Readonly |
AggregateLBServiceStatus (schema)
Paged Collection of LBServiceStatusPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBServiceStatusPerEP list results LBServiceStatusPerEP list results. |
array of LBServiceStatusPerEP (Abstract type: pass one of the following concrete types) LBServiceStatus |
Readonly |
AggregateLBServiceUsage (schema)
Aggregate of LBServiceUsagePerEP across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBServiceUsagePerEP list results LBServiceUsagePerEP list results. |
array of LBServiceUsagePerEP (Abstract type: pass one of the following concrete types) LBServiceUsage |
Readonly |
AggregateLBVirtualServerStatistics (schema)
Paged Collection of LBVirtualServerStatisticsPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBVirtualServerStatisticsPerEP list results LBVirtualServerStatisticsPerEP list results. |
array of LBVirtualServerStatisticsPerEP (Abstract type: pass one of the following concrete types) LBVirtualServerStatistics |
Readonly |
AggregateLBVirtualServerStatus (schema)
Paged Collection of LBVirtualServerStatusPerEP
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| results | LBVirtualServerStatusPerEP list results LBVirtualServerStatusPerEP list results. |
array of LBVirtualServerStatusPerEP (Abstract type: pass one of the following concrete types) LBVirtualServerStatus |
Readonly |
AggregatePolicyDnsAnswer (schema)
Aggregate of DNS forwarder nslookup answer
Aggregate of DNS forwarder nslookup answer across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| dns_answer_per_enforcement_point | List of DNS forwarder nslookup answer per enforcement point List of DNS forwarder nslookup answer per enforcement point. |
array of PolicyDnsAnswerPerEnforcementPoint | Readonly |
| intent_path | String path of the DNS forwarder intent String path of the DNS forwarder intent. |
string | Required |
AggregatePolicyRuntimeInfo (schema)
Aggregate of PolicyRuntimeInfoPerEP
Aggregate of PolicyRuntimeInfoPerEP across Enforcement Points.
| Name | Description | Type | Notes |
|---|---|---|---|
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
AggregateTunnelTrafficStatistics (schema)
Aggregate Tunnel Traffic Statistics object
Provides aggregated traffic statistics of a given tunnel resource type.
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Indicates Resource type of tunnel GreTunnelAggregateTrafficStatistics - Resource type as GreTunnelAggregateTrafficStatistics will be used to populate P2P GRE Aggregate Tunnel traffic statistics |
string | Required Enum: GreTunnelAggregateTrafficStatistics |
AggregatedDataCounter (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| rx_bytes | DataCounter | Readonly | |
| rx_packets | DataCounter | Readonly | |
| tx_bytes | DataCounter | Readonly | |
| tx_packets | DataCounter | Readonly |
AggregatedDataCounterEx (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| dropped_by_firewall_packets | DfwDropCounters | Readonly | |
| dropped_by_security_packets | PacketsDroppedBySecurity | Readonly | |
| mac_learning | MacLearningCounters | Readonly | |
| rx_bytes | DataCounter | Readonly | |
| rx_packets | DataCounter | Readonly | |
| tx_bytes | DataCounter | Readonly | |
| tx_packets | DataCounter | Readonly |
AggregatedFeatureDetailListResult (schema)
Paged Collection of AggregatedFeatureStateDetail
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | AggregatedFeatureStateDetail list results | array of AggregatedFeatureStateDetails | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AggregatedFeatureListResult (schema)
Paged Collection of AggregatedFeatureState
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | AggregatedFeatureState list results | array of AggregatedFeatureState | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AggregatedFeatureState (schema)
Aggregated Feature State
Feature state aggregating both feature flag and license information
| Name | Description | Type | Notes |
|---|---|---|---|
| feature_name | feature name | string | Required |
| state | Aggregated feature state | string | Required Enum: INCOMPATIBLE, DISABLED_AND_UNLICENSED, ENABLED_ONLY, LICENSED_ONLY, ENABLED_AND_LICENSED |
AggregatedFeatureStateDetails (schema)
Aggregated Feature State Details
Feature state aggregating both feature flag and license information including API details
| Name | Description | Type | Notes |
|---|---|---|---|
| apis | APIs in feature The list of APIs included in the named feature |
array of string | |
| attributes | DTO attributes in feature The list of DTO attributes included in the named feature |
array of string | |
| enum_values | DTO attribute enums in feature The list of DTO attribute enum values included in the named feature |
array of string | |
| feature_name | feature name | string | Required |
| state | Aggregated feature state | string | Required Enum: INCOMPATIBLE, DISABLED_AND_UNLICENSED, ENABLED_ONLY, LICENSED_ONLY, ENABLED_AND_LICENSED |
AggregatedLogicalRouterPortCounters (schema)
Aggregate of logical router port statistics
Provides the following aggregated information of the logical router ports:
- Incoming packet counters on the logical router ports. It includes the total number of packets
received, dropped, and the number of errors and failures causing the drops. The counters are from the
time the logical router port was created. The interface statistics from a given transport node will be
reset on edge reboot or edge dataplane restart of that node.
- Outgoing packet counters on the logical router ports. It includes the total number of packets
sent, dropped, and the number of errors and failures causing the drops. The counters are from the time
logical router port was created. The logical router port statistics from a given transport node will be
reset on edge reboot or edge dataplane restart of that node.
- Some of the packet drop reasons include, the DAD (Duplicate Address Detection) status of the IP
is not in ASSIGNED state, firewall rules, failed to fragment the packet, receive malformed packet,
could not find route to destination, absence of the receiver, insufficient memory, incomplete ARP
resolution of the next-hop, RPF check failure, failed to redirect packet to KNI interface,
TTL exceeded, port does not have a linked peer port and and unsupported - destination, protocol
or L4 port.
- Some of the IPSec packet drop reasons include the missing security association or VTI interface. It
also includes packets dropped due to policy lookup error or block policy.
- Provides the total number of service-insertion, KNI, non-IP and IPv6 packets dropped.
| Name | Description | Type | Notes |
|---|---|---|---|
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has never updated the data. | EpochMsTimestamp | Readonly |
| rx | Packets in statistics Provides the aggregated incoming packet counters on the logical router port. It includes the total number of packets received, dropped, and the number of errors and failures causing the drops. The counters are from the time the logical router port was created. The statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node. |
LogicalRouterPortCounters | Readonly |
| tx | Packets out statistics Provides the aggregated outcoming packet counters on the logical router port. It includes the total number of packets sent, dropped, and the number of errors and failures causing the drops. The counters are from the time the logical router port was created. The statistics from a given transport node will be reset on edge reboot or edge dataplane restart of that node. |
LogicalRouterPortCounters | Readonly |
Alarm (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alarm_source | Source identifying entity that the Event instance applies to
If alarm_source_type = INTENT_PATH, this field will contain a list of intent paths for the entity that the event instance applies to. If alarm_source_type = ENTITY_ID, this field will contain a list with a single item identifying the entity id that the event instance applies to. |
array of string | Required Readonly |
| alarm_source_type | Alarm Source type of the Event Type of alarm source of the Event instance. Can be one of - INTENT_PATH, ENTITY_ID. |
AlarmSourceType | Required Readonly |
| description | Detailed description of Alarm Detailed description of Alarm. This is the same detailed description as the corresponding Event identified by feature_name.event_type. |
string | Required Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| entity_id | The UUID of the entity that the Event instance applies to The entity that the Event instance applies to. Note entity_id may not be included in a response body. For example, the cpu_high Event may not return an entity_id. |
string | Readonly |
| entity_resource_type | The type of entity that the Event instance applies to The entity type that the Event instance applies to. |
string | Readonly |
| event_tags | Tags applicable to the event Tags applicable to event, for example, INFRASTRUCTURE or INTELLIGENCE. |
array of string | Readonly |
| event_type | Name of event Name of Event, e.g. manager_cpu_usage_high, certificate_expired. |
string | Required Readonly |
| event_type_display_name | Display name of event type Display name of Event type. |
string | Required Readonly |
| feature_display_name | Display name of feature Display name of feature defining this Event. |
string | Required Readonly |
| feature_name | Feature defining this event Feature defining this Event, e.g. manager_health, certificates. |
string | Required Readonly |
| id | ID that uniquely identifies an Alarm ID that uniquely identifies an Alarm. |
string | Required Readonly |
| kb_article | Link to knowledge base article KB article link that contains more information on this alarm and recommended actions. Users can refer to the specified link if needed. |
string | Readonly |
| last_reported_time | Last reported time of event instance Indicates when the corresponding Event instance was last reported in milliseconds since epoch. |
EpochMsTimestamp | Readonly |
| node_display_name | Display name of node Display name of node that the event instance applies to. |
string | Readonly |
| node_id | The UUID of the node that the Event instance applies to The UUID of the node that the Event instance applies to. |
string | Required Readonly |
| node_ip_addresses | IP addresses of node IP addresses of node that the event instance applies to. |
array of string | Readonly |
| node_resource_type | The resource type of node that the Event instance applies to The resource type of node that the Event instance applies to eg. ClusterNodeConfig, TransportNode. |
string | Readonly |
| recommended_action | Recommended action for Alarm Recommended action for Alarm. This is the same action as the corresponding Event identified by feature_name.event_type. |
string | Required Readonly |
| reoccurrences_while_suppressed | The number of reoccurrences since this alarm has been SUPPRESSED The number of reoccurrences since this alarm has been SUPPRESSED. |
integer | Readonly |
| resolved_by | User ID of the user that set the status value to RESOLVED User ID of the user that set the status value to RESOLVED. This value can be SYSTEM to indicate that the system resolved the Alarm, for example when the system determines CPU usage is no longer high and the cpu_high Alarm is no longer applicable. This property is only returned when the status value is RESOLVED. |
string | Readonly |
| resolved_time | Time when Alarm was resolved Indicates when the Alarm was resolved in milliseconds since epoch. This property is only returned when the status value is RESOLVED. |
EpochMsTimestamp | Readonly |
| resource_type | Must be set to the value Alarm | string | |
| runtime_data | Runtime data for Alarm Runtime data for Alarm. When an alarming condition occurs, there may be additional data of interest when triaging the underlying issue, for example, output from system commands captured at the time of the error. Note, the contents of this property are not localized. |
string | Readonly |
| severity | Severity of the Alarm Severity of the Alarm.Can be one of - CRITICAL, HIGH, MEDIUM, LOW. |
MonitoringSeverity | Required Readonly |
| status | Status of the Alarm Indicate the status which the Alarm is in. |
MonitoringStatus | Required |
| summary | Summary description of Alarm Summary description of Alarm. This is the same summary description as the corresponding Event identified by feature_name.event_type. |
string | Required Readonly |
| suppress_duration | Duration in hours for which an Alarm is SUPPRESSED The time period between suppress_start_time and suppress_start_time + suppress_duration (specified in hours) an Alarm is SUPPRESSED. This property is only returned when the status value is SUPPRESSED. |
integer | |
| suppress_start_time | Time when Alarm was suppressed Indicates when the Alarm was suppressed in milliseconds since epoch. This property is only returned when the status value is SUPPRESSED. |
EpochMsTimestamp | Readonly |
| suppressed_by | User ID of the user that set the status value to SUPPRESSED User ID of the user that set the status value to SUPPRESSED. This property is only returned when the status value is SUPPRESSED. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AlarmFilterParameter (schema)
Parameters to filter alarms
| Name | Description | Type | Notes |
|---|---|---|---|
| after | Filter to fetch alarms after the specified time Filter to fetch alarms after the specified time. |
EpochMsTimestamp | |
| before | Filter to fetch alarms before the specified time Filter to fetch alarms before the specified time. |
EpochMsTimestamp | |
| cursor | Cursor for pagination Opaque cursor to be used for getting next page of records (supplied by current result page). |
string | |
| event_tag | Event tag Specify tags for which alarms should be filtered, for example, INFRASTRUCTURE or INTELLIGENCE. |
string | |
| event_type | Event Type Filter Specify one or more event types for which alarms should be filtered. |
string | |
| feature_name | Feature Name Specify one or more feature names for which alarms should be filtered. |
string | |
| id | Alarm ID Specify one or more alarm IDs for which alarms should be filtered. |
string | |
| intent_path | Intent Path for entity ID Specify one or more intent paths for which alarms should be filtered. |
string | |
| node_id | Node ID Specify one or more node IDs for which alarms should be filtered. |
string | |
| node_resource_type | Node Resource Type Specify one or more node resource types for which alarms should be filtered. |
string | |
| org | Org ID Specify Org ID for which alarms should be filtered. |
string | |
| page_size | Page Size for pagination Maximum number of results to return in this page (server may return fewer). |
integer | |
| project | Project ID Specify Project ID for which alarms should be filtered. |
string | |
| severity | Severity Specify one or more severity levels for which alarms should be filtered. Must be one of CRITICAL, HIGH, MEDIUM, LOW. |
string | |
| sort_ascending | Represents order of sorting the values If true, the value of the column are sorted in ascending order. Otherwise, in descending order. |
boolean | Default: "True" |
| sort_by | Key for sorting on this column Sorting on column is based on the sort_by. sort_by represents the field in the output data on which sort is requested. |
string | |
| status | Status Specify one or more status for which alarms should be filtered. Must be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED. |
string | |
| vpc | VPC ID Specify VPC ID for which alarms should be filtered. |
string |
AlarmSourceType (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| AlarmSourceType | string | Enum: INTENT_PATH, ENTITY_ID, SYSTEM_ID |
AlarmStatusParameter (schema)
Parameters to update status of alarm
| Name | Description | Type | Notes |
|---|---|---|---|
| new_status | Status Specify new alarm status for the alarm. Can be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED. |
MonitoringStatus | Required |
| suppress_duration | Duration in hours for which Alarm should be suppressed Specify duration in hours for which Alarm should be suppressed.This value must be specified if the new_status is SUPPRESSED. |
integer |
AlarmsListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of alarms known to the system | array of Alarm | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AlbControllerClusterRuntimeError (schema)
Advanced Load Balancer controller cluster runtime error
Advanced Load Balancer controller cluster runtime error.
| Name | Description | Type | Notes |
|---|---|---|---|
| error_code | Advanced Load Balancer cluster runtime error code Advanced Load Balancer cluster runtime error code. |
int | Readonly |
| error_message | Advanced Load Balancer cluster runtime error msg Advanced Load Balancer cluster runtime error msg. |
string | Readonly |
AlbControllerVsphereClusterNodeVmDeploymentConfig (schema)
Deployment config on the vSphere platform
The vSphere deployment configuration determines where to deploy the
Advanced Load Balancer controller node VM through a vCenter server. It contains settings that are
applied during install time.
If using DHCP, the following fields must be left unset -
management_port_subnets, and default_gateway_addresses
| Name | Description | Type | Notes |
|---|---|---|---|
| compute_id | Cluster identifier or resourcepool identifier The Advanced Load Balancer controller node VM will be deployed on the specified cluster or resourcepool for specified VC server. |
string | Required |
| default_gateway_addresses | Default gateway for the VM The default gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use DHCP. Note: only single IPv4 default gateway address is supported and it must belong to management network. |
array of IPAddress | Minimum items: 1 Maximum items: 1 |
| disk_provisioning | Disk provitioning type Specifies the disk provisioning type of the VM. |
DiskProvisioning | Default: "THIN" |
| display_name | Advanced Load Balancer controller VM display name Desired display name for Advanced Load Balancer controller VM to be deployed. |
string | |
| dns_servers | DNS servers. List of DNS servers. |
array of IPv4Address | |
| host_id | Host identifier The Advanced Load Balancer controller node VM will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host. |
string | |
| hostname | Host name or FQDN for the VM Desired host name/FQDN for the VM to be deployed. |
string | Required Format: hostname-or-ip |
| management_network_id | Portgroup identifier for management network connectivity Distributed portgroup identifier to which the management vnic of Advanced Load Balancer controller node VM will be connected. |
string | Required |
| management_port_subnets | Port subnets for management port IP Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use DHCP. Note: only one IPv4 address is supported for the management port. |
array of IPSubnet | Minimum items: 1 Maximum items: 1 |
| ntp_servers | NTP servers. List of NTP servers. |
array of HostnameOrIPv4Address | |
| placement_type | Must be set to the value AlbControllerVsphereClusterNodeVmDeploymentConfig | string | Required Enum: AlbControllerVsphereClusterNodeVmDeploymentConfig |
| storage_id | Storage/datastore identifier The Advanced Load Balancer controller node VM will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host. |
string | Required |
| storage_policy_id | Storage policy uuid The cluster node VM will be deployed with the specified storage policy on the specified datastore in the specified VC server. User must ensure that the storage policy is applicable on the given datastore. |
string | |
| vc_id | vSphere compute identifier for identifying VC server The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server. |
string | Required |
AllClusterGroupStatus (schema)
Status of all the cluster groups
A list of the statuses of all the groups in the cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | UUID of the cluster | string | Readonly |
| groups | Array of groups and their statuses | array of ClusterGroupStatus | Readonly |
| overall_status | Overall status of the cluster | string | Readonly Enum: STABLE, DEGRADED, UNAVAILABLE |
AllIdsEventsRequestQueryParameters (schema)
Query parameters passed to the ids-events API
Represents the query parameters, such as the tenancy context,
that the ids-events API accepts.
| Name | Description | Type | Notes |
|---|---|---|---|
| context | TenancyContextQueryParameter |
AllocatedService (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| allocation_details | Key-Value map of additional specific properties of services Additional properties of a service, say the sub_pool_size and sub_pool_type for a LoadBalancer. |
array of KeyValuePair | |
| high_availability_status | HA Status of the service context node Represents the active or the standby state of the service. |
string | Readonly Enum: ACTIVE, STANDBY, DOWN, SYNC, UNKNOWN |
| service_reference | Id and Name of the service context configured on edge node. | ResourceReference | Required Readonly |
AllocationAction (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Specifies allocate or release action | string | Required Enum: ALLOCATE, RELEASE |
AllocationBasedOnFailureDomain (schema)
Placement based on failure domain of edge node
Auto place TIER1 logical routers, DHCP and MDProxy contexts on two edge
nodes (active and standby) from different failure domains.
| Name | Description | Type | Notes |
|---|---|---|---|
| action_type | Must be set to the value AllocationBasedOnFailureDomain | AllocationRuleActionType | Required |
| enabled | Flag to enable failure domain based allocation Enable placement algorithm to consider failure domain of edge transport nodes and place active and standby contexts in different failure domains. |
boolean | Default: "False" |
AllocationIpAddress (schema)
Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| allocation_id | Address that is allocated from pool | IPAddress | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value AllocationIpAddress | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AllocationIpAddressListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Pool allocation list results | array of AllocationIpAddress | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AllocationPool (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_service_count | Number of active services on edge node Represents the number of acitve services running on the edge node. |
int | Readonly |
| standby_service_count | Number of standby services on edge node Represents the number of standby services running on the edge node. |
int | Readonly |
| sub_pools | Edge node sub-pool allocation details Allocation details of sub-pools configured on edge node. |
array of SubPool |
AllocationPoolType (schema)
Types of logical router allocation pool based on services
| Name | Description | Type | Notes |
|---|---|---|---|
| AllocationPoolType | Types of logical router allocation pool based on services | string | Enum: LoadBalancerAllocationPool |
AllocationRule (schema)
Allocation rule on edge cluster
Allocation rule on edge cluster which will be considered in auto placement
of TIER1 logical routers, DHCP and MDProxy.
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Action for allocation rule Set action for each allocation rule |
AllocationRuleAction (Abstract type: pass one of the following concrete types) AllocationBasedOnFailureDomain |
Required |
AllocationRuleAction (schema)
Set action for allocation rule
Define action for each allocation rule which added on edge cluster.
This is an abstract type. Concrete child types:
AllocationBasedOnFailureDomain
| Name | Description | Type | Notes |
|---|---|---|---|
| action_type | Type of action for allocation rule Set action for each allocation rule on edge cluster which will help in auto placement. |
AllocationRuleActionType | Required |
AllocationRuleActionType (schema)
Type of action for allocation rule
Set action for each allocation rule on edge cluster which will help in auto
placement.
| Name | Description | Type | Notes |
|---|---|---|---|
| AllocationRuleActionType | Type of action for allocation rule Set action for each allocation rule on edge cluster which will help in auto placement. |
string | Enum: AllocationBasedOnFailureDomain |
AnalyticsMaintenanceMode (schema)
NSX+ Analytics Agent Maintenance Mode
Set Analytics agents to maintenance mode during cluster changes.
| Name | Description | Type | Notes |
|---|---|---|---|
| agent_error_message | Error if site cannot be found in Corfu string describing the error |
string | |
| enable | Boolean switch to activate/deactivate the AnalyticsAgent's maintenance mode Activate/deactivate maintenance mode |
boolean | Required |
AntreaAdapterStatus (schema)
Antrea adapter status
| Name | Description | Type | Notes |
|---|---|---|---|
| conditions | Adapter conditions Collection of adapter conditions. |
array of ComponentConditionItem | Readonly |
| status | Antrea adapter status Indicate overall healthy status. |
ComponentStatus | Readonly |
AntreaAgentsInfo (schema)
Antrea agents information
| Name | Description | Type | Notes |
|---|---|---|---|
| degraded_agent_num | The number of degraded agents | int | Readonly |
| failed_agent_num | The number of failed agents | int | Readonly |
| healthy_agent_num | The number of healthy agents | int | Readonly |
AntreaClusterInfo (schema)
Antrea cluster info
Antrea cluster status info.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| agent_info | Antrea agent info | AntreaAgentsInfo | Readonly |
| ccp_adapter_status | Antrea CCP adapter status Including component status and CCP_ADAPTER_ prefix conditions status. |
AntreaAdapterStatus | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| controller_status | Antrea Controller status Including component status, connected agent and CONTROLLER_ prefix conditions status. |
AntreaControllerStatus | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| mp_adapter_status | Antrea MP adapter status Including component status and MP_ADAPTER_ prefix conditions status. |
AntreaAdapterStatus | Readonly |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value AntreaClusterInfo | string | |
| status | Roll-up status of components | ComponentStatus | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AntreaClusterListRequestParameters (schema)
Antrea cluster list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AntreaClusterListResult (schema)
Antrea Cluster list
Paged list of Antrea Cluster list.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Antrea cluster list results | array of AntreaClusterInfo | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AntreaContainerClusterNode (schema)
Antrea container cluster and its nodes requiring a support bundle
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | The UUID of the container cluster | string | Required |
| nodes | List of at most 200 container node UUIDs requiring a support bundle | array of string | Minimum items: 1 |
AntreaControllerStatus (schema)
Antrea Controller status
Antrea Controller status, including component status, connected agent and CONTROLLER_ prefix conditions status.
| Name | Description | Type | Notes |
|---|---|---|---|
| conditions | Controller conditions Collection of controller related conditions. |
array of ComponentConditionItem | Readonly |
| connected_agent_num | The number of connected agents If status is UNKNOWN, this number is meaningless. |
int | Readonly |
| status | Antrea Controller status Indicate overall healthy status. |
ComponentStatus | Readonly |
AntreaHeartbeatConfig (schema)
Antrea heartbeat configuration
Antrea heartbeat configuration for interval time.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| report_interval | Report interval for Antrea heartbeat with NSX in seconds If exceeding 3*report_interval, there is still no heartbeat, cluster status will be UNKNOWN. |
int | Required Minimum: 60 Maximum: 600 Default: "60" |
| resource_type | Must be set to the value AntreaHeartbeatConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AntreaHeartbeatConfigListResult (schema)
Antrea Cluster heartbeat config list
Paged list of Antrea Cluster heartbeat config.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Antrea cluster heartbeat config list List of Antrea cluster heartbeat config. |
array of AntreaHeartbeatConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AntreaSupportBundleContainerNode (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| clusters | List of AntreaContainerClusterNodes identifying container clusters and their nodes | array of AntreaContainerClusterNode | Minimum items: 1 |
| container_type | Must be set to the value AntreaSupportBundleContainerNode | string | Required Enum: ANTREA |
AntreaTraceflowConfig (schema)
Antrea traceflow configuration
The configuration for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| container_cluster_id | Container cluster ID Container cluster ID in inventory. This property is used to identify multiple clusters under single NSX-T. |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_external_id | Destination external id Destination external id for Antrea traceflow. Must be ContainerApplicationInstance or ContainerApplication. Ignored if destination_ip provided in packet data. |
string | |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| is_transient | Marker to indicate if intent is transient This field indicates if intent is transient and will be cleaned up by the system if set to true. |
boolean | Default: "True" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| packet | Packet configuration Configuration of packet data. |
AntreaTraceflowPacketData | |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value AntreaTraceflowConfig | string | |
| source_external_id | Source external id Source external id for Antrea traceflow. Must be ContainerApplicationInstance external_id. |
string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
AntreaTraceflowConfigListResult (schema)
Paged Collection of AntreaTraceflowConfigs
Paged Collection for AntreaTraceflowConfigs.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | AntreaTraceflowConfig list results | array of AntreaTraceflowConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AntreaTraceflowIcmpEchoRequestHeader (schema)
IcmpEchoHeader for Antrea traceflow
IcmpEchoRequest header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| id | IcmpEchoRequest id Id of IcmpEchoRequest. |
integer | |
| sequence | Icmp sequence Sequence number of IcmpEchoRequest. |
integer |
AntreaTraceflowIpHeader (schema)
IpHeader for Antrea traceflow
Ip header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| dstIp | Destination ip Destination ip address in IpHeader. |
string | |
| flags | Flags Protocol setting in IpHeader. |
integer | |
| protocol | Protocol Protocol setting in IpHeader. |
integer | |
| srcIp | Source ip Source ip address in IpHeader. |
string | |
| ttl | Time to live TTL value in IpHeader. Default is 64. |
integer |
AntreaTraceflowIpv6Header (schema)
Ipv6Header for Antrea traceflow
Ipv6 header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| dstIp | Destination ip Destination ip address in Ipv6Header. |
string | |
| hopLimit | Hop limit Hop limit setting in Ipv6Header. |
integer | |
| nextHeader | Next header Next header setting in Ipv6Header. |
integer | |
| srcIp | Source ip Source ip address in Ipv6Header. |
string |
AntreaTraceflowObservation (schema)
Observation for Antrea traceflow
Observation result for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | The component type The type of component. |
string | Readonly Enum: UNKNOWN, ANTREA_SPOOFGUARD, ANTREA_LB, ANTREA_ROUTING, ANTREA_DFW, ANTREA_FORWARDING |
| container_node_id | Container node UID UID of the container node that observed a traceflow packet. |
string | Readonly |
| observation_type | The observation type The type of observation. AntreaTraceflowObservationDelivered: The packet was delivered to destination Pod properly AntreaTraceflowObservationReceived: The packet was received from another ContainerNode AntreaTraceflowObservationForwarded: The packet was forwarded to next logical node or ContainerNode AntreaTraceflowObservationDropped: The packet was dropped |
string | Required Enum: AntreaTraceflowObservationDelivered, AntreaTraceflowObservationReceived, AntreaTraceflowObservationForwarded, AntreaTraceflowObservationDropped |
| timestamp | Timestamp Timestamp when the observation was collect by Antrea controller. |
integer | Readonly |
AntreaTraceflowObservationListResult (schema)
List object for AnteaTraceflowObservation
List collection for AnteaTraceflowObservation, used in batch API.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | AntreaTraceflowObservation list results | array of AntreaTraceflowObservation | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AntreaTraceflowPacketData (schema)
Packet data for Antrea traceflow
Packet data stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| frameSize | Packet frame size This property is used to set packet data size. |
integer | |
| ipHeader | Ipv4 header configuration This property is used to set ipv4 header data. |
AntreaTraceflowIpHeader | |
| ipv6Header | Ipv6 header configuration This property is used to set ipv6 header data. |
AntreaTraceflowIpv6Header | |
| payload | Packet payload This property is used to set payload data. |
string | |
| resourceType | Packet resource type This property is used to set resource type. |
string | Enum: FIELDS_PACKET_DATA, BINARY_PACKET_DATA |
| transportHeader | Transport header configuration This property is used to set transport header data. |
AntreaTraceflowTransportHeader | |
| transportType | Transport type This property is used to set transport type. |
string | Enum: UNICAST, MULTICAST, BROADCAST, UNKNOWN |
AntreaTraceflowStatus (schema)
Status for Antrea traceflow
The status value of one Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| phase | Phase The execution phase of one traceflow. |
string | Enum: SUCCEEDED, FAILED |
| reason | Reason The reason for the failure. |
string |
AntreaTraceflowTcpHeader (schema)
TcpHeader for Antrea traceflow
Tcp header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| dstPort | Destination port Destination port number in TcpHeader. |
integer | |
| srcPort | Source port Source port number in TcpHeader. |
integer | |
| tcpFlags | Tcp flags Tcp flags in TcpHeader. SYN flag must be set for traceflow. |
integer |
AntreaTraceflowTransportHeader (schema)
TransportHeader for Antrea traceflow
Transport header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| icmpEchoRequestHeader | IcmpEchoRequestHeader for Antrea traceflow IcmpEchoRequest header stuffs for Antrea traceflow. |
AntreaTraceflowIcmpEchoRequestHeader | |
| tcpHeader | TcpHeader for Antrea traceflow Tcp header stuffs for Antrea traceflow. |
AntreaTraceflowTcpHeader | |
| udpHeader | UdpHeader for Antrea traceflow Udp header stuffs for Antrea traceflow. |
AntreaTraceflowUdpHeader |
AntreaTraceflowUdpHeader (schema)
UdpHeader for Antrea traceflow
Udp header stuffs for Antrea traceflow.
| Name | Description | Type | Notes |
|---|---|---|---|
| dstPort | Destination port Destination port number in UdpHeader. |
integer | |
| srcPort | Source port Source port number in UdpHeader. |
integer |
AphInfo (schema)
Apliance proxy hub information
APH information.
| Name | Description | Type | Notes |
|---|---|---|---|
| address | IP address of APH service | string | Required |
| certificate | PEM Certificate of APH service | string | Required |
| fqdn | FQDN, only returned by GET /sites and GET /sites/self | string | |
| node_id | Node ID of the APH service | string | Required |
| port | Port of APH service | integer | Required |
| use_fqdn | whether or not fqdn flag is on | boolean | |
| uuid | ID of the APH service | string | Required |
ApiError (schema)
Detailed information about an API Error
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Further details about the error | string | |
| error_code | A numeric error code | integer | |
| error_data | Additional data about the error | object | |
| error_message | A description of the error | string | |
| module_name | The module name where the error occurred | string | |
| related_errors | Other errors related to this error | array of RelatedApiError |
ApiRequestBody (schema)
API Request Body
API Request Body is an Event Source that represents an API request body that
is being reveived as part of an API. Supported Request Bodies are those received
as part of a PATCH/PUT/POST request.
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_pointer | Resource Pointer Regex path representing a regex expression on resources. This regex is used to identify the request body(ies) that is/are the source of the Event. For instance: specifying "Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default" as a source means that ANY resource starting with Lb or ANY resource with "/infra/tier-0s/vmc/ipsec-vpn-services/default" as path would be the source of the event in question. |
string | Required |
| resource_type | Must be set to the value ApiRequestBody | string | Required Enum: ResourceOperation, ApiRequestBody |
ApiServiceConfig (schema)
Configuration of the API service
Properties that affect the configuration of the NSX API service.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| basic_authentication_enabled | Enable or disable basic authentication Identifies whether basic authentication is enabled or disabled in API calls. |
boolean | Default: "True" |
| cipher_suites | Cipher suites used to secure contents of connection The TLS cipher suites that the API service will negotiate. |
array of CipherSuite | Minimum items: 1 |
| client_api_concurrency_limit | Client API concurrency limit in calls A per-client concurrency limit. This is the maximum number of outstanding requests that a client can have. For example, a client can open multiple connections to NSX and submit operations on each connection. When this limit is exceeded, the server returns a 503 Service Unavailable error to the client. To disable API concurrency limiting, set this value to 0. |
integer | Minimum: 0 Default: "40" |
| client_api_rate_limit | Client API rate limit in calls per second The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0. |
integer | Minimum: 0 Default: "100" |
| connection_timeout | NSX connection timeout NSX connection timeout, in seconds. To disable timeout, set to 0. |
integer | Minimum: 0 Maximum: 2147483647 Default: "30" |
| cookie_based_authentication_enabled | Enable or disable cookie-based authentication Identifies whether cookie-based authentication is enabled or disabled in API calls. When cookie-based authentication is disabled, new sessions cannot be created via /api/session/create. |
boolean | Default: "True" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| global_api_concurrency_limit | Global API concurrency limit in calls The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0. |
integer | Minimum: 0 Default: "199" |
| id | Unique identifier of this resource | string | Sortable |
| lockout_immune_addresses | IP addresses which are not subject to lockout on failed login attempts The list of IP addresses which are not subjected to a lockout on failed login attempts. |
array of IPAddress | |
| protocol_versions | TLS protocol versions The TLS protocol versions that the API service will negotiate. |
array of ProtocolVersion | Minimum items: 1 |
| redirect_host | Hostname/IP to use in redirect headers Host name or IP address to use for redirect location headers, or empty string to derive from current request. To disable, set redirect_host to the empty string (""). |
HostnameOrIPv4AddressOrEmptyString | Default: "" |
| resource_type | Must be set to the value ApiServiceConfig | string | |
| session_timeout | NSX session inactivity timeout | integer | Minimum: 0 Maximum: 2147483647 Default: "1800" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ApplianceLatencyData (schema)
Display the latency data by given appliance node
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| id | Appliance id Display the Appliance id. |
string | |
| latency_data | Latency Data List Latency Data list. |
array of ApplianceLatencyDataItem | |
| name | Appliance name Display the appliance name. |
string | |
| timestamp | Timestamp of last modification Timestamp of last modification. |
EpochMsTimestamp |
ApplianceLatencyDataItem (schema)
Appliance Latency data
Describes appliance latency data in detail.
| Name | Description | Type | Notes |
|---|---|---|---|
| destination_node_id | Node id Display the appliance node id. |
string | |
| destination_node_ip | Node name Display the appliance node ip. |
string | |
| destination_node_name | Node name Display the appliance node name. |
string | |
| packet_loss_percent | Display the percentage of lost packet Display the percentage of lost packet. |
string | |
| packet_received | Display the received packets Display the received packets. |
integer | |
| packet_transmitted | Display the transmitted packets Display the transmitted packets in Ping |
integer | |
| rtt_avg | Display the average rtt of latency value Display the average Round Trip Time in milliseconds. |
number | |
| rtt_max | Display the max rtt of latency value Display the max Round Trip Time in milliseconds. |
number | |
| rtt_mdev | Display the mean rtt of latency value Display the mean Round Trip Time in milliseconds. |
number | |
| rtt_min | Display the min rtt of latency value Display the min Round Trip Time in milliseconds. |
number | |
| source_node_ip | Node name Display the appliance node ip. |
string | |
| status | Display the connection status Display the connection status between source node and destination node. |
string | Enum: UP, DOWN |
| total_time | Display the total time in milliseconds Display the total time of sending and receiving packets in milliseconds. |
integer |
ApplianceLatencyListResult (schema)
List of process data
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Total appliance latency count | integer | Required |
| results | Appliance Process List Display the appliance latency data list. |
array of ApplianceLatencyData | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ApplianceManagementSuppressRedirectQueryParameter (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| suppress_redirect | Suppress redirect status if applicable Do not return a redirect HTTP status. |
boolean | Default: "False" |
ApplianceManagementTaskListResult (schema)
Appliance management task query results
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Task property results | array of ApplianceManagementTaskProperties | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ApplianceManagementTaskProperties (schema)
Appliance management task properties
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| async_response_available | True if response for asynchronous request is available | boolean | Readonly |
| cancelable | True if this task can be canceled | boolean | Readonly |
| description | Description of the task | string | Readonly |
| details | Details about the task if known | object | Readonly |
| end_time | The end time of the task in epoch milliseconds | EpochMsTimestamp | Readonly |
| id | Identifier for this task | string | Readonly Pattern: "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$" |
| message | A message describing the disposition of the task | string | Readonly |
| progress | Task progress if known, from 0 to 100 | integer | Readonly Minimum: 0 Maximum: 100 |
| request_is_async | True if request was invoked with Vmw-Async:true header; otherwise, false | boolean | Readonly |
| request_method | HTTP request method | string | Readonly |
| request_uri | URI of the method invocation that spawned this task | string | Readonly |
| start_time | The start time of the task in epoch milliseconds | EpochMsTimestamp | Readonly |
| status | Current status of the task | ApplianceManagementTaskStatus | Readonly |
| user | Name of the user who created this task | string | Readonly |
ApplianceManagementTaskQueryParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| fields | Fields to include in query results Comma-separated field names to include in query result |
string | |
| request_method | Request method(s) to include in query result Comma-separated request methods to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
| request_path | Request URI path(s) to include in query result Comma-separated request paths to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
| request_uri | Request URI(s) to include in query result Comma-separated request URIs to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
| status | Status(es) to include in query result Comma-separated status values to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
| user | Names of users to include in query result Comma-separated user names to include in query result |
string | Pattern: "^(=|!=|~|!~)?.+$" |
ApplianceManagementTaskStatus (schema)
Current status of the appliance management task
| Name | Description | Type | Notes |
|---|---|---|---|
| ApplianceManagementTaskStatus | Current status of the appliance management task | string | Enum: running, error, success, canceling, canceled, killed |
ApplianceProcessData (schema)
List of process data in given appliance node
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| id | Appliance id Display the Appliance id. |
string | |
| name | Appliance name Display the appliance name. |
string | |
| timestamp | Timestamp of last modification Timestamp of last modification. |
EpochMsTimestamp | |
| top_process_by_cpu_count | Process count Display the total count of process. |
integer | |
| top_process_by_cpu_list | Top process list by CPU Display the top process list by CPU. |
array of ProcessInformation | |
| top_process_by_mem_count | Process count Display the total count of process. |
integer | |
| top_process_by_mem_list | Top process list by memory Display the top process list by memory. |
array of ProcessInformation |
ApplianceProcessListResult (schema)
List of process data
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Appliance Process List Display the appliance process list. |
array of ApplianceProcessData | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ApplicationConnectivityStrategy (schema)
Application specific connectivity strategy
Allows more granular policies for application workloads
| Name | Description | Type | Notes |
|---|---|---|---|
| application_connectivity_strategy | Application connectivity strategy App connectivity strategies |
string | Required Enum: ALLOW_INTRA, ALLOW_EGRESS, ALLOW_INGRESS, DROP_INGRESS, DROP_EGRESS |
| default_application_rule_id | Default rule ID associated with the application_connectivity_strategy Based on the value of the app connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule. |
integer | Readonly |
| logging_enabled | Enable logging flag Flag to enable packet logging. Default is deactivated. |
boolean | Default: "False" |
ApplicationProfileType (schema)
application profile type
An application profile can be bound to a virtual server
to specify the application protocol characteristics. It is used to
influence how load balancing is performed. Currently, three types of
application profiles are supported: LbFastTCPProfile,
LbFastUDPProfile and LbHttpProfile.
LbFastTCPProfile or LbFastUDPProfile is typically
used when the application is using a custom protocol or a standard protocol
not supported by the load balancer. It is also used in cases where the user
only wants L4 load balancing mainly because L4 load balancing has much
higher performance and scalability, and/or supports connection mirroring.
LbHttpProfile is used for both HTTP and HTTPS applications.
Though application rules, if bound to the virtual server, can be used
to accomplish the same goal, LbHttpProfile is intended to
simplify enabling certain common use cases.
LbHttpProfile is deprecated as NSX-T Load Balancer is deprecated.
| Name | Description | Type | Notes |
|---|---|---|---|
| ApplicationProfileType | application profile type An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LbFastTCPProfile, LbFastUDPProfile and LbHttpProfile. LbFastTCPProfile or LbFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LbHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LbHttpProfile is intended to simplify enabling certain common use cases. LbHttpProfile is deprecated as NSX-T Load Balancer is deprecated. |
string | Enum: LbHttpProfile, LbFastTcpProfile, LbFastUdpProfile |
AppliedTos (schema)
Entities Applied to Profile
Entity lists where the profile will be enabled on.
| Name | Description | Type | Notes |
|---|---|---|---|
| logical_ports | Logical Port List | array of ResourceReference | |
| logical_switches | Logical Switch List | array of ResourceReference | |
| nsgroups | NSGroup List | array of ResourceReference |
ApplyCertificateParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| node_id | Node Id Optional node-id to which to apply the certificate. The cluster_certificate field of the matching Certificate Profile must be false, as those get applied to all nodes. |
string | Maximum length: 255 |
| service_type | Service Type Service Type of the CertificateProfile to apply the certificate to. |
ServiceType | Required |
ArpHeader (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| dst_ip | The destination IP address | IPv4Address | Required |
| op_code | Arp message type This field specifies the nature of the Arp message being sent. |
string | Required Enum: ARP_REQUEST, ARP_REPLY Default: "ARP_REQUEST" |
| src_ip | The source IP address This field specifies the IP address of the sender. If omitted, the src_ip is set to 0.0.0.0. |
IPv4Address |
ArpSnoopingConfig (schema)
ARP Snooping Configuration
Contains ARP snooping related configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| arp_binding_limit | Maximum number of ARP bindings Number of arp snooped IP addresses Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. |
int | Minimum: 1 Maximum: 256 Default: "1" |
| arp_snooping_enabled | Is ARP snooping enabled or not Indicates whether ARP snooping is enabled |
boolean | Default: "True" |
ArpTableRequestParameters (schema)
Routes request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| edge_path | Policy path of edge node Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface. |
string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format. |
string | |
| host_transport_node_path | Policy path of host transport node Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AssessmentMessage (schema)
Assessment message
Assessment message.
| Name | Description | Type | Notes |
|---|---|---|---|
| color | The message color that shows the message's severity or priority The message color that shows the message's severity or priority. |
ColorCode | Readonly Default: "YELLOW" |
| message | A string message A string message. |
string | Readonly |
| resource_id | Assessment resource ID Assessment resource ID. |
string | Required Readonly |
| resource_name | Assessment resource name Assessment resource name. |
string | Readonly |
| resource_type | Assessment resource type Assessment resource type. |
AssessmentResourceType | Required Readonly |
AssessmentMessageListRequestParameters (schema)
Assessment message list request parameters
Assessment message list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| message_severity | Assessment message severity Assessment message severity. |
ColorCode | |
| resource_id | Assessment resource ID Assessment resource ID. |
string | |
| resource_name | Assessment resource name Assessment resource name. |
string | |
| resource_type | Assessment resource type Assessment resource type. |
AssessmentResourceType |
AssessmentMessageListResult (schema)
List of assessment messages
List of assessment messages.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged collection of assessment messages Paged collection of assessment messages. |
array of AssessmentMessage | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
| total_number_of_errors | Number of errors Number of errors. |
int | Readonly |
| total_number_of_warnings | Number of warnings Number of warnings. |
int | Readonly |
AssessmentResourceType (schema)
Assessment resource type
Assessment resource type.
| Name | Description | Type | Notes |
|---|---|---|---|
| AssessmentResourceType | Assessment resource type Assessment resource type. |
string | Enum: VC, DVPG, VDS |
AssessmentUnit (schema)
Assessment unit
Detailed assessment information about a resource
| Name | Description | Type | Notes |
|---|---|---|---|
| number_of_errors | Number of errors Number of errors. |
int | Readonly |
| number_of_warnings | Number of warnings Number of warnings. |
int | Readonly |
| resource_id | Assessment resource ID Assessment resource ID. |
string | Required Readonly |
| resource_name | Assessment resource name Assessment resource name. |
string | Readonly |
| resource_type | Assessment resource type Assessment resource type. |
AssessmentResourceType | Required Readonly |
| result | Assessment result for the resource Assessment result for the resource. |
ColorCode | Readonly |
AssessmentUnitListRequestParameters (schema)
Assessment unit list request parameters
Assessment unit list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| assessment_result | Assessment result for the resource Assessment result for the resource. |
ColorCode | |
| resource_id | Assessment resource ID Assessment resource ID. |
string | |
| resource_name | Assessment resource name Assessment resource name. |
string | |
| resource_type | Assessment resource type Assessment resource type. |
AssessmentResourceType |
AssessmentUnitListResult (schema)
Assessment unit list
Detailed assessment information about multiple resources
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged collection of assessment units Paged collection of assessment units. |
array of AssessmentUnit | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AssignedByAutoConf (schema)
Auto-conf based IPv6 assignment.
This type can be specified in ipv6 assignment spec of host switch if auto-conf based IPv6 assignment is desired for host switch virtual tunnel endpoints.
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Must be set to the value AssignedByAutoConf | string | Required Enum: StaticIpv6PoolSpec, StaticIpv6ListSpec, AssignedByDhcpv6, StaticIpv6MacListSpec, AssignedByAutoConf, NoIpv6 |
AssignedByDhcp (schema) (Deprecated)
DHCP based IP assignment.
This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Must be set to the value AssignedByDhcp | string | Required Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec, NoIpv4 |
AssignedByDhcpv6 (schema)
DHCP based IPv6 assignment.
This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Must be set to the value AssignedByDhcpv6 | string | Required Enum: StaticIpv6PoolSpec, StaticIpv6ListSpec, AssignedByDhcpv6, StaticIpv6MacListSpec, AssignedByAutoConf, NoIpv6 |
AssociatedKubernetesClusterListRequestParameters (schema)
Associated kubernetes clusters list request params
List request params for the api that get associated clusters of a given group.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AssociationListRequestParameters (schema)
Association list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| associated_resource_type | Type of the associated resources | AssociationTargetType | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| fetch_ancestors | Fetch complete list of associated resources considering
containment and nesting
If set to true, will fetch direct as well as indirect(considering containment as well as nesting) associated objects for the given source Id. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| resource_id | The resource for which associated resources are to be fetched | string | Required |
| resource_type | Type of the resource for which associated resources are to be fetched | AssociationSourceType | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
AssociationListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of ResourceReference | array of ResourceReference | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AssociationSourceType (schema)
Resource type valid for use as source in association API
| Name | Description | Type | Notes |
|---|---|---|---|
| AssociationSourceType | Resource type valid for use as source in association API | string | Enum: NSGroup, IPSet, MACSet, LogicalSwitch, LogicalPort, VirtualMachine, DirectoryGroup, VirtualNetworkInterface, TransportNode, IPAddress, CloudNativeServiceInstance, PhysicalServer |
AssociationTargetType (schema)
Resource type valid for use as target in association API
| Name | Description | Type | Notes |
|---|---|---|---|
| AssociationTargetType | Resource type valid for use as target in association API | string | Enum: NSGroup |
AttachedInterface (schema) (Deprecated)
Attached interface specification for Bare metal server
The Attached interface is only effective for the port on Bare metal server.
| Name | Description | Type | Notes |
|---|---|---|---|
| app_intf_name | The name of application interface | string | Required |
| default_gateway | Gateway IP | IPAddress | |
| migrate_intf | Interface name to migrate IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP. |
string | |
| routing_table | Routing rules | array of string |
AttachedInterfaceEntry (schema)
Attached interface information for Bare metal server
The Attached interface is only effective for the segment port on Bare metal server.
| Name | Description | Type | Notes |
|---|---|---|---|
| app_intf_name | The name of application interface | string | Required |
| default_gateway | Gateway IP | IPAddress | |
| migrate_intf | Interface name to migrate IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP. |
string | |
| routing_table | Routing rules | array of string |
AttachmentContext (schema) (Deprecated)
This is an abstract type. Concrete child types:
L2VpnAttachmentContext
VifAttachmentContext
| Name | Description | Type | Notes |
|---|---|---|---|
| allocate_addresses | A flag to indicate whether to allocate addresses from allocation pools bound to the parent logical switch. | string | Enum: IpPool, MacPool, Both, None, Dhcp, DhcpV6, SLAAC |
| resource_type | Used to identify which concrete class it is | string | Required |
AttachmentType (schema) (Deprecated)
Type of attachment for logical port.
| Name | Description | Type | Notes |
|---|---|---|---|
| AttachmentType | Type of attachment for logical port. | string | Deprecated Enum: VIF, LOGICALROUTER, BRIDGEENDPOINT, DHCP_SERVICE, METADATA_PROXY, L2VPN_SESSION, L2FORWARDER |
AttachmentTypeQueryString (schema) (Deprecated)
Type of attachment for logical port; for query only.
| Name | Description | Type | Notes |
|---|---|---|---|
| AttachmentTypeQueryString | Type of attachment for logical port; for query only. | string | Deprecated Enum: VIF, LOGICALROUTER, BRIDGEENDPOINT, DHCP_SERVICE, METADATA_PROXY, L2VPN_SESSION, NONE |
Attribute (schema)
Attributes
Attribute specific to a partner. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. The Attributes used by the partner applicance.
| Name | Description | Type | Notes |
|---|---|---|---|
| attribute_type | Attributetype. Attribute Type can be of any of the allowed enum type. |
string | Enum: IP_ADDRESS, PORT, PASSWORD, STRING, LONG, BOOLEAN |
| display_name | Display name Attribute display name string value. |
string | |
| key | key Attribute key string value. |
string | Required |
| read_only | read only Read only Attribute cannot be overdidden by service instance/deployment. |
boolean | Default: "False" |
| value | value Attribute value string value. |
string |
AttributeVal (schema)
Attribute values of realized type
Contains type specific properties of generic realized entity
| Name | Description | Type | Notes |
|---|---|---|---|
| data_type | Datatype of property represented by this attribute Datatype of the property |
string | Required Readonly Enum: STRING, DATE, INTEGER, BOOLEAN |
| key | Key for the attribute value Attribute key |
string | |
| multivalue | multivalue flag If attribute has a single value or collection of values |
boolean | Readonly |
| values | List of values for the attribute List of attribute values |
array of string | Readonly |
AuditLog (schema)
Audit log in RFC5424 format
| Name | Description | Type | Notes |
|---|---|---|---|
| appname | Application name field of the log | string | Required |
| facility | Facility field of the log | integer | Required |
| full_log | Full log with both header and message | string | Required |
| hostname | Hostname field of the log | string | Required |
| message | Message field of the log | string | Required |
| msgid | Message ID field of the log | string | Required |
| priority | Priority field of the log | integer | Required |
| procid | Process ID field of the log | integer | Required |
| struct_data | Structured data field of the log | StructuredData | Required |
| timestamp | Date and time in UTC of the log | string | Required |
AuditLogListResult (schema)
Audit log collection results
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| last_full_sync_timestamp | Timestamp of the last full audit log collection | string | Required |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Audit log results | array of AuditLog | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AuditLogQueryParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) A log cursor points to a specific line number in the master audit log |
integer | |
| fields | Fields to include in query results Comma-separated field names to include in query result |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) The page size determines the number of logs to be returned |
integer | Minimum: 0 Maximum: 100 Default: "100" |
AuditLogRequest (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| log_age_limit | Include logs with timstamps not past the age limit in days | integer | Minimum: 0 |
| log_filter | Audit logs should meet the filter condition | string | |
| log_filter_type | Type of log filter | string | Enum: TEXT, REGEX Default: "TEXT" |
AuthServiceProperties (schema)
Auth Service properties
| Name | Description | Type | Notes |
|---|---|---|---|
| logging_level | Service logging level | string | Enum: OFF, FATAL, ERROR, WARN, INFO, DEBUG, TRACE Default: "INFO" |
AuthenticationPolicyProperties (schema)
Configuration of authentication and password policies for the NSX node
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _retry_prompt | Prompt user at most N times before returning with error. | integer | Readonly Default: "3" |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| api_failed_auth_lockout_period | Lockout period in seconds Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types. |
integer | Minimum: 0 Maximum: 9000 Default: "900" |
| api_failed_auth_reset_period | Period, in seconds, for authentication failures to trigger lockout In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types. |
integer | Minimum: 0 Maximum: 9000 Default: "900" |
| api_max_auth_failures | Number of authentication failures that trigger API lockout Only applies to NSX Manager nodes. Ignored on other node types. |
integer | Minimum: 0 Maximum: 50 Default: "5" |
| cli_failed_auth_lockout_period | Lockout period in seconds Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified. |
integer | Minimum: 0 Maximum: 604800 Default: "900" |
| cli_max_auth_failures | Number of authentication failures that trigger CLI lockout | integer | Minimum: 0 Maximum: 10 Default: "5" |
| digits | Number of digits in password Number of digits (0..9) expected in user password. N < 0, to set minimum credit for having digits in the new password, i.e.
N > 0, to set maximum credit for having digits in the new password, i.e.
N = 0, policy will be not applicable. By default minimum 1 digit is required for a new password. |
integer | Minimum: -128 Maximum: 128 Default: "-1" |
| hash_algorithm | Hash algorithm Sets hash/cryptographic algorithm type for new passwords. |
string | Enum: sha512, sha256 Default: "sha512" |
| lower_chars | Number of lower-case characters in password Number of lower case characters (a..z) expected in user password. N < 0, to set minimum credit for having lower case characters in the new password, i.e.
N > 0, to set maximum credit for having lower case characters in the new password, i.e.
N = 0, policy will be not applicable. By default minimum 1 lower case character is required for a new password. |
integer | Minimum: -128 Maximum: 128 Default: "-1" |
| max_repeats | Number of same consecutive characters Reject passwords which contain more than N same consecutive characters, like aaa or 7777. To disable the check, value should be set to 0. |
integer | Minimum: 0 Maximum: 128 Default: "0" |
| max_sequence | Length of permissible monotonic sequence in password substring Reject passwords which contain more than N monotonic character sequences. Monotonic sequences can be '12345' or 'fedcb'. To disable the check, value should be set to 0. |
integer | Minimum: 0 Maximum: 128 Default: "0" |
| maximum_password_length | Maximum password length Maximum number of characters allowed in password; user can not set their password of length greater than this parameter. By default maximum length of password is 128 characters. |
integer | Minimum: 8 Maximum: 128 Default: "128" |
| minimum_password_length | Minimum password length Minimum number of characters expected in password; user can not set their password of length less than this parameter. NOTE, for existing users upgrading to NSX-T datacenter version 4.0 or above - if existing appliance is configured with VMware recommends to set strong passwords for systems and appliances, further
If any existing user passwords are set with length of less than newly configured
If existing By default minimum length of password is 12 characters and passwords less than 8 characters are never allowed. |
integer | Minimum: 8 Maximum: 128 Default: "12" |
| minimum_unique_chars | Number of unique characters from old password Number of character changes in the new password that differentiate it from the old password. To disable the check, value should be set to 0. |
integer | Minimum: 0 Maximum: 128 Default: "0" |
| password_remembrance | Password remembrance from previous generations Limit using a password that was used in past; users can not set the same password within the N generations. To disable the check, value should be set to 0. |
integer | Minimum: 0 Default: "0" |
| special_chars | Number of special characters in password Number of special characters (!@#$&*..) expected in user password. N < 0, to set minimum credit for having special characters in the new password, i.e.
N > 0, to set maximum credit for having special characters in the new password, i.e.
N = 0, policy will be not applicable. By default minimum 1 special character is required for a new password. |
integer | Minimum: -128 Maximum: 128 Default: "-1" |
| upper_chars | Number of upper-case characters in password Number of upper case characters (A..Z) expected in user password. N < 0, to set minimum credit for having upper case characters in the new password, i.e.
N > 0, to set maximum credit for having upper case characters in the new password, i.e.
N = 0, policy will be not applicable. By default minimum 1 upper case character is required for a new password. |
integer | Minimum: -128 Maximum: 128 Default: "-1" |
AuthenticationScheme (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| scheme_name | Authentication scheme name | string | Required |
AutoRds (schema)
Auto assigned Route Distinguishers
This object holds auto assigned route distinguishers for Layer 2 and Layer 3 configurations.
| Name | Description | Type | Notes |
|---|---|---|---|
| l2_auto_rds | List of layer 2 Auto assigned Route Distinguisher | array of L2AutoRD | |
| l3_auto_rd | Layer 3 Auto assigned Route Distinguisher This field is auto assigned by the system. The auto RD seed is populated when user does not assign a route_distinguisher field in the gateway. |
string |
AutomaticHealthCheck (schema)
Automatic Health Check
Health check performed by system automatically on a specific transport zone.
For overlay based zone, health check is performed on corresponding N-VDS of
each transport node with the VLAN and MTU specified by uplink profile of
N-VDS for the node.
For VLAN based zone, health check is performed on corresponding N-VDS of each
transport node with MTU specified by uplink profile of N-VDS for the node
and VLAN specified by all logical switches in this zone.
| Name | Description | Type | Notes |
|---|---|---|---|
| result | HealthCheckResult | Readonly | |
| transport_zone_id | Transport Zone ID ID of the transport zone where this automatic health check is performed. |
string | Readonly |
AutomaticHealthCheckListResult (schema)
List of Automatic Health Checks
Automatic health check list result for query with list parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Automatic Health Check List | array of AutomaticHealthCheck | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
AutomaticHealthCheckToggle (schema)
Automatic Health Check Toggle
Toggle to enable/disable automatic health check.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Status of automatic health check | boolean | Required Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value AutomaticHealthCheckToggle | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
AviConnectionInfo (schema)
Avi Connection Info
Credential info to connect to a AVI type of enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate | Certificate used when on-borading workflow created by LCM/VCF. Certificate used when on-borading workflow created by LCM/VCF. |
string | |
| cloud | Cloud Clouds are containers for the environment that Avi Vantage is installed or operating within. During initial setup of Vantage, a default cloud, named Default-Cloud, is created. This is where the first Controller is deployed, into Default-Cloud. Additional clouds may be added, containing SEs and virtual services. This is a deprecated property. Cloud has been renamed to cloud_name and it will added from specific ALB entity. |
string | Deprecated |
| enforcement_point_address | Enforcement Point Address Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be "10.192.1.1" - On an NSX-T MP running on custom port, the value could be "192.168.1.1:32789" - On an NSX-T MP in VMC deployments, the value could be "192.168.1.1:5480/nsxapi" |
string | Required |
| expires_at | Expiry time of the token Expiry time of the token will be set by LCM at the time of Enforcement Point Creation. |
string | |
| is_default_cert | Advanced Load Balancer controller using default portal certificate. Advanced Load Balancer controller using default portal certificate. |
boolean | |
| managed_by | Managed by used when on-borading workflow created by LCM/VCF. Managed by used when on-borading workflow created by LCM/VCF. |
string | |
| password | Password or Token for Avi Controller Password or Token for Avi Controller. |
secure_string | Required |
| resource_type | Must be set to the value AviConnectionInfo | string | Required Enum: NSXTConnectionInfo, NSXVConnectionInfo, CvxConnectionInfo, AviConnectionInfo |
| status | Enforcement point state for ALB This is connection property which checks whether ALB is connected to the controller. Enum options - ACTIVATE, DEACTIVATE_PROVIDER, DEACTIVATE_API. Default value is DEACTIVATE_API. |
ALBEnforcementPointState | Required Default: "DEACTIVATE_API" |
| tenant | Tenant A tenant is an isolated instance of Avi Controller. Each Avi user account is associated with one or more tenants. The tenant associated with a user account defines the resources that user can access within Avi Vantage. When a user logs in, Avi restricts their access to only those resources that are in the same tenant |
string | Required |
| thumbprint | Thumbprint of Enforcement Point Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX. |
string | |
| username | Username Username. |
secure_string | Required |
| version | Version Avi supports API versioning for backward compatibility with automation scripts written for an object model older than the current one. Such scripts need not be updated to keep up with object model changes This is a deprecated property. The version is now auto populated from property file and its value can be read using APIs |
string | Deprecated |
AviEndPoint (schema)
AVI LB endpoint details
Details about the AVI LB endpoint
| Name | Description | Type | Notes |
|---|---|---|---|
| avi_endpoint_ip | IP address of the AVI LB endpoint IP address of the AVI LB endpoint. |
string | Required Format: hostname-or-ip |
| avi_endpoint_password | Password for AVI LB endpoint Password for AVI LB endpoint. |
secure_string | Required |
| avi_endpoint_port | AVI LB endpoint port AVI LB endpoint port. |
int | Default: "443" |
| avi_endpoint_username | Username for AVI LB endpoint Username for AVI LB endpoint. |
string | Required |
Axes (schema)
Axes of a graph
Represents X and Y axes of a graph. For a multi-graph, the same axes are shared by all the graphs.
| Name | Description | Type | Notes |
|---|---|---|---|
| x_label | Label for X axis of a graph | Label | |
| x_labels | A list of X-Axis Labels with condition support. A list of X-Axis Labels with condition support. If needed, this property can be used to provide a list of x-axis label with condition support. For a label with single condition,'x-label' property can be used. |
array of Label | Minimum items: 0 |
| y_axis_unit_labels | A list of Y-Axis unit Labels with condition support. A list of Y-Axis unit Labels with condition support. If needed, this property can be used to provide a list of y-axis unit label with condition support. This unit label can be used to display the point value along with units like percentage, milliseconds etc. |
array of Label | Minimum items: 0 |
| y_axis_units | A list of Y-Axis unit with condition support. A list of Y-Axis unit with condition support. If needed, this property can be used to provide a list of y-axis unit with condition support. This unit could be like percentage, seconds, milliseconds etc. |
array of AxisUnit | Minimum items: 0 |
| y_label | Label for Y axis of a graph | Label | |
| y_labels | A list of Y-Axis Labels with condition support. A list of Y-Axis Labels with condition support. If needed, this property can be used to provide a list of y-axis label with condition support. For a label with single condition,'y-label' property can be used. |
array of Label | Minimum items: 0 |
AxisUnit (schema)
Axis unit of a graph
Represents X and Y axis unit of a graph.
| Name | Description | Type | Notes |
|---|---|---|---|
| condition | Expression for evaluating condition If the condition is met then the above unit will be displayed. to UI. If no condition is provided, then the unit will be displayed unconditionally. |
string | Maximum length: 1024 |
| unit | An Axis unit. An Axis unit. |
string | Enum: COUNT, PERCENT, BYTES, MILLISECONDS, SECONDS, MINUTE, HOUR, DAY, KILO_BYTES, MEGA_BYTES, GIGA_BYTES |
BFDDiagnosticCount (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| administratively_down_count | Number of tunnels with administratively message Number of tunnels with administratively down diagnostic message |
integer | |
| concatenated_path_down_count | Number of tunnels with concatenated message Number of tunnels with concatenated path down diagnostic message |
integer | |
| control_detection_time_expired_count | Number of tunnels with expired message Number of tunnels with control detection time expired diagnostic message |
integer | |
| echo_function_failed_count | Number of tunnels with failed message Number of tunnels with echo function failed diagnostic message |
integer | |
| forwarding_plane_reset_count | Number of tunnels with reset message Number of tunnels with forwarding plane reset diagnostic message |
integer | |
| neighbor_signaled_session_down_count | Number of tunnels neighbor signaled session down | integer | |
| no_diagnostic_count | Number of tunnels with no diagnostic | integer | |
| path_down_count | Number of tunnels with path down message Number of tunnels with path down diagnostic message |
integer | |
| reverse_concatenated_path_down_count | Number of tunnels with reverse message Number of tunnels with reverse concatenated path down diagnostic message |
integer |
BFDProperties (schema)
BFD information
| Name | Description | Type | Notes |
|---|---|---|---|
| active | True if tunnel is active in a gateway HA setup | boolean | Readonly |
| bfd_encap | BFD encapsulation type The encapsulation type of BFD. GENEVE - BFD with GENEVE encapsulation NONE - BFD with no encapsulation UNKNOWN_ENCAP - BFD with unknown encapsulation |
string | Enum: GENEVE, NONE, UNKNOWN_ENCAP |
| diagnostic | Diagnostic message of a problem A short message indicating what the BFD session thinks is wrong in case of a problem |
string | Readonly |
| forwarding | True if the BFD session believes this interface may be used to forward traffic | boolean | Readonly |
| remote_diagnostic | Diagnostic message of a problem A short message indicating what the remote interface's BFD session thinks is wrong in case of a problem |
string | Readonly |
| remote_state | State of the remote interface's BFD session | string | Readonly Enum: UNKNOWN_STATE, ADMIN_DOWN, DOWN, INIT, UP |
| state | State of the BFD session | string | Readonly Enum: UNKNOWN_STATE, ADMIN_DOWN, DOWN, INIT, UP |
BFDStatusCount (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| bfd_admin_down_count | Number of tunnels in BFD admin down state | int | |
| bfd_down_count | Number of tunnels in BFD down state | int | |
| bfd_init_count | Number of tunnels in BFD init state | int | |
| bfd_up_count | Number of tunnels in BFD up state | int |
BGPCommunityList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| communities | BGP community list Array of BGP communities |
array of string | Required |
| community_type | BGP community type BGP community type. It has two types as NormalBGPCommunity BGP normal community which includes well-known community name as well as community value in range from [1-4294967295] or value in aa:nn format(aa/nn range from 1-65535). LargeBGPCommunity BGP large community which includes community value in aa:bb:nn format where aa, bb, nn are unsigned integers in the range [1-4294967295]. |
string | Enum: NormalBGPCommunity, LargeBGPCommunity Default: "NormalBGPCommunity" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| logical_router_id | Logical router id | string | Readonly |
| resource_type | Must be set to the value BGPCommunityList | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BGPCommunityListListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of bgp communities Paginated list of bgp community lists |
array of BGPCommunityList | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BMSGroupAssociationRequestParams (schema)
List request parameters containing Physical server external ID and enforcement point path
List request parameters containing Physical server external ID and enforcement point path
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F. |
string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| physical_server_external_id | Physical external ID | string | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BackupConfiguration (schema)
Configuration for taking manual/automated backup
| Name | Description | Type | Notes |
|---|---|---|---|
| after_inventory_update_interval | A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups. | integer | Minimum: 300 Maximum: 86400 |
| backup_enabled | true if automated backup is enabled | boolean | Default: "False" |
| backup_schedule | Set when backups should be taken - on a weekly schedule or at regular intervals. | BackupSchedule (Abstract type: pass one of the following concrete types) IntervalBackupSchedule WeeklyBackupSchedule |
|
| inventory_summary_interval | The minimum number of seconds between each upload of the inventory summary to backup server. | integer | Minimum: 30 Maximum: 3600 Default: "240" |
| passphrase | Passphrase used to encrypt backup files. Passphrase used to encrypt backup files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (any other non-space character). |
secure_string | |
| remote_file_server | The server to which backups will be sent. | RemoteFileServer |
BackupFrameRequestParameters (schema)
Backup Frame Request Parameters
Parameters (site_id, etc), that describes a backup/restore frame
| Name | Description | Type | Notes |
|---|---|---|---|
| frame_type | Frame type This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site. |
string | Readonly Enum: GLOBAL_MANAGER, LOCAL_MANAGER, LOCAL_LOCAL_MANAGER, NSX_INTELLIGENCE Default: "LOCAL_LOCAL_MANAGER" |
| site_id | Site ID Site ID of LM site, which will be supported in a frame |
string | Default: "localhost" |
BackupOperationHistory (schema)
Past backup operation details
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_backup_statuses | Statuses of previous cluster backups | array of BackupOperationStatus | |
| inventory_backup_statuses | Statuses of previous inventory backups | array of BackupOperationStatus | |
| node_backup_statuses | Statuses of previous node backups | array of BackupOperationStatus | |
| overall_backup_status | Overall status of last backup This attribute is used to indicate the overall backup status |
string | Enum: NOT_AVAILABLE, IN_PROGRESS, SUCCESS, FAILED |
BackupOperationStatus (schema)
Backup operation status
| Name | Description | Type | Notes |
|---|---|---|---|
| backup_id | Unique identifier of a backup | string | Required |
| end_time | Time when operation was ended | EpochMsTimestamp | |
| error_code | Error code | string | Enum: BACKUP_NOT_RUN_ON_MASTER, BACKUP_SERVER_UNREACHABLE, BACKUP_AUTHENTICATION_FAILURE, BACKUP_PERMISSION_ERROR, BACKUP_TIMEOUT, BACKUP_BAD_FINGERPRINT, BACKUP_GENERIC_ERROR, UPGRADE_IN_PROGRESS, CERTIFICATE_ROTATION_IN_PROGRESS |
| error_message | Error code details | string | |
| start_time | Time when operation was started | EpochMsTimestamp | |
| success | True if backup is successfully completed, else false | boolean | Required |
BackupOverview (schema)
Backup overview
Data for a single backup/restore card
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| backup_config | Backup configuration Configuration to generate a manual/automated backup |
BackupConfiguration | Required |
| backup_operation_history | Last backup status Status of the last backup execution per component |
BackupOperationHistory | Required |
| current_backup_operation_status | Current backup status Backup status decribes type, phase, success/failure and time of a | latest backup execution |
CurrentBackupOperationStatus | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| restore_status | Current restore status Status of restore process executing/executed on appliance |
ClusterRestoreStatus | Required |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of timestamps of backed-up cluster files | array of ClusterBackupInfo | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BackupOverviewRequestParameters (schema)
Backup overview request parameters
Parameters, that REST API client needs to provide, in order to get data for
a backup/restore card with or without a list of generated backups.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| frame_type | Frame type This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site. |
string | Readonly Enum: GLOBAL_MANAGER, LOCAL_MANAGER, LOCAL_LOCAL_MANAGER, NSX_INTELLIGENCE Default: "LOCAL_LOCAL_MANAGER" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| show_backups_list | Need a list of backups True to request a list of backups |
boolean | Default: "True" |
| site_id | UUID of the site UUID of LM site, which will be supported in a frame |
string | Default: "localhost" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BackupSchedule (schema)
Abstract base type for Weekly or Interval Backup Schedule
This is an abstract type. Concrete child types:
IntervalBackupSchedule
WeeklyBackupSchedule
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Schedule type | string | Required Enum: WeeklyBackupSchedule, IntervalBackupSchedule |
BackupUiFramesInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_gm | Does site have active GM | string | Readonly Enum: ACTIVE, STANDBY, NONE, INVALID |
| api_endpoint | prefix to be used for api call | string | Required Readonly Enum: global-manager, nsxapi, ica |
| frame_type | Type of service, for which backup is handled | string | Required Readonly Enum: GLOBAL_MANAGER, LOCAL_MANAGER, LOCAL_LOCAL_MANAGER, NSX_INTELLIGENCE |
| site_id | Id of the site | string | Required Readonly |
| site_version | Version of the site | string | Required Readonly |
BackupUiFramesInfoList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| backup_frames_list | List of backup frames(and metadata) to be displayed in UI | array of BackupUiFramesInfo | Required Readonly |
BaseConsolidatedStatusPerEnforcementPoint (schema)
Base class for ConsolidatedStatusPerEnforcementPoint
Consolidated Realized Status Per Enforcement Point.
This is an abstract type. Concrete child types:
ConsolidatedStatusNsxT
ConsolidatedStatusPerEnforcementPoint
| Name | Description | Type | Notes |
|---|---|---|---|
| alarm | Alarm Information Details Alarm information details. |
PolicyRuntimeAlarm | Readonly |
| consolidated_status | Consolidated Realized Status Consolidated Realized Status of an Intent object per enforcement point. |
ConsolidatedStatus | Readonly |
| enforcement_point_id | Enforcement Point Id Enforcement Point Id. |
string | Readonly |
| enforcement_point_path | Enforcement point Path Policy Path referencing the enforcement point where the info is fetched. |
string | Readonly |
| resource_type | string | Required | |
| site_path | Site Path The site where this enforcement point resides. |
string | Readonly |
BaseCountObservation (schema)
The count action results from aggregating checkpoints per port.
| Name | Description | Type | Notes |
|---|---|---|---|
| checkpoints | Count result from checkpoints associated with this port The count result from checkpoints associated with this port |
CheckpointCounterResult | Readonly |
| port_id | Port ID The port identifier in UUID format. This field won't appear together with port_name. |
string | Readonly |
| port_name | Port Name The port name for a port. It applies to ports like the uplink port. This field won't appear together with port_id. |
string | Readonly |
| resource_type | Must be set to the value BaseCountObservation | string | Required |
| transport_node_id | Transport node ID This field tells which transport node the checkpoints are reported from. |
string | Readonly |
BaseEdgeStatisticsRequestParameters (schema)
Routes request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| edge_path | Policy path of edge node Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface. |
string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format. |
string | |
| host_transport_node_path | Policy path of host transport node Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BaseEndpoint (schema)
An endpoint to be used in redirection rule
Represents an endpoint which will be used as subject in rule.
It is a polymorphic type object which can be either of the types -
1. Virtual
2. Logical
We have 2 separate objects representing these 2 types.
VirtualEndPoint for Virtual type and ServiceInstanceEndpoint
for Logical.
This is an abstract type. Concrete child types:
ServiceInstanceEndpoint
VirtualEndpoint
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BaseEndpoint | string | Required Enum: VirtualEndpoint, ServiceInstanceEndpoint |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target_ips | IP addresses to redirect the traffic to IPs where either inbound or outbound traffic is to be redirected. |
array of IPInfo | Required Minimum items: 1 Maximum items: 1 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BaseFirewallProfile (schema)
This is an abstract type. Concrete child types:
FirewallCpuMemThresholdsProfile
FirewallDnsProfile
FirewallFloodProtectionProfile
FirewallSessionTimerProfile
GeneralSecuritySettingsProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BaseFirewallProfile | string | Required Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile, GeneralSecuritySettingsProfile |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BaseHostSwitchProfile (schema) (Deprecated)
This is an abstract type. Concrete child types:
ExtraConfigHostSwitchProfile
LldpHostSwitchProfile
NiocProfile
UplinkHostSwitchProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| required_capabilities | array of string | Readonly | |
| resource_type | Must be set to the value BaseHostSwitchProfile | HostSwitchProfileType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BaseInterfaceGroup (schema)
Base gateway Interface group
Tier0/Tier1 Interface group for interface grouping.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| members | Tier0/Tier1 interface memeber list List of interface reference. Interface must belong to same location. |
array of GatewayInterfaceReference | |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BaseInterfaceGroup | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BaseListRequestParameters (schema)
Routes request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BaseNodeAggregateInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 |
| id | Unique identifier of this resource | string | Readonly |
| node_interface_properties | Array of Node interface statistic properties | array of NodeInterfaceProperties | Readonly |
| node_interface_statistics | Array of Node network interface statistic properties | array of NodeInterfaceStatisticsProperties | Readonly |
| node_status | ClusterNodeStatus | Readonly | |
| node_status_properties | Time series of the node's system properties | array of NodeStatusProperties |
BasePktCapResource (schema)
This is an abstract type. Concrete child types:
PktCapResource
PolicyPktCapResource
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Type of packet capture resource | string | Required |
BasePolicyServiceInstance (schema)
Represents an instance of partner Service and its configuration
Represents an instance of partner Service and its configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| deployment_mode | Deployment Mode Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode. |
string | Enum: STAND_ALONE, ACTIVE_STANDBY Default: "ACTIVE_STANDBY" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| partner_service_name | Name of Partner Service Unique name of Partner Service in the Marketplace |
string | Required |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BasePolicyServiceInstance | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_type | Transport Type Transport to be used while deploying Service-VM. |
string | Enum: L2_BRIDGE, L3_ROUTED Default: "L2_BRIDGE" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BaseRule (schema)
A rule represent base properties for ,dfw, forwarding, redirection rule
A rule indicates the action to be performed for various types of traffic flowing between workload groups.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_groups | Destination group paths We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| destinations_excluded | Negation of destination groups If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups |
boolean | Default: "False" |
| direction | Direction Define direction of traffic. |
string | Enum: IN, OUT, IN_OUT Default: "IN_OUT" |
| disabled | Flag to deactivate the rule Flag to deactivate the rule. Default is activated. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip_protocol | IPv4 vs IPv6 packet type Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null. |
string | Enum: IPV4, IPV6, IPV4_IPV6 |
| is_default | Default rule flag A flag to indicate whether rule is a default rule. |
boolean | Readonly |
| logged | Enable logging flag Flag to enable packet logging. Default is deactivated. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| notes | Text for additional notes on changes User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters. |
string | Maximum length: 2048 |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| profiles | Layer 7 service profiles or TLS action profile Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed. |
array of string | Maximum items: 128 |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BaseRule | string | |
| rule_id | Unique rule ID This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on. |
integer | Readonly |
| scope | The list of policy paths where the rule is applied
LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs. |
array of string | Maximum items: 128 |
| sequence_number | Sequence number of the this Rule This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number |
int | Minimum: 0 |
| service_entries | Raw services In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null. |
array of ServiceEntry (Abstract type: pass one of the following concrete types) ALGTypeServiceEntry EtherTypeServiceEntry ICMPTypeServiceEntry IGMPTypeServiceEntry IPProtocolServiceEntry L4PortSetServiceEntry NestedServiceServiceEntry |
Maximum items: 128 |
| services | Names of services In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| source_groups | Source group paths We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| sources_excluded | Negation of source groups If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups |
boolean | Default: "False" |
| tag | Tag applied on the rule User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BaseRuleListResult (schema)
Paged Collection of Rules
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BaseServiceInstance (schema)
Base Instance of a service
The deployment of a registered service. service instance is instantiation of service.
This is an abstract type. Concrete child types:
ByodServiceInstance
ServiceInstance
VirtualServiceInstance
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| on_failure_policy | On Failure Policy Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to. |
string | Enum: ALLOW, BLOCK |
| resource_type | Must be set to the value BaseServiceInstance | ServiceInstanceResourceType | Required |
| service_id | Service Id The Service to which the service instance is associated. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_type | Transport Type Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS. |
string | Required Enum: L2_BRIDGE, L3_ROUTED, NSH, NA, L3_ROUTED_V6 |
BaseServiceProfile (schema)
Base Service Profile
Base Service Profile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BaseServiceProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BaseSwitchingProfile (schema) (Deprecated)
This is an abstract type. Concrete child types:
IpDiscoverySwitchingProfile
MacManagementSwitchingProfile
QosSwitchingProfile
SpoofGuardSwitchingProfile
SwitchSecuritySwitchingProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| required_capabilities | array of string | Readonly | |
| resource_type | Must be set to the value BaseSwitchingProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BaseTier0Interface (schema)
Tier-0 interface configuration
Tier-0 interface configuration for external connectivity.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| dhcp_relay_path | policy path of referenced dhcp-relay-config Policy path of dhcp-relay-config to be attached to this Interface. |
string | |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BaseTier0Interface | string | |
| subnets | IP address and subnet specification for interface Specify IP address and network prefix for interface. |
array of InterfaceSubnet | Required Minimum items: 1 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BasicAuthenticationScheme (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| password | Password to authenticate with | string | Required |
| scheme_name | Authentication scheme name | string | Required Enum: basic |
| username | User name to authenticate with | string | Required Pattern: "^.+$" |
BatchParameter (schema)
Options that affect how batch operations are processed
| Name | Description | Type | Notes |
|---|---|---|---|
| atomic | Ignored (transactional atomicity flag) This flag is ignored. Transactional atomicity is no longer supported. |
boolean | Default: "False" |
BatchRequest (schema)
A set of operations to be performed in a single batch
| Name | Description | Type | Notes |
|---|---|---|---|
| continue_on_error | Continue even if an error is encountered. | boolean | Default: "True" |
| requests | array of BatchRequestItem |
BatchRequestItem (schema)
A single request within a batch of operations
| Name | Description | Type | Notes |
|---|---|---|---|
| body | object | ||
| method | method type(POST/PUT/DELETE/UPDATE) http method type |
string | Required Enum: GET, POST, PUT, DELETE, PATCH |
| uri | Internal uri of the call relative uri (path and args), of the call including resource id (if this is a POST/DELETE), exclude hostname and port and prefix, exploded form of parameters |
string | Required |
BatchResponse (schema)
The reponse to a batch operation
| Name | Description | Type | Notes |
|---|---|---|---|
| has_errors | errors indicator Indicates if any of the APIs failed |
boolean | |
| results | Bulk list results | array of BatchResponseItem | Required |
| rolled_back | indicates if all items were rolled back. Optional flag indicating that all items were rolled back even if succeeded initially |
boolean |
BatchResponseItem (schema)
A single respose in a list of batched responses
| Name | Description | Type | Notes |
|---|---|---|---|
| body | object returned by api object returned by api |
object | |
| code | object returned by api http status code |
integer | Required |
| headers | object returned by api The headers returned by the API call |
object |
BfdConfig (schema)
BFD configuration for LogicalRouter
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| declare_dead_multiple | Number of times a packet is missed before BFD declares the neighbor down. | integer | Minimum: 2 Maximum: 16 Default: "3" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Flag to enable BFD for this LogicalRouter | boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| logical_router_id | Logical router id | string | Readonly |
| receive_interval | Receive interval for heartbeats the time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats. |
integer | Minimum: 50 Maximum: 60000 Default: "500" |
| resource_type | Must be set to the value BfdConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transmit_interval | Transmit interval for heartbeats the time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats. |
integer | Minimum: 50 Maximum: 60000 Default: "500" |
BfdConfigParameters (schema)
BFD configuration for the given Peer.
| Name | Description | Type | Notes |
|---|---|---|---|
| declare_dead_multiple | Number of times a packet is missed before BFD declares the neighbor down. | integer | Minimum: 2 Maximum: 16 Default: "3" |
| receive_interval | Receive interval for heartbeats The time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.| For edge cluster type of bare metal, this value should be >= 50ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 500ms. |
integer | Minimum: 50 Maximum: 60000 Default: "500" |
| transmit_interval | Transmit interval for heartbeats The time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.| For edge cluster type of bare metal, this value should be >= 300ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 1000ms. |
integer | Minimum: 50 Maximum: 60000 Default: "500" |
BfdHealthMonitoringConfig (schema)
Bfd Health Monitoring Options
Bfd Health Monitoring Options used specific to BFD Transport Zone profiles
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Whether the heartbeat is enabled. A PATCH or PUT request with "enabled" false (with no probe intervals) will set or reset the probe_interval to their default value. | boolean | Required |
| latency_enabled | Whether the latency is enabled. The flag is to turn on/off latency. A PATCH or PUT request with "latency_enabled" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI. |
boolean | |
| probe_interval | The time interval (in millisec) between probe packets for tunnels between transport nodes. | integer | Minimum: 300 Default: "1000" |
BfdHealthMonitoringProfile (schema) (Deprecated)
Profile for BFD health monitoring
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Whether the heartbeat is enabled. A POST or PUT request with "enabled" false (with no probe intervals) will set (POST) or reset (PUT) the probe_interval to their default value. | boolean | Required |
| id | Unique identifier of this resource | string | Sortable |
| latency_enabled | Whether the latency is enabled. The flag is to turn on/off latency. A POST or PUT request with "latency_enabled" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI. |
boolean | |
| probe_interval | The time interval (in millisec) between probe packets for tunnels between transport nodes. | integer | Minimum: 300 Default: "1000" |
| resource_type | Must be set to the value BfdHealthMonitoringProfile | string | Required Enum: BfdHealthMonitoringProfile |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BfdProfile (schema)
Bidirectional Forwarding Detection configuration for BGP peers
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| interval | Time interval between heartbeat packets in milliseconds Time interval between heartbeat packets in milliseconds. |
int | Minimum: 50 Maximum: 60000 Default: "500" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| multiple | Declare dead multiple Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down. |
int | Minimum: 2 Maximum: 16 Default: "3" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BfdProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BfdProfileListResult (schema)
Paged Collection of BfdProfile
Paged Collection of BfdProfile.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Bfd Profile List Results Bfd Profile list results. |
array of BfdProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpAddressFamily (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| in_prefix_count | Count of in prefixes Count of in prefixes |
integer | Readonly |
| out_prefix_count | Count of out prefixes Count of out prefixes |
integer | Readonly |
| type | BGP address family type BGP address family type |
string | Required Readonly Enum: IPV4_UNICAST, VPNV4_UNICAST, IPV6_UNICAST, L2VPN_EVPN, VPNV6_UNICAST |
BgpBfdConfig (schema)
BFD configuration for BGP peers
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Flag to enable BFD cofiguration Flag to enable BFD cofiguration. |
boolean | Default: "False" |
| interval | Time interval between heartbeat packets in milliseconds Time interval between heartbeat packets in milliseconds. |
int | Minimum: 50 Maximum: 60000 Default: "500" |
| multiple | Declare dead multiple Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down. |
int | Minimum: 2 Maximum: 16 Default: "3" |
BgpConfig (schema)
BGP configuration for logical router
BGP configuration for Tier0 logical router. We create BGP configuration
while creation of Tier0 logical router.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| as_num | 4 Byte ASN in ASPLAIN/ASDOT Format For VRF logical router, the as_num from parent logical router will be effective. |
string | |
| as_number | Autonomous System Number This is a deprecated property, Please use 'as_num' instead. For VRF logical router, the as_number from parent logical router will be effective. |
integer | Deprecated Minimum: 1 Maximum: 4294967296 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| ecmp | Flag to enable outbound ECMP While creation of BGP config this flag will be set to true User can change this value while updating BGP config. If this property is not specified in the payload, the default value will be considered as true. |
boolean | Default: "True" |
| enabled | Flag to enable this configuration While creation of BGP config this flag will be set to - true for Tier0 logical router with Active-Active high-availability mode - false for Tier0 logical router with Active-Standby high-availanility mode. User can change this value while updating the config. If this property is not specified in the payload, the default value will be considered as false irrespective of the high-availability mode. |
boolean | Default: "False" |
| graceful_restart | Flag to enable graceful restart Flag to enable graceful restart. This field is deprecated, kindly use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other [i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER] then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown. For VRF logical router, the settings from parent logical router will be effective. |
boolean | Deprecated |
| graceful_restart_config | BGP Graceful Restart configuration Configuration parameters for BGP Graceful Restart functionality. It has graceful_restart_mode and graceful_restart_timer parameters. For VRF logical router, the settings from parent logical router will be effective. |
GracefulRestartConfig | |
| id | Unique identifier of this resource | string | Sortable |
| inter_sr_ibgp | Inter SR IBGP configuration | InterSRRoutingConfig | |
| logical_router_id | Logical router id | string | Readonly |
| multipath_relax | Flag to enable BGP multipath relax option. For TIER0 logical router, default is true. For VRF logical router, the settings from parent logical router will be effective. |
boolean | |
| resource_type | Must be set to the value BgpConfig | string | |
| route_aggregation | List of routes to be aggregated | array of BgpRouteAggregation | Minimum items: 0 Maximum items: 1000 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BgpGracefulRestartConfig (schema)
BGP Graceful Restart Configuration
Configuration field to hold BGP restart mode and timer.
| Name | Description | Type | Notes |
|---|---|---|---|
| mode | BGP Graceful Restart Configuration Mode If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers. |
string | Enum: DISABLE, GR_AND_HELPER, HELPER_ONLY Default: "HELPER_ONLY" |
| timer | BGP Graceful Restart Timer Configuration field to hold BGP restart timers. |
BgpGracefulRestartTimer |
BgpGracefulRestartTimer (schema)
BGP Graceful Restart Timers
Configuration field to hold BGP restart timers
| Name | Description | Type | Notes |
|---|---|---|---|
| restart_timer | BGP Graceful Restart Timer Maximum time taken (in seconds) for a BGP session to be established after a restart. This can be used to speed up routing convergence by its peer in case the BGP speaker does not come back up after a restart. If the session is not re-established within this timer, the receiving speaker will delete all the stale routes from that peer. |
integer | Minimum: 1 Maximum: 3600 Default: "180" |
| stale_route_timer | BGP Stale Route Timer Maximum time (in seconds) before stale routes are removed from the RIB (Routing Information Base) when BGP restarts. |
integer | Minimum: 1 Maximum: 3600 Default: "600" |
BgpNeighbor (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| address_families | AddressFamily settings for the neighbor User can enable the neighbor for the specific address families and also define filters per address family. When the neighbor is created, it is default enabled for IPV4_UNICAST address family for backward compatibility reasons. User can change that if required, by defining the address family configuration. |
array of BgpNeighborAddressFamily | |
| allow_as_in | Flag to enable allowas_in option for BGP neighbor | boolean | Default: "False" |
| bfd_config | BFD Configuration Parameters for the given peer. By specifying these paramaters BFD config for this given peer can be overriden | (the globally configured values will not apply for this peer) |
BfdConfigParameters | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_bfd | Enable BFD for this BGP Neighbor Flag to enable BFD for this BGP Neighbor. Enable this if the neighbor supports BFD as this will lead to faster convergence. |
boolean | Default: "False" |
| enabled | Flag to enable this BGP Neighbor | boolean | Default: "True" |
| filter_in_ipprefixlist_id | IPPrefix List to be used for IN direction filter for IPV4_UNICAST address family This is a deprecated property, Please use 'address_family' instead. |
string | Deprecated |
| filter_in_routemap_id | RouteMap to be used for IN direction filter for IPV4_UNICAST address family This is a deprecated property, Please use 'address_family' instead. |
string | Deprecated |
| filter_out_ipprefixlist_id | IPPrefixList to be used for OUT direction filter for IPV4_UNICAST address family This is a deprecated property, Please use 'address_family' instead. |
string | Deprecated |
| filter_out_routemap_id | RouteMap to be used for OUT direction filter for IPV4_UNICAST address family This is a deprecated property, Please use 'address_family' instead. |
string | Deprecated |
| graceful_restart_mode | Graceful Restart Mode BGP Graceful Restart mode. If specified, then it will take precedence over global Graceful Restart mode configured in logical router BgpConfig otherwise BgpConfig level Graceful Restart mode will be applicable for peer. |
GracefulRestartMode | |
| hold_down_timer | Wait period (seconds) before declaring peer dead | integer | Minimum: 1 Maximum: 65535 Default: "180" |
| id | Unique identifier of this resource | string | Sortable |
| keep_alive_timer | Frequency (seconds) with which keep alive messages are sent to peers | integer | Minimum: 1 Maximum: 65535 Default: "60" |
| logical_router_id | Logical router id | string | Readonly |
| maximum_hop_limit | Maximum Number of hops allowed to reach BGP neighbor This value is set on TTL(time to live) of BGP header. When router receives the BGP packet, it decrements the TTL. The default value of TTL is one when BPG request is initiated.So in the case of a BGP peer multiple hops away and and value of TTL is one, then next router in the path will decrement the TTL to 0, realize it cant forward the packet and will drop it. If the hop count value to reach neighbor is equal to or less than the maximum_hop_limit value then intermediate router decrements the TTL count by one and forwards the request to BGP neighour. If the hop count value is greater than the maximum_hop_limit value then intermediate router discards the request when TTL becomes 0. |
int | Minimum: 1 Maximum: 255 Default: "1" |
| neighbor_address | Neighbor IP Address | IPAddress | Required |
| password | Password User can create (POST) the neighbor with or without the password. The view (GET) on the neighbor, would never reveal if the password is set or not. The password can be set later using edit neighbor workFlow (PUT) On the edit neighbor (PUT), if the user does not specify the password property, the older value is retained. Maximum length of this field is 32 characters. |
secure_string | Minimum length: 1 Maximum length: 32 |
| remote_as | Autonomous System Number of the neighbor This is a deprecated property, Please use 'remote_as_num' instead. |
integer | Deprecated Minimum: 1 Maximum: 4294967296 |
| remote_as_num | 4 Byte ASN of the neighbor in ASPLAIN/ASDOT Format | string | |
| resource_type | Must be set to the value BgpNeighbor | string | |
| source_address | Logical Router Uplink IP Address Deprecated - do not provide a value for this field. Use source_addresses instead. |
IPAddress | Deprecated |
| source_addresses | Array of Logical Router Uplink IP Addresses BGP neighborship will be formed from all these source addresses to this neighbour. |
array of IPAddress | Maximum items: 8 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BgpNeighborAddressFamily (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Enable this address family | boolean | Default: "True" |
| in_filter_ipprefixlist_id | Id of the IPPrefix List to be used for IN direction filter | string | |
| in_filter_routemap_id | Id of the RouteMap to be used for IN direction filter | string | |
| maximum_routes | Maximum number of routes supported on the address family | integer | Minimum: 0 |
| out_filter_ipprefixlist_id | Id of the IPPrefixList to be used for OUT direction filter | string | |
| out_filter_routemap_id | Id of the RouteMap to be used for OUT direction filter | string | |
| type | Address family type | AddressFamilyType | Required |
BgpNeighborConfig (schema)
BGP neighbor config
Contains information necessary to configure a BGP neighbor.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| allow_as_in | Flag to enable allowas_in option for BGP neighbor | boolean | Default: "False" |
| bfd | BFD configuration for failure detection BFD configuration for failure detection. BFD is enabled with default values when not configured. |
BgpBfdConfig | |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Flag to enable/disable BGP peering. Flag to enable/disable BGP peering. Disabling will stop the BGP peering. True - indicates enable BGP peering, False - indicates disable BGP peering. Default is True. |
boolean | Default: "True" |
| graceful_restart_mode | BGP Graceful Restart Configuration Mode If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers. |
string | Enum: DISABLE, GR_AND_HELPER, HELPER_ONLY |
| hold_down_time | Wait time in seconds before declaring peer dead Wait time in seconds before declaring peer dead. |
int | Minimum: 1 Maximum: 65535 Default: "180" |
| id | Unique identifier of this resource | string | Sortable |
| in_route_filters | Prefix-list or route map path for IN direction Specify path of prefix-list or route map to filter routes for IN direction. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error. |
array of string | Deprecated Maximum items: 1 |
| keep_alive_time | Interval between keep alive messages sent to peer Interval (in seconds) between keep alive messages sent to peer. |
int | Minimum: 1 Maximum: 65535 Default: "60" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| maximum_hop_limit | Maximum number of hops allowed to reach BGP neighbor Maximum number of hops allowed to reach BGP neighbor. |
int | Minimum: 1 Maximum: 255 Default: "1" |
| neighbor_address | Neighbor IP Address | IPAddress | Required |
| neighbor_local_as_config | Local as configuration for BGP Neighbor Configuration field to hold the Local AS config for BGP Neighbor |
BgpNeighborLocalAsConfig | |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| out_route_filters | Prefix-list or route map path for OUT direction Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error. |
array of string | Deprecated Maximum items: 1 |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| password | Password Specify password for BGP neighbor authentication. Empty string ("") clears existing password. |
secure_string | Minimum length: 0 Maximum length: 32 |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_as_num | 4 Byte ASN of the neighbor in ASPLAIN Format | string | Required |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BgpNeighborConfig | string | |
| route_filtering | Enable address families and route filtering in each direction Enable address families and route filtering in each direction. |
array of BgpRouteFiltering | Maximum items: 2 |
| source_addresses | Source IP Addresses for BGP peering Source addresses should belong to Tier0 external or loopback or VTI interface IP Addresses . BGP peering is formed from all these addresses. This property is mandatory when maximum_hop_limit is greater than 1. |
array of IPAddress | Maximum items: 8 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BgpNeighborConfigListRequestParameters (schema)
Routing Config list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BgpNeighborConfigListResult (schema)
Paged collection of BGP Neighbor Configs
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | BGP neighbor configs list results | array of BgpNeighborConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpNeighborListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of bgp neighbors | array of BgpNeighbor | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpNeighborLocalAsConfig (schema)
BGP neighbor local-as configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| as_path_modifier_type | AS_PATH modifier type for BGP local AS Optional parameter. If this property is not set, by default BGP prepends neighbor's local_as_num value to the AS_PATH for BOTH outgoing and incoming route advertisements from the peer neighbor. By setting one of the following value, user can modify the default prepend action on the AS_PATH in both inbound and outbound direction. NO_PREPEND: If type is NO_PREPEND, then the local router will NOT prepend the incoming advertisement from that peer with neighbor's local_as_num, so the AS path advertised will now prepend only the BGP local-as of the router. NO_PREPEND_REPLACE_AS - If type is "NO_PREPEND_REPLACE_AS", then the local routes will be advertised with the neighbor's local-as instead of the BGP's local-as to peer router. |
string | Enum: NO_PREPEND, NO_PREPEND_REPLACE_AS |
| local_as_num | BGP neighbor local-as number in ASPLAIN/ASDOT Format Specify local-as number for Tier-0 to advertize to BGP peer. This overrides local_as_num configured in the BgpRoutingConfig object. AS number can be specified in ASPLAIN (e.g., "65546") or ASDOT (e.g., "1.10") format. It is supported for BgpNeighborConfig under both default tier0 and vrf tier0. When this capability is configured, it enables the BGP to prepend "local_as_num" value to the beginning of AS_PATH for BOTH outgoing and incoming route advertisements from the configured neighbor. After prepend, AS_PATH contains both "neighbor's |
string | Required |
BgpNeighborRouteDetails (schema)
BGP neighbor route details
BGP neighbor learned/advertised route details.
| Name | Description | Type | Notes |
|---|---|---|---|
| logical_router_id | Logical router id | string | Required Readonly |
| neighbor_address | Neighbor IP address BGP neighbor peer IP address. |
IPAddress | Required Readonly |
| neighbor_id | BGP neighbor id | string | Required Readonly |
| per_transport_node_routes | Route details per transport node Array of BGP neighbor route details per transport node. |
array of RoutesPerTransportNode | Readonly |
BgpNeighborRouteDetailsCsvRecord (schema)
BGP neighbor route details
BGP neighbor learned/advertised route details.
| Name | Description | Type | Notes |
|---|---|---|---|
| as_path | AS path BGP AS path attribute. |
string | Readonly |
| local_pref | Local preference BGP Local Preference attribute. |
integer | Readonly |
| logical_router_id | Logical router id Logical router id |
string | Required Readonly |
| med | Multi Exit Discriminator BGP Multi Exit Discriminator attribute. |
integer | Readonly |
| neighbor_address | Neighbor IP address BGP neighbor peer IP address. |
IPAddress | Required Readonly |
| neighbor_id | BGP neighbor id BGP neighbor id |
string | Required Readonly |
| network | CIDR network address CIDR network address. |
IPCIDRBlock | Required Readonly |
| next_hop | Next hop IP address Next hop IP address. |
IPAddress | Readonly |
| source_address | BGP neighbor source address BGP neighbor source address. |
IPAddress | Readonly |
| transport_node_id | Transport node id Transport node id |
string | Required Readonly |
| weight | Weight BGP Weight attribute. |
integer | Readonly |
BgpNeighborRouteDetailsInCsvFormat (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| file_name | File name File name set by HTTP server if API returns CSV result as a file. |
string | |
| results | array of BgpNeighborRouteDetailsCsvRecord |
BgpNeighborRoutes (schema)
BGP neighbor route details
BGP neighbor learned/advertised route details.
| Name | Description | Type | Notes |
|---|---|---|---|
| edge_node_routes | Route details per transport node Array of BGP neighbor route details per edge node. |
array of RoutesPerTransportNode | Readonly |
| enforcement_point_path | Enforcement point policy path | string | Required Readonly |
| neighbor_path | BGP neighbor policy path | string | Required Readonly |
BgpNeighborRoutesListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of Bgp neighbor routes Paged Collection of Bgp neighbor routes. |
array of BgpNeighborRoutes | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpNeighborStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| address_families | Address families of BGP neighbor Address families of BGP neighbor |
array of BgpAddressFamily | Readonly |
| announced_capabilities | BGP capabilities sent to BGP neighbor. | array of string | Readonly |
| connection_drop_count | Count of connection drop | integer | Readonly |
| connection_state | Current state of the BGP session. | string | Readonly Enum: INVALID, IDLE, CONNECT, ACTIVE, OPEN_SENT, OPEN_CONFIRM, ESTABLISHED, UNKNOWN |
| established_connection_count | Count of connections established | integer | Readonly |
| graceful_restart | Graceful restart flag Current state of graceful restart where graceful_restart = true indicates graceful restart is enabled and graceful_restart = false indicates graceful restart is disabled. This is deprecated field, use graceful_restart_mode instead. |
boolean | Deprecated Readonly |
| graceful_restart_mode | Graceful restart mode Current state of graceful restart of BGP neighbor. Possible values are - 1. GR_AND_HELPER - Graceful restart with Helper 2. HELPER_ONLY - Helper only 3. DISABLE - Disabled |
string | Readonly |
| hold_time | Time in ms to wait for HELLO from BGP peer. If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down. | integer | Readonly |
| intent_path | policy intent path of bgp neighbor | string | Readonly |
| keep_alive_interval | Time in ms to wait for HELLO packet from BGP peer | integer | Readonly |
| local_port | TCP port number of Local BGP connection | integer | Readonly Minimum: 1 Maximum: 65535 |
| lr_component_id | Logical router component(Service Router/Distributed Router) id | string | Required Readonly |
| messages_received | Count of messages received from the neighbor | integer | Readonly |
| messages_sent | Count of messages sent to the neighbor | integer | Readonly |
| negotiated_capability | BGP capabilities negotiated with BGP neighbor. | array of string | Readonly |
| neighbor_address | The IP of the BGP neighbor | IPAddress | Readonly |
| neighbor_edge_node | Inter-SR bgp neighbor edge node | string | Readonly |
| neighbor_router_id | Router ID of the BGP neighbor. | IPAddress | Readonly |
| remote_as_number | AS number of the BGP neighbor | string | Readonly |
| remote_port | TCP port number of remote BGP Connection | integer | Readonly Minimum: 1 Maximum: 65535 |
| remote_site | Remote site Remote site details. |
ResourceReference | Readonly |
| source_address | The Ip address of logical port | IPAddress | Readonly |
| time_since_established | Time(in seconds) since connection was established. | integer | Readonly |
| total_in_prefix_count | Count of in prefixes Sum of in prefixes counts across all address families. |
integer | Readonly |
| total_out_prefix_count | Count of out prefixes Sum of out prefixes counts across all address families. |
integer | Readonly |
| transport_node | Transport node id and name | ResourceReference | Readonly |
| type | BGP neighbor type BGP neighbor type |
string | Readonly Enum: INTER_SR, USER |
BgpNeighborStatusLiteDto (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| connection_state | BGP session state Current state of the BGP session. |
string | Readonly Enum: INVALID, IDLE, CONNECT, ACTIVE, OPEN_SENT, OPEN_CONFIRM, ESTABLISHED, UNKNOWN |
| neighbor_address | Neighor address Ip address of BGP neighbor. |
IPAddress | Readonly |
| remote_site | Remote site Remote site details. |
ResourceReference | Readonly |
| source_address | Source address Source Ip address. |
IPAddress | Readonly |
BgpNeighborsStatusListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| last_update_timestamp | Timestamp indicating last update time of data Timestamp when the data was last updated, unset if data source has never updated the data. |
EpochMsTimestamp | Readonly |
| logical_router_id | Logical router id | string | Required Readonly |
| logical_router_name | Name of the logical router | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Status of BGP neighbors of the logical router | array of BgpNeighborStatus | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BgpRouteAggregation (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| prefix | cidr of the aggregate address | IPCIDRBlock | Required |
| summary_only | Flag to send only summarized route | boolean | Default: "True" |
BgpRouteFiltering (schema)
Enable address_families and route filtering in each direction
| Name | Description | Type | Notes |
|---|---|---|---|
| address_family | Address family type Address family type. If not configured, this property automatically derived for IPv4 & IPv6 peer configuration. |
string | Enum: IPV4, IPV6, L2VPN_EVPN |
| enabled | Enable address family Flag to enable address family. |
boolean | Default: "True" |
| in_route_filters | Prefix-list or route map path for IN direction Specify path of prefix-list or route map to filter routes for IN direction. |
array of string | Maximum items: 1 |
| maximum_routes | Maximum number of routes for the address family Maximum number of routes for the address family. |
int | Minimum: 1 Maximum: 1000000 |
| out_route_filters | Prefix-list or route map path for OUT direction Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. |
array of string | Maximum items: 1 |
BgpRouteLeaking (schema)
BGP route leaking in each direction
| Name | Description | Type | Notes |
|---|---|---|---|
| address_family | Address family type Address family type. Assumed IPv4 address family when not specified. |
string | Enum: IPV4, IPV6 |
| in_filter | route map path for IN direction Specify path of route map to filter routes for IN direction. If not specified then all exported routes from peer attachment will be imported. |
array of string | Maximum items: 1 |
| out_filter | route map path for OUT direction Specify path of route map to filter routes for OUT direction. If not specified then all redistribute routes will be exported. |
array of string | Maximum items: 1 |
BgpRoutesRequestParameters (schema)
BGP Routes request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| count | Number of routes to retrieve Number of routes to return in response. Not used when routes are requested in CSV format. |
int | Minimum: 1 Default: "1000" |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | Enforcement point path String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BgpRoutingConfig (schema)
BGP routing config
Contains BGP routing configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildBgpNeighborConfig ChildBgpTroubleshootConfig |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| ebgp_admin_distance | eBGP route administrative distance Administrative distance for IPv4 and IPv6 eBGP learnt routes(inbound). User is allowed to set this value only if BGP is disabled. |
int | Minimum: 1 Maximum: 255 Default: "20" |
| ecmp | Flag to enable ECMP Flag to enable ECMP. |
boolean | |
| enabled | Flag to enable BGP configuration Flag to enable BGP configuration. Disabling will stop feature and BGP peering. |
boolean | |
| graceful_restart | Flag to enable graceful restart Flag to enable graceful restart. This field is deprecated, please use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other (i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER) then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown. |
boolean | Deprecated |
| graceful_restart_config | BGP Graceful Restart Configuration Configuration field to hold BGP Restart mode and timer. |
BgpGracefulRestartConfig | |
| ibgp_admin_distance | iBGP route administrative distance Administrative distance for IPv4 and IPv6 iBGP learnt routes(inbound). User is allowed to set this value only if BGP is disabled. |
int | Minimum: 1 Maximum: 255 Default: "200" |
| id | Unique identifier of this resource | string | Sortable |
| inter_sr_ibgp | Enable inter SR IBGP configuration Flag to enable inter SR IBGP configuration. When not specified, inter SR IBGP is automatically enabled if Tier-0 is created in ACTIVE_ACTIVE ha_mode. |
boolean | |
| local_as_num | BGP AS number in ASPLAIN/ASDOT Format Specify BGP AS number for Tier-0 to advertize to BGP peers. AS number can be specified in ASPLAIN (e.g., "65546") or ASDOT (e.g., "1.10") format. Empty string disables BGP feature. It is required by normal tier0 but not required in vrf tier0. |
string | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| multipath_relax | Flag to enable BGP multipath relax option Flag to enable BGP multipath relax option. |
boolean | |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BgpRoutingConfig | string | |
| route_aggregations | List of routes to be aggregated List of routes to be aggregated. |
array of RouteAggregationEntry | Maximum items: 1000 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BgpTroubleshootConfig (schema)
BGP troubleshoot config
Configuration field to hold BGP session diagnostics, system diagnostics and bfd control packet diagnostics.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| bfd_control_pkt_diagnostics | BFD control packet diagnostics configuration for troubleshooting Flag to enable/disable the collection of the timestamps of sent and received BFD control messages per BFD peer session. Enabled by default. |
boolean | Default: "True" |
| bgp_session_diagnostics | BGP session diagnostics configuration for troubleshooting Flag to enable/disable the collection of the timestamps of sent and received Keep-Alive messages per BGP peer session, and the session states. Enabled by default. |
boolean | Default: "True" |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value BgpTroubleshootConfig | string | |
| system_diagnostics | BGP system diagnostics configuration for troubleshooting Flag to enable/disable the collection of system diagnostic data such as ARP, Ping, CPU stats, etc. |
boolean | Default: "True" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
BinaryPacketData (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| frame_size | Requested total size of the (logical) packet in bytes If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size. |
integer | Minimum: 60 Maximum: 1000 Default: "128" |
| payload | RFC3548 compatible base64 encoded full payload Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload must contain all headers (Ethernet, IP, etc). Note that VLAN is not supported in the logical space. Hence, payload must not contain 802.1Q headers. |
string | Maximum length: 1336 |
| resource_type | Must be set to the value BinaryPacketData | string | Required Enum: BinaryPacketData, FieldsPacketData Default: "FieldsPacketData" |
| routed | Awareness of logical routing When this flag is set, traceflow packet will have its destination overwritten as the gateway address of the logical router to which the source logical switch is connected. More specifically: - For ARP request, the target IP will be overwritten as gateway IP if the target IP is not in the same subnet of gateway. - For ARP response, the target IP and destination MAC will be overwritten as gateway IP/MAC respectively, if the target IP is not in the same subnet of gateway. - For IP packet, the destination MAC will be overwritten as gateway MAC. However, this flag will not be effective when injecting the traceflow packet to a VLAN backed port. This is because the gateway in this case is a physical gateway that is outside the scope of NSX. Therefore, users need to manually populate the gateway MAC address. If the user still sets this flag in this case, a validation error will be thrown. The scenario where a user injects a packet with a VLAN tag into a parent port is referred to as the traceflow container case. Please note that the value of `routed` depends on the connected network of the child segment rather than the connected network of segment of the parent port in this case. Here is the explanation: The parent port in this context is the port on a segment which is referred to by a SegmentConnectionBindingMap. The bound segment of the SegmentConnectionBindingMap is the child segment. The user-crafted traceflow packet will be directly forwarded to the corresponding child segment of the parent port without interacting with any layer 2 forwarding/layer 3 routing in this scenario. The crafted packet will follow the forwarding/routing polices of the child segment's connected network. For example, if a user injects a crafted packet to port_p, and the segment (seg_p) of port_p is referred to by the binding map m1, where m1 is bound to segment seg_c, and the destination port (port_d) of the packet is the VM vNIC connected to seg_p. Although port_p and port_d are on the same segment, the 'routed' value should be set to true if the user expects the crafted packet to be correctly delivered to the destination. This is because the child segments seg_c and seg_d are on different segments and require router interaction to communicate. |
boolean | |
| transport_type | Transport type of the traceflow packet This type takes effect only for IP packet. |
string | Enum: BROADCAST, UNICAST, MULTICAST, UNKNOWN Default: "UNICAST" |
BingdingMapStackStatusListRequestParameters (schema)
Request parameters for binding map mirror stack status
Request parameters for port/group/segment binding map mirror stack status.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | Binding map path enforcemnt point path to remote L3 mirror session String path for the enforcement point. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BlackholeAction (schema)
Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded.
| Name | Description | Type | Notes |
|---|---|---|---|
| BlackholeAction | Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded. | string | Enum: DISCARD |
BondPnicStatus (schema)
bond type pnic status
pNIC/bond statuses
| Name | Description | Type | Notes |
|---|---|---|---|
| name | pNIC/bond name Name of the pNIC/bond |
string | |
| status | pNic/bond status Status of pNIC/bond |
string | Enum: UNKNOWN, UP, DOWN, DEGRADED |
| type | Object type Type, whether the object is a pNIC or a bond |
string | Enum: UNKNOWN_TYPE, PNIC, BOND |
BootBankVolumeInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| capacity | BOOTBANK volume capacity BOOTBANK volume capacity |
string | Required |
| name | BOOTBANK volume name BOOTBANK volume name |
string | |
| type | BOOTBANK volume type BOOTBANK volume type |
string |
BpduFilter (schema) (Deprecated)
BPDU filter configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Indicates whether BPDU filter is enabled | boolean | Required |
| white_list | Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering | array of string | Minimum items: 0 Maximum items: 32 |
BridgeEndpoint (schema)
Bridge Endpoint
A bridge endpoint can be created on a bridge cluster or on an edge
cluster. Few of the properties of this class will not be used depending on
the type of bridge endpoint being created. When creating a bridge endpoint
on a bridge cluster, following propeties will be used: vlan,
bridge_cluster_id and ha_enable. Similarly, for creating a bridge endpoint
on an edge cluster following properties will be used: vlan,
bridge_endpoint_profile_id and vlan_transport_zone_id.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| bridge_cluster_id | UUID of the bridge cluster for this bridge endpoint This field will not be used if an edge cluster is being used for the bridge endpoint |
string | Maximum length: 36 |
| bridge_endpoint_profile_id | Bridge endpoint profile used by the edge cluster This field will not be used if a bridge cluster is being used for the bridge endpoint |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| ha_enable | Controls the enabling of HA on the VLAN for this endpoint This field will not be used if an edge cluster is being used for the bridge endpoint |
boolean | Default: "True" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BridgeEndpoint | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| uplink_teaming_policy_name | The name of the switching uplink teaming policy for the bridge endpoint This name has to be one of the switching uplink teaming policy names listed inside the TransportZone. If this field is not specified, bridge will use the first pnic in host-switch config. This field will not be used if a bridge cluster is being used for the bridge endpoint |
string | |
| vlan | This property is used for VLAN specification of bridge endpoint.
It's mutually exclusive with 'vlan_trunk_spec', either 'vlan' or 'vlan_trunk_spec' should be specified. |
VlanID | |
| vlan_transport_zone_id | VLAN transport zone id by the edge cluster This field will not be used if a bridge cluster is being used for the bridge endpoint |
string | |
| vlan_trunk_spec | VLAN trunk spec of edge bridge endpoint This property is used for VLAN trunk specification of edge bridge endpoint. It's mutually exclusive with 'vlan', either 'vlan' or 'vlan_trunk_spec' should be specified. |
VlanTrunkSpec |
BridgeEndpointListResult (schema)
Bridge Endpoint queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | BridgeEndpoint Results | array of BridgeEndpoint | Required Readonly Minimum items: 0 |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BridgeEndpointProfile (schema)
Bridge Endpoint Profile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| edge_cluster_id | UUID of the edge cluster for this bridge endpoint | string | Required Maximum length: 36 |
| edge_cluster_member_indexes | Indexes of the member hosts of the edge bridge cluster First index will be used as the preferred member |
array of int | |
| failover_mode | Failover mode for the edge bridge cluster Faileover mode can be preemmptive or non-preemptive |
string | Enum: PREEMPTIVE, NON_PREEMPTIVE Default: "PREEMPTIVE" |
| high_availability_mode | High availability mode for the edge bridge cluster High avaialability mode can be active-active or active-standby |
string | Enum: ACTIVE_STANDBY Default: "ACTIVE_STANDBY" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BridgeEndpointProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BridgeEndpointProfileListResult (schema)
Bridge Endpoint Profile queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | BridgeEndpointProfile Results | array of BridgeEndpointProfile | Required Readonly Minimum items: 0 |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
BridgeEndpointProfileRequestParameters (schema)
Bridge Endpoint Profile request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| edge_cluster_id | Edge Cluster Identifier | string | |
| failover_mode | string | ||
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
BridgeEndpointRequestParameters (schema)
Bridge Endpoint request parameters
When querying for bridge endpoints on a bridge cluster, following
parameters can be used: bridge_cluster_id and logical_switch_id. When
querying for bridge endpoints on an edge cluster, following parameters
can be used: bridge_endpoint_profile_id, vlan_transport_zone_id and
logical_switch_id. When multiple parameters are provided they will be
anded together. if bridge_cluster_id is used along with
bridge_endpoint_profile_id or vlan_transport_zone_id an error will be
thrown.
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_cluster_id | Bridge Cluster Identifier If provided, only bridge endpoints associated with the given bridge cluster will be returned. |
string | |
| bridge_endpoint_profile_id | Bridge endpoint profile used by the edge cluster If provided, only bridge endpoints associated with the given bridge endpoint profile will be returned. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| logical_switch_id | Logical Switch Identifier If provided, only bridge endpoints associated with the given logical switch will be returned. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| vlan_transport_zone_id | VLAN transport zone id used by the edge cluster If provided, only bridge endpoints associated with the given transport zone will be returned. |
string |
BridgeEndpointStatistics (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| endpoint_id | The id of the bridge endpoint | string | Required Readonly |
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has never updated the data. | EpochMsTimestamp | Readonly |
| rx_bytes | DataCounter | Readonly | |
| rx_packets | DataCounter | Readonly | |
| tx_bytes | DataCounter | Readonly | |
| tx_packets | DataCounter | Readonly |
BridgeEndpointStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_nodes | The Ids of the transport nodes which actively serve the endpoint. | array of string | Readonly |
| endpoint_id | The id of the bridge endpoint | string | Required Readonly |
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has never updated the data. | EpochMsTimestamp | Readonly |
BridgeHighAvailabilityClusterProfile (schema) (Deprecated)
Profile for BFD HA cluster setting
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| bfd_probe_interval | the time interval (in millisec) between probe packets for heartbeat purpose | integer | Minimum: 300 Maximum: 60000 Default: "1000" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable | whether the heartbeat is enabled | boolean | Default: "True" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value BridgeHighAvailabilityClusterProfile | ClusterProfileType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
BridgeProfileConfig (schema)
Bridge Profile Configuration
configuration parameters for Bridge Profile
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_profile_path | Policy path to L2 Bridge profile Same bridge profile can be configured on different segments. Each bridge profile on a segment must unique. |
string | Required |
| uplink_teaming_policy_name | Uplink Teaming Policy Name The name of the switching uplink teaming policy for the bridge endpoint. This name corresponds to one of the switching uplink teaming policy names listed in the VLAN transport zone specified by the property "vlan_transport_zone_path". When this property is not specified, the default teaming policy of the host-switch is assigned. Do not set a value when the 'bridge_profile_path' is the path of L2DistributedBridgeEndpointProfile. |
string | |
| vlan_ids | VLAN IDs VLAN specification for bridge endpoint. Either VLAN ID or VLAN ranges can be specified. Not both. |
array of string | Required |
| vlan_transport_zone_path | Policy path of the VLAN transport zone assigned to the underlay L2 zone for bridging. The path of the VLAN transport zone that represents the underlay L2 zone in which the VLANs will be bridged to overlay segments. A unique VLAN transport zone should be assigned to each underlay L2 zone when needed for bridging. If two VLANs in two underlay L2 zones are combined together as one L2 broadcast-domain by certain L2 extension, the two underlay L2 zones still should have two different VLAN transport zones assigned to them. It is optional for distributed-bridging but required for other bridging modes. If it is not given, the distributed bridge will span all ESX transport nodes in the overlay transport zone of the segment that contains this profile. |
string |
BridgeProfileRequestParameters (schema)
Bridge profile request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_profile_path | Bridge profile path Policy path of Bridge profile using which a bridge end point was created. |
string | Required |
| enforcement_point_path | String Path of the enforcement point Enforcement point path. |
string |
BridgingMode (schema)
Bridging mode
Bridging mode.
| Name | Description | Type | Notes |
|---|---|---|---|
| BridgingMode | Bridging mode Bridging mode. |
string | Enum: EDGE_BRIDGE |
BrokerProperties (schema)
Information about a management plane node this transport node is configured to communicate with
| Name | Description | Type | Notes |
|---|---|---|---|
| BrokerFqdn | Fully qualified domain name of the message bus broker on the management plane node. | string | |
| BrokerIpAddress | IP address or hostname of the message bus broker on the management plane node. | HostnameOrIPv4Address | Required |
| BrokerIsMaster | Indicates whether this broker is the master. | string | |
| BrokerPort | Port number of the message bus broker on the management plane node. | string | |
| BrokerSslCertThumbprint | Certificate thumbprint of the message bus broker on the management plane node. | string | Required |
| BrokerVirtualHost | Type of host running the broker. | string |
BundleId (schema)
Id of bundle
Identifier of the bundle.
| Name | Description | Type | Notes |
|---|---|---|---|
| bundle_id | Bundle Id Identifier of bundle upload |
string | Readonly |
BundleIds (schema)
List of bundle-ids
Contains a list of bundle-ids.
| Name | Description | Type | Notes |
|---|---|---|---|
| failed | Failed bundle-Id Id of a bundle whose upload was failed. |
string | Readonly |
| in_progress | In-progress bundle-Id Id of a bundle whose upload is in-progress. |
string | Readonly |
| successful | Sucessful bundle-Id Id of a bundle whose upload is successful. |
string | Readonly |
BundleUploadParameters (schema)
Parameters for bundle upload
Parameters specified during bundle upload operations.
| Name | Description | Type | Notes |
|---|---|---|---|
| file_type | Type of file Type of file which will be uploaded. |
string | Required Enum: OVA |
| product | Name of the appliance Name of the appliance for which upload is performed. |
string | Required Enum: SAMPLE, ALB_CONTROLLER, INTELLIGENCE |
BundleUploadPermission (schema)
Permissions for bundle upload
Describes whether bundle upload is allowed or not.
| Name | Description | Type | Notes |
|---|---|---|---|
| reason | Reason for not allowing upload. | string | Readonly |
| upload_allowed | Bundle upload allowed flag Flag indication whether upload is allowed or not. |
boolean | Required Readonly |
BundleUploadStatus (schema)
Upload status of bundle
Upload status of bundle uploaded from local or remote location.
| Name | Description | Type | Notes |
|---|---|---|---|
| bundle_name | Name of the bundle Name of the uploaded bundle. |
string | Readonly |
| detailed_status | Detailed status of bundle upload Detailed status of bundle upload. |
string | Readonly |
| percent | Percent of upload completed Percent of bundle uploaded from remote location. |
number | Readonly |
| status | Status of bundle upload Current status of bundle upload. |
string | Readonly Enum: UPLOADING, VERIFYING, SUCCESS, FAILED |
| url | URL from which the bundle was uploaded URL for uploading bundle. |
string | Readonly |
ByodPolicyServiceInstance (schema)
Represents instance of self wiring partner's service
Represents an instance of partner's service whose wiring will be done by partner itself.
As partner does all the wiring, we call it as Byod - Bring your own device.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildServiceInstanceEndpoint |
|
| deployment_mode | Deployment Mode Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode. |
string | Enum: STAND_ALONE, ACTIVE_STANDBY Default: "ACTIVE_STANDBY" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| partner_service_name | Name of Partner Service Unique name of Partner Service in the Marketplace |
string | Required |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ByodPolicyServiceInstance | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_type | Transport Type Transport to be used while deploying Service-VM. |
string | Enum: L2_BRIDGE, L3_ROUTED Default: "L2_BRIDGE" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ByodPolicyServiceInstanceListResult (schema)
Collection of only Byod SI objects
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Byod Service instance list results | array of ByodPolicyServiceInstance | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ByodServiceInstance (schema)
Custom Instance of a service
ByodServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s. User will manage their own appliance (BYOD) to connect with NSX.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| deployment_mode | Deployment Mode Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode. |
string | Required Enum: STAND_ALONE, ACTIVE_STANDBY Default: "ACTIVE_STANDBY" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| on_failure_policy | On Failure Policy Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to. |
string | Enum: ALLOW, BLOCK |
| resource_type | Must be set to the value ByodServiceInstance | ServiceInstanceResourceType | Required |
| service_id | Service Id The Service to which the service instance is associated. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_type | Transport Type Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS. |
string | Required Enum: L2_BRIDGE, L3_ROUTED, NSH, NA, L3_ROUTED_V6 |
CCPUpgradeStatus (schema)
Status of CCP upgrade
| Name | Description | Type | Notes |
|---|---|---|---|
| can_rollback | Can perform rollback This field indicates whether we can perform upgrade rollback. |
boolean | Readonly |
| can_skip | Can the upgrade of the remaining units in this component be skipped | boolean | Readonly |
| component_type | Component type for the upgrade status | string | Readonly |
| current_version_node_summary | Mapping of current versions of nodes and counts of nodes at the respective versions. | NodeSummaryList | Readonly |
| details | Details about the upgrade status | string | Readonly |
| node_count_at_target_version | Count of nodes at target component version Number of nodes of the type and at the component version |
int | Readonly |
| percent_complete | Indicator of upgrade progress in percentage | number | Required Readonly |
| pre_upgrade_status | Pre-upgrade status of the component-type | UpgradeChecksExecutionStatus | Readonly |
| status | Upgrade status of component | string | Required Readonly Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED |
| target_component_version | Target component version | string | Readonly |
CCSnmpV3User (schema)
SNMP V3 user
This object contains properties for a SNMP V3 user that can be used to receive SNMP traps/notifications from NSX and/or poll NSX nodes over SNMP.
| Name | Description | Type | Notes |
|---|---|---|---|
| access | Type of access Access permissions for polling NSX nodes over SNMP V3. |
string | Enum: READ_ONLY Default: "READ_ONLY" |
| auth_password | Authentication password Authentication password used for SNMP V3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for authentication password. |
secure_string | |
| priv_password | Privacy password Privacy password used for SNMP V3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for privacy password. |
secure_string | |
| security_level | Security level Security level indicates whether SNMP communication involves authentication and privacy protocols for this user. Value "AUTH_PRIV" indicates both authentication and privacy protocols will be used for SNMP communication. |
string | Enum: AUTH_PRIV Default: "AUTH_PRIV" |
| user_id | User ID Unique SNMP V3 user id. |
string | Required Minimum length: 1 Maximum length: 32 |
CNSGroupAssociationRequestParams (schema)
List request parameters containing Cloud Native Service external ID and enforcement point path
List request parameters containing Cloud Native service external ID and enforcement point path
| Name | Description | Type | Notes |
|---|---|---|---|
| cns_external_id | Cloud Native Service external ID | string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F. |
string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
CPUReservation (schema)
Relative to the form factor pre-defined reservation value. We recommended
that you use the predefined measures of CPU reservation shares to reduce
the CPU reservation of a VM. Reservation shares are relative to the
default form-factor value. Though absolute values for CPU reservation
is supported, we advise to use this option with caution as incorrect or
high reservation values could lead to deployment failure or lead to
resource starvation for other VMs running on the same host.
| Name | Description | Type | Notes |
|---|---|---|---|
| reservation_in_mhz | CPU reservation in MHz. The CPU reservation in MHz is the guaranteed minimum amount of clock cycles that the vmkernel CPU scheduler will give the Edge VM in case of contention. If an Edge VM is not using its reserved resources, then other machines can use them thus preventing waste of CPU cycles on the physical host. Note: We recommend use of reservation_in_shares instead of this absolute configuration. When you specify this value, set reservation_in_shares to LOW_PRIORITY. |
int | |
| reservation_in_shares | CPU reservation in shares. Shares specify the relative importance of a virtual machine on a given host. When you assign shares to a virtual machine, you always specify the priority for that virtual machine relative to other powered-on virtual machines on the same host. The default priority for shares is HIGH_PRIORITY. |
string | Enum: EXTRA_HIGH_PRIORITY, HIGH_PRIORITY, NORMAL_PRIORITY, LOW_PRIORITY Default: "HIGH_PRIORITY" |
CaBundle (schema)
CA certificates bundle
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| certificates | X509Certificates in the bundle | array of X509Certificate | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| earliest_not_after | The earliest time in epoch milliseconds at which a certificate becomes invalid. | EpochMsTimestamp | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| not_after_list | Times for each certificate in the bundle at which the certificate becomes invalid. | array of EpochMsTimestamp | Readonly |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| pem_encoded | PEM-encoded CA bundle certificates. | string | Required |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value CaBundle | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CaBundleListResult (schema)
CA Bundle query result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CA bundles list. | array of CaBundle | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CallbackAuthenticationScheme (schema)
CallbackAuthenticationScheme describes how notification requests should authenticate to the server.
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_id | Valid certificate ID Certificate ID with a valid certificate and private key, procured from trust-management API. |
string | |
| password | Password for authentication Password to use if scheme_name is BASIC_AUTH. |
secure_string | |
| scheme_name | Authentication scheme to use when making notification requests Authentication scheme to use when making notification requests to the partner console. Specify one of BASIC_AUTH or CERTIFICATE. |
string | Required Enum: BASIC_AUTH, CERTIFICATE |
| username | Username for authentication Username to use if scheme_name is BASIC_AUTH. |
string |
CapacityDashboardUsage (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| current_usage_count | Current usage count of object type Indicate the current usage count of object type. |
integer | Required |
| current_usage_percentage | Current usage percentage Current usage percentage for object type |
number | Required |
| display_name | User friendly name for object type Display name for NSX object type. |
string | Required |
| max_supported_count | Maximum supported count for object type This is the maximum supported count for object type in consideration. |
integer | Required |
| max_threshold_percentage | Max threshold percentage for object type This indicates the maximum threshold percentage for object type. |
number | Required |
| min_threshold_percentage | Min threshold percentage for object type This indicates the minimum threshold percentage for object type. |
number | Required |
| severity | Severity calculated from percentage usage Severity calculated from percentage usage |
string | Required Enum: INFO, WARNING, CRITICAL, ERROR |
| usage_type | Object type for which usage is fetched Indicate the object type for which usage is calculated. |
string | Required |
CapacityThreshold (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| max_threshold_percentage | Maximum threshold percentage Set the maximum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as critical. |
number | Required Minimum: 0 Maximum: 100 |
| min_threshold_percentage | Minimum threshold percentage Set the minimum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as warning. |
number | Required Minimum: 0 Maximum: 100 |
| threshold_type | Object type for which threshold is to be set Indicate the object type for which threshold is to be set. |
string | Required |
CapacityThresholdList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| capacity_thresholds | List of capacity thresholds for NSX Objects | array of CapacityThreshold | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value CapacityThresholdList | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CapacityUsage (schema)
usage of each capacity type ex. vm, cpu
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| capacity_type | type of the capacity field | string | Readonly |
| usage_count | count of number of items of capacity_type | integer | Readonly |
CapacityUsageMetaInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| last_updated_timestamp | Timestamp at which capacity usage was last calculated | EpochMsTimestamp | Required |
| max_global_threshold_percentage | Maximum global threshold percentage Indicates the maximum global threshold percentage |
number | Required |
| min_global_threshold_percentage | Minimum global threshold percentage Indicates the minimum global threshold percentage |
number | Required |
CapacityUsageRequestParameters (schema)
Parameter to force inline calculation.
| Name | Description | Type | Notes |
|---|---|---|---|
| category | Category of attributes for which capacity details need to be fetched.
Supported categories are security, inventory, networking and system. User can provide comma separated list of multiple categories. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| force | Parameter to force inline calculation instead of retrieving
cached results. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
CapacityUsageResponse (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| capacity_usage | List of capacity usage for NSX Objects | array of CapacityDashboardUsage | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| meta_info | Meta data for capacity usage statistics | object | Required |
| resource_type | Must be set to the value CapacityUsageResponse | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unreported_usage_types | Unreported usage types Types for which usage data was not reported |
array of string |
CbmClusterNode (schema)
Cluster Node Properties
This type contains attributes of a cluster node that are relevant to the Cluster Boot Manager.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| entities | Entities on the node Entities on the node. |
array of CbmClusterNodeEntity | Required |
| id | Unique identifier of this resource | string | Sortable |
| node_uuid | UUID of the node UUID of the node. |
string | Required |
| resource_type | Must be set to the value CbmClusterNode | string | |
| status | Current clustering status of the node Current clustering status of the node. |
string | Enum: JOINING, JOINED, REMOVING, REMOVED Default: "REMOVED" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CbmClusterNodeEntity (schema)
Cluster Node Entity Properties
NSX Cluster is made up of multiple cluster nodes. Each node can perform multiple functions, commonly referred to as roles. Cluster node entities are processes running in a cluster node that assist in the performance of a role. Cluster Boot Manager is a daemon that securely bootstraps and configures the entities. This type contains attributes of a cluster node entity that are relevant to the Cluster Boot Manager.
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate | Public certificate in PEM format Public certificate of the entity in PEM format. |
string | Required |
| entity_type | Type of the entity Type of the entity. |
EntityType | Required |
| entity_uuid | UUID of the entity UUID of the entity. |
string | Required |
| fqdn | Domain name Domain name the entity binds to. |
string | Format: hostname |
| ip_address | IP address of entity IP address the entity binds to. |
string | |
| ipv6_address | IPv6 address of entity IPv6 address the entity binds to. |
string | |
| ipv6_subnet_prefix_length | IPv6 subnet mask prefix length IPv6 subnet mask prefix length of the entity binds to. |
integer | Minimum: 0 Maximum: 128 |
| port | Port number Port the entity binds to. |
integer | Minimum: 0 Maximum: 65535 |
| subnet_prefix_length | IPv4 subnet mask prefix length IPv4 subnet mask prefix length of the entity binds to. |
integer | Minimum: 0 Maximum: 32 |
CdpStatusType (schema)
Status types supported of the CrlDistributionPoint
| Name | Description | Type | Notes |
|---|---|---|---|
| CdpStatusType | Status types supported of the CrlDistributionPoint | string | Enum: NOT_READY, FETCHING, READY, ERROR |
CentralConfigProperties (schema)
Central Config properties
| Name | Description | Type | Notes |
|---|---|---|---|
| local_override | Override Central Config | boolean | Required |
CentralNodeConfigProfile (schema)
Central Node Config Profile
Central Node Config profile for NSX nodes. This set of properties will be pushed to NSX Manager and Edge nodes. SNMP properties will be pushed to KVM Hypervisors in addition to Manager and Edge nodes.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ntp | NTP service properties NTP service properties for NSX nodes. Ntp is null by default. If the ntp property is not specified or is set to null, the ntp property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing ntp setting on each node will remain as is. |
NtpProperties | |
| resource_type | Must be set to the value CentralNodeConfigProfile | string | |
| snmp | SNMP service properties SNMP service properties for NSX nodes. Snmp is null by default. If the snmp property is not specified or is set to null, the snmp property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing snmp setting on each node will remain as is. |
SnmpProperties | |
| syslog | Syslog service properties Syslog service properties for NSX nodes. Syslog is null by default. If the syslog property is not specified or is set to null, the syslog property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing syslog setting on each node will remain as is. |
SyslogProperties | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| timezone | Timezone Timezone to be set for NSX nodes. Only timezone strings listed in the Time Zone database (https://www.iana.org/time-zones) are allowed. Timezone is null by default. If the timezone property is not specified or is set to null, the timezone property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing timezone setting on each node will remain as is. |
string |
CentralNodeConfigProfileGetRequestParams (schema)
GET request parameters for Central Node Config profile
This object includes GET request parameter to indicate whether sensitive data should be returned for a central Central Node Config profile.
| Name | Description | Type | Notes |
|---|---|---|---|
| show_sensitive_data | Show sensitive data in Central Node Config profile If set to true, Central Node Config profile includes sensitive data properties like SNMP community strings if any applicable. Note that passwords are never returned. Default set to false. |
boolean | Default: "False" |
CentralNodeConfigProfileListResult (schema)
List of Central Node Config profiles
Paged collection of Central Node Config profiles.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Central Node Config profiles | array of CentralNodeConfigProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
Certificate (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| category | Category Different categories of certificates to distinguish stored certificates. 'APPLIANCE_CERTIFICATE' are certs used by this cluster. 'PRINCIPAL_IDENTITY_CERTIFICATE' used by LM and GM for mutual auth. 'SITE_CERTIFICATE' are certificate of different sites. 'UNUSED_CERTIFICATE' are certs which are not applied yet. 'POLICY_CERTIFICATE' used for external services. 'OTHER_CERTIFICATE' is category for any certificate which is not identified. |
string | Readonly Enum: OTHER_CERTIFICATE, APPLIANCE_CERTIFICATE, PRINCIPAL_IDENTITY_CERTIFICATE, SITE_CERTIFICATE, UNUSED_CERTIFICATE, POLICY_CERTIFICATE |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| details | List of X509Certificates. | array of X509Certificate | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| has_private_key | Whether we have the private key for this certificate. | boolean | Required Readonly Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| leaf_certificate_sha_256_thumbprint | Certificate thumbprint Unique SHA-256 thumbprint of the leaf node certificate. |
string | Readonly |
| pem_encoded | PEM encoded certificate data. | string | Required |
| purpose | Purpose of this certificate. Can be empty or set to "signing-ca". | string | Enum: signing-ca |
| resource_type | Must be set to the value Certificate | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| used_by | List of node IDs with services, that are using this certificate. | array of NodeIdServicesMap | Readonly |
CertificateBinding (schema)
Certificate binding
Details on applied certificate.
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_id | Certificate Id | string | Required Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$" |
| node_id | Node Id Node Id to which this certificate is applied to. |
string | |
| service_type | Service Type Service Type of the CertificateProfile to which the certificate is applied to. |
ServiceType | Required |
CertificateCheckingStatus (schema)
Result of checking a certificate
| Name | Description | Type | Notes |
|---|---|---|---|
| error_message | Error Message Error message when checking the certificate. |
string | Readonly |
| status | Status Status of the checked certificate. |
CertificateCheckingStatusType | Required Readonly |
CertificateCheckingStatusType (schema)
Status types returned when checking a certificate
| Name | Description | Type | Notes |
|---|---|---|---|
| CertificateCheckingStatusType | Status types returned when checking a certificate | string | Enum: OK, CRL_NOT_READY, REJECTED, ERROR |
CertificateClass (schema)
Certificate Class
| Name | Description | Type | Notes |
|---|---|---|---|
| CertificateClass | Certificate Class | string | Enum: REST, RPC, CBM, FEDERATION |
CertificateData (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| pem_encoded | PEM encoded certificate data PEM encoded certificate data. |
string | Required |
| private_key | Private key of certificate Private key of certificate. |
secure_string | Required |
CertificateId (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_id | Certificate ID | string | Required Readonly |
CertificateKeyPair (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate | SecurityCertificate | Required | |
| rsa_private_key | PEM encoded RSA private key The private key must include the enclosing "-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----". An empty string is returned in read responses. |
string | Required Minimum length: 60 |
CertificateList (schema)
Certificate queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Certificate list. | array of Certificate | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CertificateOperationStatus (schema)
Status of a certificate operation
| Name | Description | Type | Notes |
|---|---|---|---|
| affected_services | Affected services A comma-separated list of services that may be affected or interrupted when this certificate operation occurs. |
string | Readonly |
| certificate_id | Certificate Id | string | Required Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$" |
| certificate_name | Name of the new certificate. Required field presenting new certificate name in certificate replacement operation, or the certificate to be deleted. |
string | Required Readonly Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$" |
| end_time | End time The end time of this certificate operation in epoch milliseconds |
EpochMsTimestamp | Readonly |
| estimated_duration | Estimated duration Estimated time duration in seconds for this certificate operation. |
integer | Readonly |
| id | Unique ID of the operation. | string | Required Readonly Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$" |
| message | Message Localized text explaining the details of the error or deprecation warning and remedial steps to be taken. |
string | Readonly |
| node_id | Node Id Node Id to which this certificate is applied to. |
string | |
| old_certificate_id | Id of the old certificate Optional field presenting old certificate id in certificate replacement operation. |
string | Readonly Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$" |
| old_certificate_name | Name of the old certificate Optional field presenting old certificate name in certificate replacement operation. |
string | Readonly Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$" |
| operation_type | Operation Type Type of operation used for the batch. |
string | Required Readonly Enum: REPLACE, DELETE |
| service_type | Service Type Service Type of the CertificateProfile to which the certificate is applied to. |
ServiceType | Required |
| start_time | Start time The start time of this certificate operation in epoch milliseconds |
EpochMsTimestamp | Readonly |
| status | Status Status of this certificate operation |
string | Required Readonly Enum: OK, ERROR, PENDING, ABORTED |
CertificateProfile (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| abort_on_error | Abort when there's an error If this field is true, the certificate batch operation would be aborted if an error occurs during the replacement operation for this certificate profile. |
boolean | Readonly |
| affected_services | Affected Services A comma-separated list of service names that may be affected/interrupted when replacing the certificate for this service-type. |
string | Readonly |
| certificate_class | Category Service-types that are in a 'class'' cannot be share a certificate with a service in another 'class'. |
CertificateClass | Readonly |
| cluster_certificate | Cluster Certificate True if this is for a cluster certificate |
boolean | Required Readonly |
| deprecated_in_version | Deprecated in version Version in which this certificate profile was deprecated. |
string | Readonly |
| description | Description A longer description what the service-type is used for. |
string | Readonly |
| extended_key_usage | Extended Key Usage Indicating whether this certificate is used for server-auth, client-auth or both. |
array of CertificateUsageType | Required Readonly |
| node_type | Node Type List of types of node this certificate applies to. |
array of NodeType | Required Readonly |
| processing_order | Processing Order The order in which service-type certificates are replaced in a batch-replace. |
integer | Readonly |
| profile_name | Certificate Profile Name | string | Required Readonly |
| replacement_duration | Processing Duration The estimated amount of time it takes to replace the certificate for this service-type, in seconds. |
integer | Readonly |
| requires_private_key | Requires Private Key True if this certificate needs a private key. |
boolean | Required Readonly |
| service_type | Unique Service Type A short and unique name for the type of service this certificate is used for. |
ServiceType | Required Readonly |
| summary | Summary A short phrase what this service-type is for. |
string | Readonly |
| unique_use | Unique Use True if the certificate used for this service-type cannot be used anywhere else. |
boolean | Required Readonly |
CertificateProfileListResult (schema)
CertificateProfile query result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CertificateProfile list. | array of CertificateProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CertificateRenewalParameters (schema)
Parameters that affect how certificate renewals are processed
| Name | Description | Type | Notes |
|---|---|---|---|
| force | Force renewal of certificates
If true, perform certificate renewal even if blocked. |
boolean | Default: "False" |
CertificateReplacementConfig (schema)
Configuration for a certificate replacement operation
| Name | Description | Type | Notes |
|---|---|---|---|
| new_certificate_id | Id of the new certificate Id of the certificate which will replace the old certificate. This is optional field. If not specified, and if the old certificate is a self-signed certificate, a fresh self-signed will be generated with identical attributes as the old certificate. |
string | Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$" |
| old_certificate_id | Id of the old certificate Id of the currently used certificate which needs to be replaced. |
string | Required Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$" |
CertificateUsageType (schema)
Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER
| Name | Description | Type | Notes |
|---|---|---|---|
| CertificateUsageType | Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER | string | Enum: SERVER, CLIENT |
CertificatesBatchOperationResult (schema)
Result of certificates batch operation
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| end_time | End time The end time of this certificate batch operation in epoch milliseconds |
EpochMsTimestamp | Readonly |
| pending_estimated_duration | Pending estimated duration Sum of estimated duration of pending certificate operations. |
integer | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Batch results List of certificate operation statuses. |
array of CertificateOperationStatus | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
| start_time | Start time The start time of this certificate batch operation in epoch milliseconds |
EpochMsTimestamp | Readonly |
| total_estimated_duration | Total estimated duration Sum of estimated duration of all certificate operations. |
integer | Readonly |
CertificatesBatchReplacementRequest (schema)
Request for batch replacement of certificates
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_replacements | List of certificate replacement operation configurations. | array of CertificateReplacementConfig | Required |
CheckpointCounter (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| checkpoint_type | Type of checkpoint Type of Livetrace checkpoint. UNKNOWN - Unknown checkpoint. PORT_INPUT - Received by a port on slowpath. The first slowpath checkpoint is encountered when the packet enters a certain port. For a certain port, a series of subsequent checkpoints is usually encountered after the packet traverses through PORT_INPUT. PORT_OUTPUT - Forwarded to a port on slowpath. The last slowpath checkpoint is encountered when the packet left a certain port. For a certain port, a series of checkpoints is usually encountered before the packet traverses through PORT_OUTPUT. SPOOFGUARD_INPUT - Received by slowpath Spoofguard service. This checkpoint should be encountered either after the packet encounters PORT_INPUT or before the packet encounters PORT_OUTPUT. SPOOFGUARD_OUTPUT - Forwarded from slowpath Spoofguard service. This checkpoint should be encountered after SPOOFGUARD_INPUT. SPOOFUGARD_DROP - Dropped by slowpath Spoofguard service. This checkpoint should be encountered after SPOOFGUARD_INPUT. DFW_INPUT - Received by slowpath DFW service. This checkpoint should be encountered encountered either after the packet encounters PORT_INPUT or before the packet encounters PORT_OUTPUT. This checkpoint should after SPOOFGUARD related checkpoints, if they exist. DFW_OUTPUT - Forwarded from slowpath DFW service. This checkpoint should be encountered after DFW_INPUT. DFW_DROP - Dropped by slowpath DFW service.This checkpoint should be encountered after DFW_INPUT. UPLINK_INPUT - Ingressed via an uplink port on slowpath. The first slowpath checkpoint is encountered when the packet ingress from external network via an uplink. UPLINK_OUTPUT - Egressed via an uplink port on slowpath. The last slowpath checkpoint is encountered when the packet egress to external network via an uplink. ENS_PORT_INPUT - Received by a port on ENS fastpath. The first ENS fastpath checkpoint is encountered when the packet enters a certain port. ENS_PORT_OUTPUT - Forwarded to a port on ENS fastpath. The last ENS fastpath checkpoint is encountered when the packet left a certain port. ENS_UPLINK_INPUT - Ingressed via an uplink port on ENS fastpath. The first ENS fastpath checkpoint is encountered when the packet ingress from external network via an uplink. ENS_UPLINK_OUTPUT - Egressed via an uplink port on ENS fastpath. The last ENS fastpath checkpoint is encountered when the packet egress to external network via an uplink. ENS_DFW_INPUT - Received by ENS fastpath DFW service. This checkpoint should be encountered after ENS_PORT_INPUT. ENS_DFW_OUTPUT - Forwarded from ENS fastpath DFW service. This checkpoint should be encountered after ENS_DFW_INPUT. ENS_DFW_DROP - Dropped by ENS fastpath DFW service. This checkpoint should be encountered after ENS_DFW_INPUT. ROUTER_DROP - Dropped by slowpath router service. This checkpoint should be encountered after PORT_INPUT. |
string | Required Readonly Enum: UNKNOWN, PORT_INPUT, PORT_OUTPUT, SPOOFGUARD_INPUT, SPOOFGUARD_OUTPUT, SPOOFGUARD_DROP, DFW_INPUT, DFW_OUTPUT, DFW_DROP, UPLINK_INPUT, UPLINK_OUTPUT, ENS_PORT_INPUT, ENS_PORT_OUTPUT, ENS_UPLINK_INPUT, ENS_UPLINK_OUTPUT, ENS_DFW_INPUT, ENS_DFW_OUTPUT, ENS_DFW_DROP, ROUTER_DROP |
| count | Packet count The number of packets traversed by this checkpoint. The packet connectivity issue can be discovered by comparing the count value of different checkpoints. |
integer | Required Readonly |
CheckpointCounterResult (schema)
Checkpoint counter result
The packets that only have the count action (other permutations such as trace + pktcap or count + trace/pktcap cannot) can traverse through the ENS fastpath. Therefore, two checkpoint results from ENS fastpath and slowpath are listed below.
| Name | Description | Type | Notes |
|---|---|---|---|
| ens_checkpoints_result | Counter result from ENS checkpoints The counter result from ENS checkpoints |
array of CheckpointCounter | Readonly |
| non_ens_checkpoints_result | Counter result from non ENS checkpoints The counter result from non ENS checkpoints |
array of CheckpointCounter | Readonly |
ChildAntreaTraceflowConfig (schema)
Wrapper object for AnteaTraceflowConfig
Child wrapper for AntreaTraceflowConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TraceflowConfig | AntreaTraceflowConfig Contains the actual AntreaTraceflowConfig object. |
AntreaTraceflowConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildAntreaTraceflowConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildBfdProfile (schema)
Wrapper object for BfdProfile
Child wrapper for BfdProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| BfdProfile | Bfd Profile Contains the actual BfdProfile object. |
BfdProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildBfdProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildBgpNeighborConfig (schema)
Wrapper object for BgpNeighborConfig
Child wrapper object for BgpNeighborConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| BgpNeighborConfig | BgpNeighborConfig Contains the actual BgpNeighborConfig object. |
BgpNeighborConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildBgpNeighborConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildBgpRoutingConfig (schema)
Wrapper object for BgpRoutingConfig
Child wrapper object for BgpRoutingConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| BgpRoutingConfig | BgpRoutingConfig Contains the actual BgpRoutingConfig object. |
BgpRoutingConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildBgpRoutingConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildByodPolicyServiceInstance (schema)
Wrapper object for ByodPolicyServiceInstance
Child wrapper object for ByodPolicyServiceInstance used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ByodPolicyServiceInstance | ByodPolicyServiceInstance Contains actual ByodPolicyServiceInstance. |
ByodPolicyServiceInstance | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildByodPolicyServiceInstance | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildCaBundle (schema)
Child wrapper for CA certificates bundle, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| CaBundle | CaBundle Contains the actual CaBundle object. |
CaBundle | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildCaBundle | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildCommunicationEntry (schema) (Deprecated)
Wrapper object for CommunicationEntry
Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| CommunicationEntry | CommunicationEntry Contains the actual CommunicationEntry object. |
CommunicationEntry | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildCommunicationEntry | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildCommunicationMap (schema) (Deprecated)
Wrapper object for CommunicationMap
Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| CommunicationMap | CommunicationMap Contains the actual CommunicationMap object. |
CommunicationMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildCommunicationMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildCommunityList (schema)
Wrapper object for CommunityList
Child wrapper object for CommunityList, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| CommunityList | CommunityList Contains the actual CommunityList object |
CommunityList | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildCommunityList | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildComputeClusterIdfwConfiguration (schema)
Wrapper object for ComputeClusterIdfwConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| ComputeClusterIdfwConfiguration | ComputeClusterIdfwConfiguration Contains the actual compute cluster idfw configuration object. |
ComputeClusterIdfwConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildComputeClusterIdfwConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildConstraint (schema)
Wrapper object for Constraint
Child wrapper object for Constraint, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Constraint | Constraint Contains the actual Constraint object |
Constraint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildConstraint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildConstraintGlobalConfig (schema)
Wrapper object for ConstraintGlobalConfig
Child wrapper object for ConstraintGlobalConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalConfig | ConstraintGlobalConfig Settings to Constraint global configs in NSX/NSX+ application platform. |
ConstraintGlobalConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildConstraintGlobalConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDeploymentZone (schema) (Deprecated)
Wrapper object for DeploymentZone
Child wrapper object for DeploymentZone, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DeploymentZone | DeploymentZone Contains the actual DeploymentZone object |
DeploymentZone | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDeploymentZone | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDfwFirewallConfiguration (schema) (Experimental)
Wrapper object for FirewallConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| DfwFirewallConfiguration | Dfw Firewall Configuration Contains the actual dfw firewall configuration list object. |
DfwFirewallConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDfwFirewallConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDhcpRelayConfig (schema)
Wrapper object for DhcpRelayConfig
Child wrapper object for DhcpRelayConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DhcpRelayConfig | DhcpRelayConfig Contains the actual DhcpRelayConfig object |
DhcpRelayConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDhcpRelayConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDhcpServerConfig (schema)
Wrapper object for DhcpServerConfig
Child wrapper object for DhcpServerConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DhcpServerConfig | DhcpServerConfig Contains the actual DhcpServerConfig object |
DhcpServerConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDhcpServerConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDhcpStaticBindingConfig (schema)
Wrapper object for DhcpStaticBindingConfig
Child wrapper for DhcpStaticBindingConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| DhcpStaticBindingConfig | DhcpStaticBindingConfig Contains the actual DhcpStaticBindingConfig object. |
DhcpStaticBindingConfig (Abstract type: pass one of the following concrete types) DhcpV4StaticBindingConfig DhcpV6StaticBindingConfig |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDhcpStaticBindingConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDnsSecurityProfile (schema)
Wrapper object for DnsSecurityProfile
Child wrapper object for DnsSecurityProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DnsSecurityProfile | DnsSecurityProfile Contains the actual DnsSecurityProfile object |
DnsSecurityProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDnsSecurityProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDnsSecurityProfileBindingMap (schema)
Wrapper object for DnsSecurityProfileBindingMap
Child wrapper obejct for DnsSecurityProfileBindingMap used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| DnsSecurityProfileBindingMap | DnsSecurityProfileBindingMap Contains the actual DnsSecurityProfileBindingMap object |
DnsSecurityProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDnsSecurityProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDomain (schema)
Wrapper object for Domain
Child wrapper object for domain, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Domain | Domain Contains the actual domain object. |
Domain | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDomain | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildDomainDeploymentMap (schema)
Wrapper object for DomainDeploymentMap
Child wrapper object for DomainDeploymentMap, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| DomainDeploymentMap | DomainDeploymentMap Contains the actual DomainDeploymentMap object. |
DomainDeploymentMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildDomainDeploymentMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEndpointPolicy (schema)
Wrapper object for Endpoint Policy
Child wrapper object for EndpointPolicy used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EndpointPolicy | EndpointPolicy Contains actual EndpointPolicy. |
EndpointPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEndpointPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEndpointRule (schema)
Wrapper object for Endpoint Rule
Child wrapper object for EndpointRule used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EndpointRule | EndpointRule Contains actual EndpointRule. |
EndpointRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEndpointRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEnforcementPoint (schema)
Wrapper object for EnforcementPoint
Child wrapper object for EnforcementPoint, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EnforcementPoint | EnforcementPoint Contains the actual Enforcement point object. |
EnforcementPoint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEnforcementPoint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEvpnConfig (schema)
Wrapper object for EvpnConfig
Child wrapper object for EvpnConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EvpnConfig | EvpnConfig Contains the actual EvpnConfig object. |
EvpnConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEvpnConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildEvpnTunnelEndpointConfig (schema)
Wrapper object for EvpnTunnelEndpointConfig
Child wrapper object for EvpnTunnelEndpointConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| EvpnTunnelEndpointConfig | EvpnTunnelEndpointConfig Contains the actual EvpnTunnelEndpointConfig object. |
EvpnTunnelEndpointConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildEvpnTunnelEndpointConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildFloodProtectionProfile (schema)
Wrapper object for FloodProtectionProfile
Child wrapper object for FloodProtectionProfile,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| FloodProtectionProfile | FloodProtectionProfile Contains the actual FloodProtectionProfile object |
FloodProtectionProfile (Abstract type: pass one of the following concrete types) DistributedFloodProtectionProfile GatewayFloodProtectionProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildFloodProtectionProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildFloodProtectionProfileBindingMap (schema)
Wrapper object for FloodProtectionProfileBindingMap
Child wrapper object for FloodProtectionProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| FloodProtectionProfileBindingMap | FloodProtectionProfileBindingMap Contains the actual FloodProtectionProfileBindingMap object |
FloodProtectionProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildFloodProtectionProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildForwardingPolicy (schema) (Deprecated)
Wrapper object for children of type ForwardingPolicy
Child wrapper object for ForwardingPolicy used in Hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ForwardingPolicy | ForwardingPolicy Contains actual ForwardingPolicy. |
ForwardingPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildForwardingPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildForwardingRule (schema) (Deprecated)
Wrapper object for ForwardingRule
Child wrapper object for ForwardingRule used in Hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ForwardingRule | ForwardingRule Contains actual ForwardingRule. |
ForwardingRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildForwardingRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildFqdnAnalysisConfig (schema)
Wrapper object for FqdnAnalysisConfig
Child wrapper object for FqdnAnalysisConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| FqdnAnalysisConfig | FQDN Analysis Config Contains the actual FqdnAnalysisConfig object |
FqdnAnalysisConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildFqdnAnalysisConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGatewayPolicy (schema)
Wrapper object for GatewayPolicy
Child wrapper object for GatewayPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GatewayPolicy | GatewayPolicy Contains the actual GatewayPolicy object |
GatewayPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGatewayPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGatewayQosProfile (schema)
Wrapper object for GatewayQosProfile
Child wrapper for GatewayQosProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| GatewayQosProfile | GatewayQosProfile Contains the actual GatewayQosProfile object. |
GatewayQosProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGatewayQosProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGeneralSecurityProfile (schema)
Wrapper object for GeneralSecurityProfile
Child wrapper object for GeneralSecurityProfile,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GeneralSecurityProfile | GeneralSecurityProfile Contains the actual GeneralSecurityProfile object |
GeneralSecurityProfile (Abstract type: pass one of the following concrete types) GatewayGeneralSecurityProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGeneralSecurityProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGeneralSecurityProfileBindingMap (schema)
Wrapper object for GeneralSecurityProfileBindingMap
Child wrapper object for GeneralSecurityProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GeneralSecurityProfileBindingMap | GeneralSecurityProfileBindingMap Contains the actual GeneralSecurityProfileBindingMap object |
GeneralSecurityProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGeneralSecurityProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGlobalConfig (schema)
Wrapper object for GlobalConfig
Child wrapper object for GlobalConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalConfig | GlobalConfig Contains the actual GlobalConfig object. |
GlobalConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGlobalConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGlobalDfwConfiguration (schema) (Experimental)
Wrapper object for GlobalDfwConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalDfwConfiguration | Global distributed firewall configuration Contains the actual global distributed firewall configuration object. |
GlobalDfwConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGlobalDfwConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGlobalIdsSettings (schema)
Wrapper object for GlobalIdsSettings
Child wrapper object for GlobalIdsSettings, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalIdsSettings | GlobalIdsSettings Contains the GlobalIdsSettings object |
GlobalIdsSettings | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGlobalIdsSettings | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGlobalIdsSignature (schema)
Wrapper object for GlobalIdsSignature
Child wrapper object for GlobalIdsSignature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalIdsSignature | GlobalIdsSignature Contains the GlobalIdsSignature object |
GlobalIdsSignature | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGlobalIdsSignature | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGlobalManager (schema)
Wrapper object for Global Manager
Child wrapper object for Global Manager, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalManager | GlobalManager Contains the actual Global Manager object. |
GlobalManager | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGlobalManager | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGroup (schema)
Wrapper object for Group
Child wrapper object for group, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Group | Group Contains the actual group objects. |
Group | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGroupDiscoveryProfileBindingMap (schema)
Wrapper object for GroupDiscoveryProfileBindingMap
Child wrapper obejct for GroupDiscoveryProfileBindingMap used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GroupDiscoveryProfileBindingMap | GroupDiscoveryProfileBindingMap Contains the actual GroupDiscoveryProfileBindingMap object |
GroupDiscoveryProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGroupDiscoveryProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildGroupMonitoringProfileBindingMap (schema)
Wrapper object for GroupMonitoringProfileBindingMap
Child wrapper object for GroupMonitoringProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GroupMonitoringProfileBindingMap | GroupMonitoringProfileBindingMap Contains the actual GroupMonitoringProfileBindingMap object |
GroupMonitoringProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildGroupMonitoringProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildHostTransportNode (schema)
Wrapper object for Host Transport Node
Child wrapper for Host Transport Node, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| HostTransportNode | Host Transport Node Contains the actual Host Transport Node object. |
HostTransportNode | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildHostTransportNode | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildHostTransportNodeCollection (schema)
Wrapper object for Transport Node Collection
Child wrapper for Transport Collection, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| HostTransportNodeCollection | Transport Node Collection Contains the actual Transport Node Collection object. |
HostTransportNodeCollection | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildHostTransportNodeCollection | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPDiscoveryProfile (schema)
Wrapper object for IPDiscoveryProfile
Child wrapper object for IPDiscoveryProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPDiscoveryProfile | IPDiscoveryProfile Contains the actual IPDiscoveryProfile object |
IPDiscoveryProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPDiscoveryProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPFIXDFWCollectorProfile (schema)
Wrapper object for IPFIXDFWCollectorProfile
Child wrapper object for IPFIXDFWCollectorProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPFIXDFWCollectorProfile | IPFIXDFWCollectorProfile Contains the actual IPFIXDFWCollectorProfile object |
IPFIXDFWCollectorProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPFIXDFWCollectorProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPFIXDFWProfile (schema)
Wrapper object for IPFIXDFWProfile
Child wrapper object for IPFIXDFWProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPFIXDFWProfile | IPFIXDFWProfile Contains the actual IPFIXDFWProfile object |
IPFIXDFWProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPFIXDFWProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPFIXL2CollectorProfile (schema)
Wrapper object for IPFIXL2CollectorProfile
Child wrapper object for IPFIXL2CollectorProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPFIXL2CollectorProfile | IPFIXL2CollectorProfile Contains the actual IPFIXL2CollectorProfile object |
IPFIXL2CollectorProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPFIXL2CollectorProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPFIXL2Profile (schema)
Wrapper object for IPFIXL2Profile
Child wrapper object for IPFIXL2Profile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IPFIXL2Profile | IPFIXL2Profile Contains the actual IPFIXL2Profile object |
IPFIXL2Profile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPFIXL2Profile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnDpdProfile (schema)
Wrapper object for IPSecVpnDpdProfile
Child wrapper object for IPSecVpnDpdProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnDpdProfile | IPSecVpnDpdProfile Contains the actual IPSecVpnDpdProfile object. |
IPSecVpnDpdProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnDpdProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnIkeProfile (schema)
Wrapper object for IPSecVpnIkeProfile
Child wrapper object for IPSecVpnIkeProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnIkeProfile | IPSecVpnIkeProfile Contains the actual IPSecVpnIkeProfile object. |
IPSecVpnIkeProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnIkeProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnLocalEndpoint (schema)
Wrapper object for IPSecVpnLocalEndpoint
Child wrapper object for IPSecVpnLocalEndpoint, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnLocalEndpoint | IPSecVpnLocalEndpoint Contains the actual IPSecVpnLocalEndpoint object. |
IPSecVpnLocalEndpoint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnLocalEndpoint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnService (schema)
Wrapper object for IPSecVpnService
Child wrapper object for IPSecVpnService, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnService | IPSecVpnService Contains the actual IPSecVpnService object. |
IPSecVpnService | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnSession (schema)
Wrapper object for IPSecVpnSession
Child wrapper object for IPSecVpnSession, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnSession | IPSecVpnSession Contains the actual IPSecVpnSession object. |
IPSecVpnSession (Abstract type: pass one of the following concrete types) PolicyBasedIPSecVpnSession RouteBasedIPSecVpnSession |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnSession | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIPSecVpnTunnelProfile (schema)
Wrapper object for IPSecVpnTunnelProfile
Child wrapper object for IPSecVpnTunnelProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IPSecVpnTunnelProfile | IPSecVpnTunnelProfile Contains the actual IPSecVpnTunnelProfile object |
IPSecVpnTunnelProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIPSecVpnTunnelProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdentityFirewallStore (schema)
Wrapper object for IdentityFirewallStore
Child wrapper for IdentityFirewallStore, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IdentityFirewallStore | IdentityFirewallStore Contains the actual IdentityFirewallStore object. |
IdentityFirewallStore (Abstract type: pass one of the following concrete types) IdentityFirewallAdStore |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdentityFirewallStore | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsClusterConfig (schema)
Wrapper object for IdsClusterConfig
Child wrapper object for IdsClusterConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsClusterConfig | IdsClusterConfig Contains the IdsClusterConfig object |
IdsClusterConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsClusterConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsCustomSignatureSettings (schema)
Wrapper object for IdsCustomSignatureSettings
Child wrapper object for IdsCustomSignatureSettings, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsCustomSignatureSettings | IdsCustomSignatureSettings Contains the IdsCustomSignatureSettings object |
IdsCustomSignatureSettings | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsCustomSignatureSettings | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsGatewayPolicy (schema)
Wrapper object for IdsGatewayPolicy
Child wrapper object for IdsGatewayPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsGatewayPolicy | IdsGatewayPolicy Contains the IdsGatewayPolicy object |
IdsGatewayPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsGatewayPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsGlobalEventConfig (schema)
Wrapper object for IdsGlobalEventConfig
Child wrapper object for IdsGlobalEventConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsGlobalEventConfig | IdsGlobalEventConfig Contains the IdsGlobalEventConfig object |
IdsGlobalEventConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsGlobalEventConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsPcapFileMetadata (schema)
Wrapper object for IdsPcapFileMetadata
Child wrapper object for IdsPcapFileMetadata, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsPcapFileMetadata | IdsPcapFileMetadata Contains the IdsPcapFileMetadata object |
IdsPcapFileMetadata | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsPcapFileMetadata | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsProfile (schema)
Wrapper object for IdsProfile
Child wrapper object for IdsProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsProfile | IdsProfile Contains the IdsProfile object |
IdsProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsRule (schema)
Wrapper object for IdsRule
Child wrapper object for IdsRule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsRule | IdsRule Contains the IdsRule object |
IdsRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSecurityPolicy (schema)
Wrapper object for IdsSecurityPolicy
Child wrapper object for IdsSecurityPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSecurityPolicy | IdsSecurityPolicy Contains the IdsSecurityPolicy object |
IdsSecurityPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSecurityPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSettings (schema)
Wrapper object for IdsSettings
Child wrapper object for IdsSettings, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSettings | IdsSettings Contains the IdsSettings object |
IdsSettings | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSettings | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSignature (schema)
Wrapper object for IdsSignature
Child wrapper object for IdsSignature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSignature | IdsSignature Contains the IdsSignature object |
IdsSignature | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSignature | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSignatureStatus (schema)
Wrapper object for IdsSignatureStatus
Child wrapper object for IdsSignatureStatus, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSignatureStatus | IdsSignatureStatus Contains the IdsSignatureStatus object |
IdsSignatureStatus | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSignatureStatus | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsSignatureVersion (schema)
Wrapper object for IdsSignatureVersion
Child wrapper object for IdsSignatureVersion, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsSignatureVersion | IdsSignatureVersion Contains the IdsSignatureVersion object |
IdsSignatureVersion | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsSignatureVersion | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsStandaloneHostConfig (schema)
Wrapper object for IdsStandaloneHostConfig
Child wrapper object for IdsStandaloneHostConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsStandaloneHostConfig | IdsStandaloneHostConfig Contains the IdsStandaloneHostConfig object |
IdsStandaloneHostConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsStandaloneHostConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIdsThresholdConfig (schema)
Wrapper object for IdsThresholdConfig
Child wrapper object for IdsThresholdConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| IdsThresholdConfig | IdsThresholdConfig Contains the IdsThresholdConfig object. |
IdsThresholdConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIdsThresholdConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildInfra (schema)
Wrapper object for Infra
Child wrapper object for Infra, used in multi-tenancy hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Infra | Infra Contains the actual Infra object |
Infra | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildInfra | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpAddressAllocation (schema)
Wrapper object for IpAddressAllocation
Child wrapper object for IpAddressAllocation, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IpAddressAllocation | IpAddressAllocation Contains the actual IpAddressAllocation object |
IpAddressAllocation | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpAddressAllocation | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpAddressBlock (schema)
Wrapper object for IpAddressBlock
Child wrapper object for IpAddressBlock, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IpAddressBlock | IpAddressBlock Contains the actual IpAddressBlock object |
IpAddressBlock | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpAddressBlock | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpAddressPool (schema)
Wrapper object for IpAddressPool
Child wrapper object for IpAddressPool, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IpAddressPool | IpAddressPool Contains the actual IpAddressPool object |
IpAddressPool | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpAddressPool | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpAddressPoolSubnet (schema)
Wrapper object for IpAddressPoolSubnet
Child wrapper object for IpAddressPoolSubnet, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| IpAddressPoolSubnet | IpAddressPoolSubnet Contains the actual IpAddressPoolSubnet object |
IpAddressPoolSubnet (Abstract type: pass one of the following concrete types) IpAddressPoolBlockSubnet IpAddressPoolStaticSubnet |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpAddressPoolSubnet | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpv6DadProfile (schema)
Wrapper object for Ipv6DadProfile
Child wrapper object for Ipv6DadProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Ipv6DadProfile | Ipv6DadProfile Contains the actual Ipv6DadProfile objects |
Ipv6DadProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpv6DadProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildIpv6NdraProfile (schema)
Wrapper object for Ipv6NdraProfile
Child wrapper object for Ipv6NdraProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Ipv6NdraProfile | Ipv6NdraProfile Contains the actual Ipv6NdraProfile objects |
Ipv6NdraProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildIpv6NdraProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2BridgeEndpointProfile (schema)
Wrapper object for L2BridgeEndpointProfile
Child wrapper object for L2BridgeEndpointProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| L2BridgeEndpointProfile | L2BridgeEndpointProfile Contains the actual L2BridgeEndpointProfile object |
L2BridgeEndpointProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2BridgeEndpointProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2VPNService (schema)
Wrapper object for L2VPNService
Child wrapper object for L2VPNService, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L2VPNService | L2VPNService Contains the actual L2VPNService object. |
L2VPNService | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2VPNService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2VPNSession (schema)
Wrapper object for L2VPNSession
Child wrapper object for L2VPNSession, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L2VPNSession | L2VPNSession Contains the actual L2VPNSession object. |
L2VPNSession | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2VPNSession | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2Vpn (schema) (Deprecated)
Wrapper object for L2Vpn
Child wrapper object for L2Vpn, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L2Vpn | L2Vpn Contains the actual L2Vpn object. |
L2Vpn | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2Vpn | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL2VpnContext (schema) (Deprecated)
Wrapper object for L2VpnContext
Child wrapper object for L2VpnContext, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L2VpnContext | L2VpnContext Contains the actual L2VpnContext object. |
L2VpnContext | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL2VpnContext | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL3Vpn (schema) (Deprecated)
Wrapper object for L3Vpn
Child wrapper object for L3Vpn, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L3Vpn | L3Vpn Contains the actual L3Vpn object. |
L3Vpn | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL3Vpn | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL3VpnContext (schema) (Deprecated)
Wrapper object for L3VpnContext
Child wrapper object for L3VpnContext, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| L3VpnContext | L3VpnContext Contains the actual L3VpnContext object. |
L3VpnContext | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL3VpnContext | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL7AccessEntry (schema)
Wrapper object for L7 Access Entry
Child wrapper object for L7 Access Entry, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| L7AccessEntry | L7 Access Entry Contains the actual L7 access entry object |
L7AccessEntry | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL7AccessEntry | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildL7AccessProfile (schema)
Wrapper object for L7 Access Profile
Child wrapper object for L7 Access Profile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| L7AccessProfile | L7 access profile Contains the actual L7 access profile object |
L7AccessProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildL7AccessProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBAppProfile (schema)
Wrapper object for LBAppProfile
Child wrapper for LBAppProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBAppProfile | LBAppProfile Contains the actual LBAppProfile object. |
LBAppProfile (Abstract type: pass one of the following concrete types) LBFastTcpProfile LBFastUdpProfile LBHttpProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBAppProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBClientSslProfile (schema) (Deprecated)
Wrapper object for LBClientSslProfile
Child wrapper for LBClientSslProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBClientSslProfile | LBClientSslProfile Contains the actual LBClientSslProfile object. |
LBClientSslProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBClientSslProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBMonitorProfile (schema) (Deprecated)
Wrapper object for LBMonitorProfile
Child wrapper for LBMonitorProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBMonitorProfile | LBMonitorProfile Contains the actual LBMonitorProfile object. |
LBMonitorProfile (Abstract type: pass one of the following concrete types) LBActiveMonitor LBHttpMonitorProfile LBHttpsMonitorProfile LBIcmpMonitorProfile LBPassiveMonitorProfile LBTcpMonitorProfile LBUdpMonitorProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBMonitorProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBPersistenceProfile (schema)
Wrapper object for LBPersistenceProfile
Child wrapper for LBPersistenceProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBPersistenceProfile | LBPersistenceProfile Contains the actual LBPersistenceProfile object. |
LBPersistenceProfile (Abstract type: pass one of the following concrete types) LBCookiePersistenceProfile LBGenericPersistenceProfile LBSourceIpPersistenceProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBPersistenceProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBPool (schema)
Wrapper object for LBPool
Child wrapper for LBPool, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBPool | LBPool Contains the actual LBPool object. |
LBPool | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBPool | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBServerSslProfile (schema) (Deprecated)
Wrapper object for LBServerSslProfile
Child wrapper for LBServerSslProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBServerSslProfile | LBServerSslProfile Contains the actual LBServerSslProfile object. |
LBServerSslProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBServerSslProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBService (schema)
Wrapper object for LBService
Child wrapper for LBService, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBService | LBService Contains the actual LBService object. |
LBService | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLBVirtualServer (schema)
Wrapper object for LBVirtualServer
Child wrapper for LBVirtualServer, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| LBVirtualServer | LBVirtualServer Contains the actual LBVirtualServer object. |
LBVirtualServer | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLBVirtualServer | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLiveTraceConfig (schema)
Wrapper object for LiveTraceConfig
Child wrapper for LiveTraceConfig for Hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| LiveTraceConfig | LiveTraceConfig The actual LiveTraceConfig object. |
LiveTraceConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLiveTraceConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildLocaleServices (schema)
Wrapper object for LocaleServices
Child wrapper object for LocaleServices, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| LocaleServices | LocaleServices Contains the actual LocaleServices object |
LocaleServices | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildLocaleServices | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildMacDiscoveryProfile (schema)
Wrapper object for MacDiscoveryProfile
Child wrapper object for MacDiscoveryProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| MacDiscoveryProfile | MacDiscoveryProfile Contains the actual MacDiscoveryProfile object |
MacDiscoveryProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildMacDiscoveryProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildMalwarePreventionProfile (schema)
Wrapper object for MalwarePreventionProfile
Child wrapper object for MalwarePreventionProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| MalwarePreventionProfile | MalwarePreventionProfile Contains the MalwarePreventionProfile object |
MalwarePreventionProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildMalwarePreventionProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildMalwarePreventionSignature (schema)
Wrapper object for MalwarePreventionSignature
Child wrapper object for MalwarePreventionSignature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| MalwarePreventionSignature | MalwarePreventionSignature Contains the MalwarePreventionSignature object |
MalwarePreventionSignature | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildMalwarePreventionSignature | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildMetadataProxyConfig (schema)
Wrapper object for MetadataProxyConfig
| Name | Description | Type | Notes |
|---|---|---|---|
| MetadataProxyConfig | MetadataProxyConfig Contains the actual MetadataProxyConfig object. |
MetadataProxyConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildMetadataProxyConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOdsDynamicRunbookInstance (schema)
Wrapper object for OdsDynamicRunbookInstance
Child wrapper for OdsDynamicRunbookInstance for Hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| OdsDynamicRunbookInstance | OdsDynamicRunbookInstance The actual OdsDynamicRunbookInstance object. |
OdsDynamicRunbookInstance | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOdsDynamicRunbookInstance | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOdsRunbookInvocation (schema)
Wrapper object for OdsRunbookInvocation
Child wrapper for OdsRunbookInvocation for Hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| OdsRunbookInvocation | OdsRunbookInvocation The actual OdsRunbookInvocation object. |
OdsRunbookInvocation | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOdsRunbookInvocation | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOdsRunbookInvocationArtifactBatchRequest (schema)
Wrapper object for OdsRunbookInvocationArtifactBatchRequest
Child wrapper for OdsRunbookInvocationArtifactBatchRequest for Hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| OdsRunbookInvocation | OdsRunbookInvocationArtifactBatchRequest The actual OdsRunbookInvocationArtifactBatchRequest object. |
OdsRunbookInvocationArtifactBatchRequest | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOdsRunbookInvocationArtifactBatchRequest | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOpsGlobalConfig (schema)
Wrapper object for OpsGlobalConfig
Child wrapper object for OpsGlobalConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| GlobalConfig | OpsGlobalConfig Contains the actual OpsGlobalConfig object. |
OpsGlobalConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOpsGlobalConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOrg (schema)
Wrapper object for Org
Child wrapper object for Org, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Org | Org Contains the actual Org object |
Org | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOrg | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOrgRoot (schema)
Wrapper object for OrgRoot
Child wrapper object for OrgRoot, used in multi-tenancy hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| OrgRoot | OrgRoot Contains the actual OrgRoot object |
OrgRoot | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOrgRoot | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOspfAreaConfig (schema)
Wrapper object for OSPF routing config
Child wrapper object for OspfAreaConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| OspfAreaConfig | OspfAreaConfig Contains actual OspfAreaConfig. |
OspfAreaConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOspfAreaConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildOspfRoutingConfig (schema)
Wrapper object for OSPF routing config
Child wrapper object for OspfRoutingConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| OspfRoutingConfig | OspfRoutingConfig Contains actual OspfRoutingConfig. |
OspfRoutingConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildOspfRoutingConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyConfigResource (schema)
Represents the desired state object as child resource
Represents an object on the desired state
This is an abstract type. Concrete child types:
ChildAntreaTraceflowConfig
ChildBfdProfile
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCaBundle
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDhcpStaticBindingConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildEvpnConfig
ChildEvpnTunnelEndpointConfig
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildFqdnAnalysisConfig
ChildGatewayPolicy
ChildGatewayQosProfile
ChildGeneralSecurityProfile
ChildGeneralSecurityProfileBindingMap
ChildGlobalDfwConfiguration
ChildGlobalIdsSettings
ChildGlobalIdsSignature
ChildGlobalManager
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildHostTransportNode
ChildHostTransportNodeCollection
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIdentityFirewallStore
ChildIdsClusterConfig
ChildIdsCustomSignatureSettings
ChildIdsGatewayPolicy
ChildIdsGlobalEventConfig
ChildIdsPcapFileMetadata
ChildIdsProfile
ChildIdsRule
ChildIdsSecurityPolicy
ChildIdsSettings
ChildIdsSignature
ChildIdsSignatureStatus
ChildIdsSignatureVersion
ChildIdsStandaloneHostConfig
ChildIdsThresholdConfig
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildL7AccessEntry
ChildL7AccessProfile
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLiveTraceConfig
ChildLocaleServices
ChildMacDiscoveryProfile
ChildMalwarePreventionProfile
ChildMalwarePreventionSignature
ChildMetadataProxyConfig
ChildOdsDynamicRunbookInstance
ChildOdsRunbookInvocation
ChildOdsRunbookInvocationArtifactBatchRequest
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallIpReputationConfig
ChildPolicyFirewallScheduler
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLatencyStatProfile
ChildPolicyNat
ChildPolicyNatRule
ChildPolicySIExcludeList
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPolicyTransportZoneProfile
ChildPolicyUrlCategorizationConfig
ChildPolicyVpcNatRule
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSIStatusConfiguration
ChildSecurityFeatures
ChildSecurityPolicy
ChildSegment
ChildSegmentConnectionBindingMap
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildShaDynamicPlugin
ChildShaPluginProfile
ChildShaPredefinedPlugin
ChildSite
ChildSpoofGuardProfile
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticMimeContent
ChildStaticRouteBfdPeer
ChildStaticRoutes
ChildTagBulkOperation
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0InterfaceGroup
ChildTier0RouteMap
ChildTier0SecurityFeatures
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTier1InterfaceGroup
ChildTlsCertificate
ChildTlsCrl
ChildTlsPolicy
ChildTlsProfile
ChildTlsRule
ChildTlsTrustData
ChildTraceflowConfig
ChildTunnel
ChildVMTagReplicationPolicy
ChildVirtualEndpoint
ChildVniPoolConfig
ChildVpcIpAddressAllocation
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyConfigResource | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyContextProfile (schema)
Wrapper object for PolicyContextProfile
Child wrapper object for PolicyContextProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyContextProfile | PolicyContextProfile Contains the actual PolicyContextProfile objects |
PolicyContextProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyContextProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyCustomAttributes (schema)
Wrapper object for PolicyCustomAttributes
Child wrapper object for PolicyCustomAttributes, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyCustomAttributes | PolicyCustomAttributes Contains the actual PolicyCustomAttributes objects |
PolicyCustomAttributes | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyCustomAttributes | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyDnsForwarder (schema)
Wrapper object for PolicyDnsForwarder
Child wrapper object for PolicyDnsForwarder, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyDnsForwarder | PolicyDnsForwarder Contains the actual PolicyDnsForwarder object |
PolicyDnsForwarder | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyDnsForwarder | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyDnsForwarderZone (schema)
Wrapper object for PolicyDnsForwarderZone
Child wrapper object for PolicyDnsForwarderZone, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyDnsForwarderZone | PolicyDnsForwarderZone Contains the actual PolicyDnsForwarderZone object |
PolicyDnsForwarderZone | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyDnsForwarderZone | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyEdgeCluster (schema)
Wrapper object for PolicyEdgeCluster
Child wrapper object for PolicyEdgeCluster, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyEdgeCluster | PolicyEdgeCluster Contains the actual PolicyEdgeCluster object. |
PolicyEdgeCluster | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyEdgeCluster | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyEdgeNode (schema)
Wrapper object for PolicyEdgeNode
Child wrapper object for PolicyEdgeNode, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyEdgeNode | PolicyEdgeNode Contains the actual PolicyEdgeNode object. |
PolicyEdgeNode | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyEdgeNode | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyExcludeList (schema)
Wrapper object for PolicyExcludeList
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyExcludeList | PolicyExcludeList Contains the actual policy exclude list object. |
PolicyExcludeList | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyExcludeList | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallCPUMemThresholdsProfileBindingMap (schema)
Wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap
Child wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap,
used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallCPUMemThresholdsProfileBindingMap | PolicyFirewallCPUMemThresholdsProfileBindingMap Contains the actual PolicyFirewallCPUMemThresholdsProfileBindingMap object. |
PolicyFirewallCPUMemThresholdsProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallCPUMemThresholdsProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallCpuMemThresholdsProfile (schema)
Wrapper object for PolicyFirewallCpuMemThresholdsProfile
Child wrapper object for PolicyFirewallCpuMemThresholdsProfile, used in
hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallCpuMemThresholdsProfile | PolicyFirewallCpuMemThresholdsProfile Contains the actual PolicyFirewallCpuMemThresholdsProfile object |
PolicyFirewallCpuMemThresholdsProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallCpuMemThresholdsProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallFloodProtectionProfileBindingMap (schema)
Wrapper object for PolicyFirewallFloodProtectionProfileBindingMap
Child wrapper object for PolicyFirewallFloodProtectionProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallFloodProtectionProfileBindingMap | PolicyFirewallFloodProtectionProfileBindingMap Contains the actual PolicyFirewallFloodProtectionProfileBindingMap object |
PolicyFirewallFloodProtectionProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallFloodProtectionProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallIpReputationConfig (schema)
Wrapper object for PolicyFirewallIpReputationConfig
Child wrapper object for PolicyFirewallIpReputationConfig, used
in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallIpReputationConfig | IP reputation config Contains the actual PolicyFirewallIpReputationConfig object. |
PolicyFirewallIpReputationConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallIpReputationConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallScheduler (schema)
Wrapper object for PolicyFirewallScheduler
Child wrapper object for PolicyFirewallScheduler, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallScheduler | PolicyFirewallScheduler Contains the actual PolicyFirewallScheduler objects |
PolicyFirewallScheduler | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallScheduler | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallSessionTimerProfile (schema)
Wrapper object for PolicyFirewallSessionTimerProfile
Child wrapper object for PolicyFirewallSessionTimerProfile,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallSessionTimerProfile | PolicyFirewallSessionTimerProfile Contains the actual PolicyFirewallSessionTimerProfile object |
PolicyFirewallSessionTimerProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallSessionTimerProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyFirewallSessionTimerProfileBindingMap (schema)
Wrapper object for PolicyFirewallSessionTimerProfileBindingMap
Child wrapper object for PolicyFirewallSessionTimerProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyFirewallSessionTimerProfileBindingMap | PolicyFirewallSessionTimerProfileBindingMap Contains the actual PolicyFirewallSessionTimerProfileBindingMap object |
PolicyFirewallSessionTimerProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyFirewallSessionTimerProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyIgmpProfile (schema)
Wrapper object for PolicyIgmpProfile
Child wrapper object for PolicyIgmpProfile used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyIgmpProfile | PolicyIgmpProfile Contains actual PolicyIgmpProfile. |
PolicyIgmpProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyIgmpProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyInterVrfRoutingConfig (schema)
Wrapper object for inter-vrf routing config
Child wrapper object for PolicyInterVrfRoutingConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyInterVrfRoutingConfig | PolicyInterVrfRoutingConfig Contains actual PolicyInterVrfRoutingConfig. |
PolicyInterVrfRoutingConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyInterVrfRoutingConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyLabel (schema)
Wrapper object for PolicyLabel
Child wrapper object for PolicyLabel, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyLabel | PolicyLabel Contains the actual PolicyLabel object |
PolicyLabel | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyLabel | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyLatencyStatProfile (schema)
Wrapper object for PolicyLatencyStatProfile
Child wrapper object for PolicyLatencyStatProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyLatencyStatProfile | PolicyLatencyStatProfile Contains the actual PolicyLatencyStatProfile object |
PolicyLatencyStatProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyLatencyStatProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyMulticastConfig (schema)
Wrapper object for PolicyMulticastConfig
Child wrapper object for PolicyMulticastConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyMulticastConfig | PolicyMulticastConfig Contains actual PolicyMulticastConfig. |
PolicyMulticastConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyMulticastConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyNat (schema)
Wrapper object for PolicyNat
Child wrapper object for PolicyNat, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyNat | PolicyNat Contains the actual PolicyNAT object |
PolicyNat | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyNat | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyNatRule (schema)
Wrapper object for PolicyNatRule
Child wrapper object for PolicyNatRule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyNatRule | PolicyNatRule Contains the actual PolicyNatRule object |
PolicyNatRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyNatRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyPimProfile (schema)
Wrapper object for PolicyPimProfile
Child wrapper object for PolicyPimProfile used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyPimProfile | PolicyPimProfile Contains actual PolicyPimProfile. |
PolicyPimProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyPimProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicySIExcludeList (schema)
Wrapper object for PolicySIExcludeList
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicySIExcludeList | PolicySIExcludeList Contains the actual policy exclude list object. |
PolicySIExcludeList | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicySIExcludeList | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyServiceChain (schema)
Wrapper object for PolicyServiceChain
Child wrapper object for PolicyServiceInstance used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyServiceChain | PolicyServiceChain Contains actual PolicyServiceChain. |
PolicyServiceChain | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyServiceChain | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyServiceInstance (schema)
Wrapper object for PolicyServiceInstance
Child wrapper object for PolicyServiceInstance used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyServiceInstance | PolicyServiceInstance Contains actual PolicyServiceInstance. |
PolicyServiceInstance | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyServiceInstance | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyServiceProfile (schema)
Wrapper object for PolicyServiceProfile
Child wrapper object for PolicyServiceProfile used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyServiceProfile | PolicyServiceProfile Contains actual PolicyServiceProfile. |
PolicyServiceProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyServiceProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyTier1MulticastConfig (schema)
Wrapper object for PolicyTier1MulticastConfig
Child wrapper object for PolicyTier1MulticastConfig used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyTier1MulticastConfig | PolicyTier1MulticastConfig Contains actual PolicyTier1MulticastConfig. |
PolicyTier1MulticastConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyTier1MulticastConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyTransportZone (schema)
Wrapper object for PolicyTransportZone
Child wrapper object for PolicyTransportZone, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyTransportZone | PolicyTransportZone Contains the actual PolicyTransportZone object. |
PolicyTransportZone | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyTransportZone | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyTransportZoneProfile (schema)
Wrapper object for PolicyTransportZoneProfile
Child wrapper object for PolicyTransportZoneProfile, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyTransportZoneProfile | PolicyTransportZoneProfile Contains the actual PolicyTransportZoneProfile object. |
PolicyTransportZoneProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyTransportZoneProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyUrlCategorizationConfig (schema)
Wrapper object for PolicyUrlCategorizationConfig
Child wrapper object for PolicyUrlCategorizationConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyUrlCategorizationConfig | URL Categorization Config Contains the actual PolicyUrlCategorizationConfig object |
PolicyUrlCategorizationConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyUrlCategorizationConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPolicyVpcNatRule (schema)
Wrapper object for PolicyVpcNatRule
Child wrapper object for PolicyVpcNatRule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicyVpcNatRule | Policy VPC Nat Rule Contains the actual Policy VPC Nat Rule object |
PolicyVpcNatRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPolicyVpcNatRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortDiscoveryProfileBindingMap (schema)
Wrapper object for PortDiscoveryProfileBindingMap
Child wrapper object for PortDiscoveryProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortDiscoveryProfileBindingMap | PortDiscoveryProfileBindingMap Contains the actual PortDiscoveryProfileBindingMap object |
PortDiscoveryProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortDiscoveryProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortMirroringProfile (schema)
Wrapper object for PortMirroringProfile
Child wrapper object for PortMirroringProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortMirroringProfile | PortMirroringProfile Contains the actual PortMirroringProfile object |
PortMirroringProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortMirroringProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortMonitoringProfileBindingMap (schema)
Wrapper object for PortMonitoringProfileBindingMap
Child wrapper object for PortMonitoringProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortMonitoringProfileBindingMap | PortMonitoringProfileBindingMap Contains the actual PortMonitoringProfileBindingMap object |
PortMonitoringProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortMonitoringProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortQoSProfileBindingMap (schema)
Wrapper object for PortQoSProfileBindingMap
Child wrapper object for PortQoSProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortQoSProfileBindingMap | PortQoSProfileBindingMap Contains the actual PortQoSProfileBindingMap object |
PortQoSProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortQoSProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPortSecurityProfileBindingMap (schema)
Wrapper object for PortSecurityProfileBindingMap
Child wrapper object for PortSecurityProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| PortSecurityProfileBindingMap | PortSecurityProfileBindingMap Contains the actual PortSecurityProfileBindingMap object |
PortSecurityProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPortSecurityProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildPrefixList (schema)
Wrapper object for PrefixList
Child wrapper object for PrefixList, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| PrefixList | PrefixList Contains the actual PrefixList object. |
PrefixList | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildPrefixList | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildProject (schema)
Wrapper object for PROJECT
Child wrapper object for Project, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Project | PROJECT Contains the actual Project object |
Project | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildProject | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildProjectRouteFilter (schema)
Wrapper object for project route filter
Child wrapper object for ProjectRouteFilter used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ProjectRouteFilter | ProjectRouteFilter Contains actual ProjectRouteFilter. |
ProjectRouteFilter | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildProjectRouteFilter | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildQoSProfile (schema)
Wrapper object for QoSProfile
Child wrapper object for QoSProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| QoSProfile | QoSProfile Contains the actual QoSProfile object |
QoSProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildQoSProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildReaction (schema)
Wrapper object for Reaction
Child wrapper object for Reaction used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Reaction | Reaction Contains the actual Reaction object. |
Reaction | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildReaction | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildRedirectionPolicy (schema)
Wrapper object for RedirectionPolicy
Child wrapper object for RedirectionPolicy used in Hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| RedirectionPolicy | RedirectionPolicy Contains actual RedirectionPolicy. |
RedirectionPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildRedirectionPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildRedirectionRule (schema)
Wrapper object for RedirectionRule
Child wrapper object for ChildRedirectionRule used in Hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| RedirectionRule | RedirectionRule Contains actual RedirectionRule. |
RedirectionRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildRedirectionRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildResourceReference (schema)
Represents the reference to ChildPolicyConfigResource
Represents a reference to ChildPolicyConfigResource in the hierarchical API. resource_type, id and target_type are mandatory fields.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildResourceReference | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target_type | The target type of this reference | string | Required |
ChildRule (schema)
Wrapper object for Rule
Child wrapper object for Rule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Rule | Rule Contains the actual Rule object |
Rule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSIStatusConfiguration (schema) (Experimental)
Wrapper object for PolicySIStatusConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| PolicySIStatusConfiguration | Contains the actual service insertion status configuration list object.
|
PolicySIStatusConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSIStatusConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSecurityFeatures (schema)
Wrapper object for Security Feature
Child wrapper object for T1 Security Feature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SecurityFeatures | Security configs Contains the actual SecurityFeatures object |
SecurityFeatures | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSecurityFeatures | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSecurityPolicy (schema)
Wrapper object for SecurityPolicy
Child wrapper object for SecurityPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SecurityPolicy | SecurityPolicy Contains the actual SecurityPolicy object |
SecurityPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSecurityPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegment (schema)
Wrapper object for Segment
Child wrapper object for Segment, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Segment | Segment Contains the actual Segment object. |
Segment | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegment | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentConnectionBindingMap (schema)
Wrapper object for SegmentConnectionBindingMap
Child wrapper for SegmentConnectionBindingMap, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentConnectionBindingMap | Segment Connection Binding Map Contains the actual SegmentConnectionBindingMap object. |
SegmentConnectionBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentConnectionBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentDiscoveryProfileBindingMap (schema)
Wrapper object for SegmentDiscoveryProfileBindingMap
Child wrapper object for SegmentDiscoveryProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentDiscoveryProfileBindingMap | SegmentDiscoveryProfileBindingMap Contains the actual SegmentDiscoveryProfileBindingMap object |
SegmentDiscoveryProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentDiscoveryProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentMonitoringProfileBindingMap (schema)
Wrapper object for SegmentMonitoringProfileBindingMap
Child wrapper object for SegmentMonitoringProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentMonitoringProfileBindingMap | SegmentMonitoringProfileBindingMap Contains the actual SegmentMonitoringProfileBindingMap object |
SegmentMonitoringProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentMonitoringProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentPort (schema)
Wrapper object for SegmentPort
Child wrapper object for SegmentPort, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentPort | SegmentPort Contains the actual SegmentPort object |
SegmentPort | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentPort | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentQoSProfileBindingMap (schema)
Wrapper object for SegmentQoSProfileBindingMap
Child wrapper object for SegmentQoSProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentQoSProfileBindingMap | SegmentQoSProfileBindingMap Contains the actual SegmentQoSProfileBindingMap object |
SegmentQoSProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentQoSProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentSecurityProfile (schema)
Wrapper object for SegmentSecurityProfile
Child wrapper object for SegmentSecurityProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentSecurityProfile | SegmentSecurityProfile Contains the actual SegmentSecurityProfile object |
SegmentSecurityProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentSecurityProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSegmentSecurityProfileBindingMap (schema)
Wrapper object for SegmentSecurityProfileBindingMap
Child wrapper object for SegmentSecurityProfileBindingMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SegmentSecurityProfileBindingMap | SegmentSecurityProfileBindingMap Contains the actual SegmentSecurityProfileBindingMap object |
SegmentSecurityProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSegmentSecurityProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildService (schema)
Wrapper object for Service
Child wrapper object for Service, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Service | Service Contains the actual Service object. |
Service | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildService | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceEntry (schema)
Wrapper object for ServiceEntry
Child wrapper object for ServiceEntry, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Service | ServiceEntry This is a deprecated property, Please use 'ServiceEntry' instead. |
ServiceEntry (Abstract type: pass one of the following concrete types) ALGTypeServiceEntry EtherTypeServiceEntry ICMPTypeServiceEntry IGMPTypeServiceEntry IPProtocolServiceEntry L4PortSetServiceEntry NestedServiceServiceEntry |
Deprecated |
| ServiceEntry | ServiceEntry Contains the actual ServiceEntry object. |
ServiceEntry (Abstract type: pass one of the following concrete types) ALGTypeServiceEntry EtherTypeServiceEntry ICMPTypeServiceEntry IGMPTypeServiceEntry IPProtocolServiceEntry L4PortSetServiceEntry NestedServiceServiceEntry |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceEntry | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceInstanceEndpoint (schema)
Wrapper object for ServiceInstanceEndpoint
Child wrapper object for ServiceInstanceEndpoint used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ServiceInstanceEndpoint | ServiceInstanceEndpoint Contains actual ServiceInstanceEndpoint. |
ServiceInstanceEndpoint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceInstanceEndpoint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceInterface (schema)
Wrapper object for ServiceInterface
Child wrapper object for ServiceInterface, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ServiceInterface | ServiceInterface Contains the actual ServiceInterface object. |
ServiceInterface | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceInterface | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceReference (schema)
Wrapper object for ServiceReference
Child wrapper object for ServiceReference used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| ServiceReference | ServiceReference Contains actual ServiceReference. |
ServiceReference | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceReference | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildServiceSegment (schema)
Wrapper object for SerivceSegment
Child wrapper object for ServiceSegment, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| ServiceSegment | ServiceSegments Contains the actual ServiceSegment objects |
ServiceSegment | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildServiceSegment | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSessionTimerProfileBindingMap (schema)
Wrapper object for SessionTimerProfileBindingMap
Child wrapper object for SessionTimerProfileBindingMap,
used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SessionTimerProfileBindingMap | SessionTimerProfileBindingMap Contains the actual SessionTimerProfileBindingMap object |
SessionTimerProfileBindingMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSessionTimerProfileBindingMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildShaDynamicPlugin (schema)
Wrapper object for ShaDynamicPlugin
Child wrapper object for ShaDynamicPlugin, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| ShaPluginProfile | ShaDynamicPlugin Contains the actual ShaDynamicPlugin object |
ShaDynamicPlugin | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildShaDynamicPlugin | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildShaPluginProfile (schema)
Wrapper object for ShaPluginProfile
Child wrapper object for ShaPluginProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| ShaPluginProfile | ShaPluginProfile Contains the actual ShaPluginProfile object |
ShaPluginProfile (Abstract type: pass one of the following concrete types) ShaDynamicPluginProfile ShaPredefinedPluginProfile ShaSystemPluginProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildShaPluginProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildShaPredefinedPlugin (schema)
Wrapper object for ShaDynamicPlugin
Child wrapper object for ShaPredefinedPlugin, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| ShaPluginProfile | ShaPredefinedPlugin Contains the actual ShaPredefinedPlugin object |
ShaPredefinedPlugin | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildShaPredefinedPlugin | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildShare (schema)
Wrapper object for Share
Child wrapper object for Share, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Share | Share Contains the actual Share object |
Share | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildShare | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSharedResource (schema)
Wrapper object for SharedResource
Child wrapper object for SharedResource, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SharedResource | SharedResource Contains the actual SharedResource object |
SharedResource | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSharedResource | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSite (schema)
Wrapper object for Site
Child wrapper object for Site, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Site | Site Contains the actual Site object. |
Site | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSite | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildSpoofGuardProfile (schema)
Wrapper object for SpoofGuardProfile
Child wrapper object for SpoofGuardProfile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| SpoofGuardProfile | SpoofGuardProfile Contains the actual SpoofGuardProfile object |
SpoofGuardProfile | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildSpoofGuardProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStandaloneHostIdfwConfiguration (schema)
Wrapper object for StandaloneHostIdfwConfiguration
| Name | Description | Type | Notes |
|---|---|---|---|
| StandaloneHostIdfwConfiguration | StandaloneHostIdfwConfiguration Contains the actual standalone host idfw configuration object. |
StandaloneHostIdfwConfiguration | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStandaloneHostIdfwConfiguration | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStaticARPConfig (schema)
Wrapper object for StaticARPConfig
Child wrapper object for StaticARPConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| StaticARPConfig | StaticARPConfig Contains the actual StaticARPConfig object. |
StaticARPConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStaticARPConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStaticMimeContent (schema)
Wrapper object for Child Static MIME content
Child wrapper object for Static MIME content, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsProfile | Static Mime Content Contains the actual Static MIME content object. |
StaticMimeContent | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStaticMimeContent | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStaticRouteBfdPeer (schema)
Wrapper object for StaticRouteBfdPeer
Child wrapper for StaticRouteBfdPeer, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| BfdPeer | Static Route BFD Peer Contains the actual StaticRouteBfdPeer object. |
StaticRouteBfdPeer | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStaticRouteBfdPeer | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildStaticRoutes (schema)
Wrapper object for StaticRoutes
Child wrapper object for StaticRoutes, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| StaticRoutes | StaticRoutes Contains the actual StaticRoutes object. |
StaticRoutes | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildStaticRoutes | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTagBulkOperation (schema)
Child wrapper object for TagBulkOperation
Child wrapper object for TagBulkOperation, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TagBulkOperation | TagBulkOperation Contains actual TagBulkOperation object. |
TagBulkOperation | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTagBulkOperation | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0 (schema)
Wrapper object for Tier-0
Child wrapper object for Tier-0, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0 | Tier-0 Contains the actual Tier-0 object. |
Tier0 | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0 | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0DeploymentMap (schema)
Wrapper object for Tier0DeploymentMap
Child wrapper object for Tier0DeploymentMap, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0DeploymentMap | Tier0DeploymentMap Contains the actual Tier0DeploymentMap object. |
Tier0DeploymentMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0DeploymentMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0Interface (schema)
Wrapper object for Tier0Interface
Child wrapper object for Tier0Interface, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0Interface | Tier0Interface Contains the actual Tier0Interface object. |
Tier0Interface | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0Interface | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0InterfaceGroup (schema)
Wrapper object for Tier0InterfaceGroup
Child wrapper object for Tier0InterfaceGroup, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0InterfaceGroup | Tier0InterfaceGroup Contains the actual Tier0InterfaceGroup object. |
Tier0InterfaceGroup | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0InterfaceGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0RouteMap (schema)
Wrapper object for Tier0RouteMap
Child wrapper object for Tier0RouteMap, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0RouteMap | Tier0RouteMap Contains the actual Tier0RouteMap object |
Tier0RouteMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0RouteMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier0SecurityFeatures (schema)
Wrapper object for T0 Security Feature
Child wrapper object for T0 Security Feature, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier0SecurityFeatures | T0 Security configs Contains the actual TO SecurityFeatures object |
Tier0SecurityFeatures | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier0SecurityFeatures | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier1 (schema)
Wrapper object for Tier-1
Child wrapper object for Tier-1 , used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier1 | Tier-1 Contains the actual Tier-1 object. |
Tier1 | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier1 | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier1DeploymentMap (schema)
Wrapper object for Tier1DeploymentMap
Child wrapper object for Tier1DeploymentMap, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier1DeploymentMap | Tier1DeploymentMap Contains the actual Tier1DeploymentMap object. |
Tier1DeploymentMap | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier1DeploymentMap | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier1Interface (schema)
Wrapper object for Tier1Interface
Child wrapper object for Tier1Interface, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier1Interface | Tier1Interface Contains the actual Tier1Interface object. |
Tier1Interface | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier1Interface | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTier1InterfaceGroup (schema)
Wrapper object for Tier1InterfaceGroup
Child wrapper object for Tier1InterfaceGroup, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tier1InterfaceGroup | Tier1InterfaceGroup Contains the actual Tier1InterfaceGroup object. |
Tier1InterfaceGroup | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTier1InterfaceGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsCertificate (schema)
Wrapper object for TlsCertificate
Child wrapper for TlsCertificate, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsCertificate | TlsCertificate Contains the actual TlsCertificate object. |
TlsCertificate | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsCertificate | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsCrl (schema)
Wrapper object for TlsCrl
Child wrapper for TlsCrl, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsCrl | TlsCrl Contains the actual TlsCrl object. |
TlsCrl | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsCrl | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsPolicy (schema)
Wrapper object for TlsPolicy
Child wrapper object for TLSPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsPolicy | TlsPolicy Contains the actual TLSPolicy object |
TlsPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsProfile (schema)
Wrapper object for Child TLS Profile
Child wrapper object for TLS Profile, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsProfile | TLS Profile Contains the actual TLS profile object. |
TlsProfile (Abstract type: pass one of the following concrete types) TlsInspectionExternalProfile TlsInspectionInternalProfile |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsProfile | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsRule (schema)
Wrapper object for Rule
Child wrapper object for Rule, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsRule | TLS Rule Contains the actual TLS Rule object |
TlsRule | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsRule | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTlsTrustData (schema)
Wrapper object for TlsTrustData
Child wrapper for TlsTrustData, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| TlsTrustData | TlsTrustData Contains the actual TlsTrustData object. |
TlsTrustData | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTlsTrustData | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTraceflowConfig (schema)
Wrapper object for TraceflowConfig
Child wrapper for TraceflowConfig, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| TraceflowConfig | TraceflowConfig Contains the actual TraceflowConfig object. |
TraceflowConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTraceflowConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTunnel (schema)
Wrapper object for Tunnel
Child wrapper object for Tunnel, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| Tunnel | Tunnel Contains the actual Tunnel object. |
Tunnel (Abstract type: pass one of the following concrete types) GreTunnel Tunnel |
Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildTunnel | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildTypesRequestParameter (schema)
Filter to populate child types of the policyConfigResource
Specified child resource types will be populated in the response body
| Name | Description | Type | Notes |
|---|---|---|---|
| base_path | Base Path for retrieving hierarchical intent Base path of the resource for which user wants to retrieve the hierarchy. This should be the fully qualified path for the resource. - Sample examples - base_path=/infra/domains/default/groups/Group1 base_path=/infra/domains/default/security-policies/SecurityPolicy1/rules/Rule1 |
string | |
| filter | Filter string as java regex Filter string, can contain multiple or single java regular expressions separated by ';'. By default populates immediate child resources of the resource indicated by the URL. These child resources will be filtered by the type provided in the filter. It is recommended to use type_filter parameter instead of filter parameter. - Sample query string to prevent loading services and deployment zones: filter=Type-^(?!.*?(?:Service|DeploymentZone)).*$ - Sample query string to populate all the Group objects under Infra & Domain: filter=Type-Domain%7CGroup - Sample query string to load every policy object under Infra: filter=Type-.* |
string | |
| type_filter | Filter string to retrieve hierarchy. Advanced filter string in which user can directly specify the resourceTypes to be filtered. Can be used in conjunction with base_path. - Sample example of type_filter to load all groups - type_filter=Group - Sample example of multiple type_filter - type_filter=Group;SercurityPolicy;RedirectionPolicy - Sample example to load all groups in default domain using base_path in conjunction with type_filter - base_path=/infra/domains/default&type_filter=Group |
string |
ChildVMTagReplicationPolicy (schema)
Wrapper object for VMTagReplicationPolicy
Child wrapper object for VMTagReplicationPolicy, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| VMTagReplicationPolicy | VMTagReplicationPolicy Contains the actual VMTagReplicationPolicy object |
VMTagReplicationPolicy | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVMTagReplicationPolicy | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildVirtualEndpoint (schema)
Wrapper object for VirtualEndpoint
Child wrapper object for VirtualEndpoint used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| VirtualEndpoint | VirtualEndpoint Contains reference to actual VirtualEndpoint. |
VirtualEndpoint | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVirtualEndpoint | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildVniPoolConfig (schema)
Wrapper object for VniPoolConfig
Child wrapper object for VniPoolConfig, used in hierarchical API.
| Name | Description | Type | Notes |
|---|---|---|---|
| VniPoolConfig | VniPoolConfig Contains the actual VniPoolConfig object. |
VniPoolConfig | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVniPoolConfig | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildVpc (schema)
Wrapper object for VPC
Child wrapper object for VPC, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| Vpc | VPC Contains the actual VPC object |
Vpc | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVpc | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildVpcIpAddressAllocation (schema)
Wrapper object for VpcIpAddressAllocation
Child wrapper object for IpAddressAllocation, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| VpcIpAddressAllocation | VpcIpAddressAllocation Contains the actual VpcIpAddressAllocation object |
VpcIpAddressAllocation | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVpcIpAddressAllocation | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildVpcSubnet (schema)
Wrapper object for VPC Subnet
Child wrapper object for VPC Subnet, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| VpcSubnet | VPC Subnet Contains the actual VPC Subnet object |
VpcSubnet | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVpcSubnet | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ChildVpcSubnetPort (schema)
Wrapper object for VPC Subnet Port
Child wrapper object for VPC Subnet Port, used in hierarchical API
| Name | Description | Type | Notes |
|---|---|---|---|
| VpcSubnetPort | VPC Subnet Port Contains the actual VPC Subnet Port object |
VpcSubnetPort | Required |
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mark_for_override | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. | boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. |
boolean | Default: "False" |
| request_parameter | Generic type for passing the API request parameters. | PolicyRequestParameter (Abstract type: pass one of the following concrete types) PolicyRequestParameter SegmentRequestParameter TraceflowRequestParameter |
|
| resource_type | Must be set to the value ChildVpcSubnetPort | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CidrArrayConstraintValue (schema)
Array of CIDR Values to perform operation
List of CIDR values
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Must be set to the value CidrArrayConstraintValue | string | Required Enum: StringArrayConstraintValue, CidrArrayConstraintValue, IntegerArrayConstraintValue |
| values | Array of IP addresses This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64". |
array of IPElement | Required Minimum items: 1 Maximum items: 100 |
CipherSuite (schema)
HTTP cipher suite
| Name | Description | Type | Notes |
|---|---|---|---|
| enabled | Enable status for this cipher suite | boolean | Required |
| name | Name of the TLS cipher suite | string | Required |
ClaimMap (schema)
Claim map
Information about how to map a single OIDC ID token claim to one or more NSX roles.
| Name | Description | Type | Notes |
|---|---|---|---|
| claim_name | string | ||
| value_to_role_map | array of ClaimValueToRoleMap |
ClaimValueToRoleMap (schema)
Claim value map
| Name | Description | Type | Notes |
|---|---|---|---|
| claim_value | Claim value The value of the claim to map. |
string | |
| roles | Mapped roles The NSX roles that this particular claim value should map to. |
array of string |
ClasslessStaticRoute (schema) (Deprecated)
DHCP classless static route option
DHCP classless static route option.
| Name | Description | Type | Notes |
|---|---|---|---|
| network | Destination in CIDR Destination network in CIDR format. |
IPElement | Required |
| next_hop | Router IP address of next hop of the route. |
IPAddress | Required |
ClearPasswordActionParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | string | Enum: clear_password |
ClientAuthType (schema) (Deprecated)
client authentication mode
Client authentication could be REQUIRED or IGNORE.
REQUIRED means that client is required to present its
certificate to the server for authentication. To be accepted, client
certificate must be signed by one of the trusted Certificate
Authorities (CAs), also referred to as root CAs, whose self signed
certificates are specified in the same client SSL profile binding.
IGNORE means that client certificate would be ignored.
| Name | Description | Type | Notes |
|---|---|---|---|
| ClientAuthType | client authentication mode Client authentication could be REQUIRED or IGNORE. REQUIRED means that client is required to present its certificate to the server for authentication. To be accepted, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified in the same client SSL profile binding. IGNORE means that client certificate would be ignored. |
string | Deprecated Enum: REQUIRED, IGNORE |
ClientSslProfileBinding (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_chain_depth | the maximum traversal depth of client certificate chain authentication depth is used to set the verification depth in the client certificates chain. |
integer | Minimum: 1 Maximum: 2147483647 Default: "3" |
| client_auth | client authentication mode | ClientAuthType | Default: "IGNORE" |
| client_auth_ca_ids | CA identifier list to verify client certificate If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified. |
array of string | |
| client_auth_crl_ids | CRL identifier list to verify client certificate A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates. |
array of string | |
| default_certificate_id | default service certificate identifier A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension. |
string | Required |
| sni_certificate_ids | SNI certificate identifier list Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server. |
array of string | |
| ssl_profile_id | client SSL profile identifier Client SSL profile defines reusable, application-independent client side SSL properties. |
string |
ClientTypeCollectionConfiguration (schema)
HPM client data collection configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| client_type | Client Type The client type for which this data collection frequency setting applies |
string | Required Enum: HYPERVISOR, EDGE, CONTROL_PLANE, CONTROL_PLANE_PLATFORM, MANAGEMENT_PLANE, MANAGEMENT_PLANE_PLATFORM |
| data_type_configurations | Data type configurations The set of data collection type configurations, one for each data collection type |
array of DataTypeCollectionConfiguration | Required |
CloudNativeDeploymentAction (schema)
Action
Action to be perform on deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Deployment action Action can be deploy or undeploy. DEPLOY - Deploy NSX Application Platform charts. UNDEPLOY - Undeploy NSX Application Platform charts. REDEPLOY - Redeploy NSX Application Platform charts. UPDATE_FORMFACTOR - Upgrade NSX Application Platform charts. REDEPLOY_UPDATE_FORMFACTOR - Retry update NSX Application Platform charts. FORCE_UNDEPLOY - Undeploy forcefully. RESTART - Restart deployment. RESET - Reset deployment. RESET_BR_VERSION - Reset version during Backup/Restore. |
string | Required Enum: DEPLOY, UNDEPLOY, REDEPLOY, UPDATE_FORMFACTOR, REDEPLOY_UPDATE_FORMFACTOR, FORCE_UNDEPLOY, RESTART, RESET, RESET_BR_VERSION |
CloudNativeDeploymentConfig (schema)
Common configuration for NSX Application Platform deployments
Configuration for NSX Application Platform deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cluster_id | Kubernetes cluster id Unique id to identify kubernetes guest cluster. |
string | |
| deployment_action | Deployment action | CloudNativeDeploymentAction | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| kubeconf_info | Kubeconfig info Information about kubeconfig file. |
KubeconfigInfo | |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value CloudNativeDeploymentConfig | string | |
| storage_class | Storage class Kubernetes cluster storage class |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| version | Deployment version Deployment version in use. |
string |
CloudNativeServiceInstance (schema)
Stores the information about cloud native service instance.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External id of cloud native service instance in the system. Id of service instance fetched from public cloud. |
string | Required Readonly |
| resource_type | Must be set to the value CloudNativeServiceInstance | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| service_type | Type of cloud native service; possible values are ELB, RDS Type of cloud native service. |
string | Required Readonly |
| source | Reference of the public cloud gateway Reference of the public cloud gateway that reported the service instance. |
ResourceReference | Required Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CloudNativeServiceInstanceListRequestParameters (schema)
Request parameters to get list of cloud native service instances.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| display_name | Display Name of the cloud native service instance Name of cloud native service instance. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| service_type | Type of cloud native service; possible values are ELB, RDS Type of cloud native service. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| source | NSX node id of the public cloud gateway that reported the service instance NSX node id of the public cloud gateway that reported the service instance. |
string |
CloudNativeServiceInstanceListResult (schema)
Stores a list of cloud native service instances and information about them.
NSX supported service instances are currently limited to
Relational Database Service (RDS),Elastic Load Balancing (ELB).
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CloudNativeServiceInstance list results List of cloud native service instances |
array of CloudNativeServiceInstance | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterBackupInfo (schema)
Cluster backup details
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_address | IP address or FQDN of the node from which the backup was taken IP address or FQDN of the node which would be used for the restoration. This should be same as the one on which backup was taken |
string | Readonly Format: hostname-or-ip |
| ipv6_address | IPv6 address or FQDN v6 of the node from which the backup was taken IPv6 address or FQDN v6 of the node which would be used for the restoration. This should be same as the one on which backup was taken |
string | Readonly Format: hostname-or-ip |
| node_id | ID of the node from which the backup was taken | string | Required Readonly |
| restore_type | Type of restore allowed | array of string | Readonly Enum: REGULAR_RESTORE, POLICY_ONLY_RESTORE Default: "[]" |
| timestamp | timestamp of the cluster backup file | EpochMsTimestamp | Required Readonly |
ClusterBackupInfoListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of timestamps of backed-up cluster files | array of ClusterBackupInfo | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterCertificateId (schema)
Cluster Certificate ID
| Name | Description | Type | Notes |
|---|---|---|---|
| certificate_id | Certificate ID | string | Required |
ClusterConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cluster_id | Unique identifier of this cluster | string | Required Readonly |
| control_cluster_changes_allowed | True if control cluster nodes may be added or removed | boolean | |
| mgmt_cluster_changes_allowed | True if management cluster nodes may be added or removed | boolean | |
| nodes | Configuration of each node in cluster | array of ClusterNodeInfo |
ClusterConfiguration (schema)
Cluster configuration
The configuration of the NSX cluster. The cluster configuration consists of a list of cluster node attributes.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cluster_id | UUID of the cluster UUID of the cluster |
string | Readonly |
| config_version | Cluster configuration version Cluster configuration version. |
integer | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip6_address | Virtual IPv6 address, :: if not configured | string | |
| ip_address | Virtual IP address Virtual IP address, 0.0.0.0 if not configured. |
string | |
| nodes | Nodes in the cluster configuration Nodes in the cluster configuration. |
array of CbmClusterNode | Readonly |
| resource_type | Must be set to the value ClusterConfiguration | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ClusterControlPlane (schema)
Cluster Control Plane
Cluster control plane is a hierarchical extension of the NSX-T control plane.
It allows NSX to manage multiple clusters. There is an instance of cluster
control plane in each managed cluster. The cluster control plane is responsible
for the traffic management, span calculation and it can work on its own.
NSX-T central control plane distributes high-level network configurations
like security policies and groups to cluster control planes, and each
cluster control plane computes and realizes the configurations on the managed
cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| certificate | certificate for this cluster control plane This property should be afford in create process. |
string | |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildAntreaClusterInfo ChildAntreaHeartbeatConfig |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| node_id | Unique Id of the cluster control plane This property is used to identify the cluster control plane in NSX-T. This id should assigned by NSX-T in create process. |
string | |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ClusterControlPlane | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| vhc_path | vhc path for this cluster control plane This property should be afford in create process for VHC module requirement. |
string |
ClusterControlPlaneDeleteRequestParameters (schema)
Cluster Control Plane Delete Request Parameters
Cluster Control Plane delete request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cascade | Flag to indicate if force delete cluster references from the firewall security policies. | boolean | Default: "False" |
ClusterControlPlaneListRequestParameters (schema)
Cluster Control Plane List Request Parameters
Cluster Control Plane list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ClusterControlPlaneListResult (schema)
Cluster Control Plane queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Cluster Control Plane Results This property include all cluster control Plane in NSX-T. |
array of ClusterControlPlane | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterDpuConfig (schema)
Configuration of homogeneous cluster
Specifies configuration of a homogeneous cluster. If this property is set for a cluster,
which indicate that this is a homogenous cluster consisting of hosts running ESXio on data
processing unit (DPU) from a certain vendor.
| Name | Description | Type | Notes |
|---|---|---|---|
| vendor | Vendor of DPU Specifies the vendor of the data processing unit. |
string | Readonly |
ClusterGroupMemberStatus (schema)
Status of a group member
This type contains the attributes and status of a group member.
| Name | Description | Type | Notes |
|---|---|---|---|
| member_fqdn | FQDN of the group member | string | Readonly Format: hostname |
| member_ip | IP of the group member | string | Readonly Format: ip |
| member_ipv6 | IPv6 of the group member | string | Readonly Format: ip |
| member_status | Status of the group member | string | Readonly Enum: UP, DOWN, UNKNOWN |
| member_uuid | UUID of the group member | string | Readonly |
ClusterGroupServiceLeader (schema)
Leader for a service of the group
Each cluster node entity provides multiple services. When working in a group, each service can elect a cluster node entity to be the leader of the service. Leader election helps in coordination of the service. The leader holds a renewable lease on the leadership for a fixed period of time. The lease version is incremented every time the leadership lease is renewed. This type contains the attributes of a leader.
| Name | Description | Type | Notes |
|---|---|---|---|
| leader_uuid | Member UUID of the leader | string | Readonly |
| lease_version | Number of times the lease has been renewed | integer | Readonly |
| service_name | Name of the service | string | Readonly |
ClusterGroupStatus (schema)
Status of a group
This type contains the attributes and status of a group.
| Name | Description | Type | Notes |
|---|---|---|---|
| group_id | UUID of the group | string | Readonly |
| group_status | Group status | string | Readonly Enum: STABLE, DEGRADED, UNSTABLE, UNAVAILABLE |
| group_type | Type of the group | string | Readonly Enum: MANAGER, CONTROLLER, POLICY, HTTPS, DATASTORE, CLUSTER_BOOT_MANAGER, GLOBAL_MANAGER, ASYNC_REPLICATOR, MONITORING, IDPS_REPORTING, CORFU_NONCONFIG, CM-INVENTORY, MESSAGING-MANAGER |
| leaders | Array of group leaders and their attributes | array of ClusterGroupServiceLeader | Readonly |
| members | Array of group members and their statuses | array of ClusterGroupMemberStatus | Readonly |
ClusterInitializationNodeInfo (schema)
The type provides the information of a non-running cluster node required for the initialization of a management cluster. The administrator needs to start this node for management cluster to initialize properly (or decommission it explicitly).
| Name | Description | Type | Notes |
|---|---|---|---|
| disk_store_id | The (internal) disk-store ID of the member | string | Readonly |
| host_address | The IP address (or domain name) of the cluster node | string | Readonly |
ClusterMemberDetails (schema)
Group member details
Details of the member belonging to a Group
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | The Antrea cluster id of the pod | string | Required Readonly |
| cluster_name | The Antrea cluster name of the pod | string | Required Readonly |
| namespaces | array of NamespaceMemberDetails | Required |
ClusterNodeConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| appliance_mgmt_ipv6_listen_addr | The IPv6 address for the appliance management API service on this node | string | Readonly |
| appliance_mgmt_listen_addr | The IP and port for the appliance management API service on this node | string | Readonly |
| controller_role | ControllerClusterRoleConfig | ||
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | Internal identifier provided by the node | string | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| manager_role | ManagementClusterRoleConfig | ||
| resource_type | Must be set to the value ClusterNodeConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ClusterNodeConfigListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Cluster node configuration results | array of ClusterNodeConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterNodeInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| api_listen_addr | The IP and port for the public API service on this node | ServiceEndpoint | Readonly |
| appliance_connection_info | The IP, port and certificate for connecting to appliance. | ServiceEndpoint | Readonly |
| certificates | Certificate and thumbprint of all entities | array of NodeCertificateInfo | |
| control_plane_listen_addr | The IP and port for the control plane service on this node | ServiceEndpoint | Readonly |
| display_name | The display name of this node | string | |
| entities | Service endpoint of all entities | array of NodeEntityInfo | |
| fqdn | The fqdn of this node | string | |
| msg_clients | Messaging client of all entities | array of NodeMessagingClientInfo | |
| node_uuid | Unique identifier of this node | string | Required Readonly |
| status | Node clustering status | string | Required Readonly Enum: JOINING, JOINED, REMOVING, REMOVED |
ClusterNodeRole (schema)
Cluster node role
Enumerates the roles that can be specified in VM auto-deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| ClusterNodeRole | Cluster node role Enumerates the roles that can be specified in VM auto-deployment. |
string | Enum: CONTROLLER, MANAGER |
ClusterNodeStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| control_cluster_status | Clustering status for control plane functions on this node | ControlClusterNodeStatus | Readonly |
| mgmt_cluster_status | Clustering status for management plane functions on this node | ManagementClusterNodeStatus | Readonly |
| system_status | Node status properties | NodeStatusProperties | Readonly |
| version | Software version running on node | string | Readonly |
ClusterNodeVMDeletionParameters (schema)
Parameters for DeleteAutoDeployedClusterNodeVM
Parameters for deletion of a cluster node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| force_delete | Delete by force If true, the VM will be undeployed even if it cannot be removed from its cluster. |
boolean |
ClusterNodeVMDeploymentConfig (schema)
Configuration for deploying cluster node VM
Contains info used to configure the VM on deployment
| Name | Description | Type | Notes |
|---|---|---|---|
| placement_type | Type of deployment Specifies the config for the platform through which to deploy the VM |
string | Required Enum: VsphereClusterNodeVMDeploymentConfig |
ClusterNodeVMDeploymentRequest (schema)
Info for an auto-deployment request
Contains the deployment information for a cluster node VM soon to be
deployed or already deployed by the Manager
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_config | Deployment config for cluster node VM Info needed to configure a cluster node VM at deployment for a specific platform. May require different parameters depending on the method used to deploy the VM. |
ClusterNodeVMDeploymentConfig (Abstract type: pass one of the following concrete types) ClusterNodeVMDeploymentConfig VsphereClusterNodeVMDeploymentConfig |
Required |
| form_factor | Form factor for cluster node VMs Specifies the desired "size" of the VM |
ClusterNodeVMFormFactor | Default: "MEDIUM" |
| roles | Cluster node roles of the VM List of cluster node role (or roles) which the VM should take on. They specify what type (or types) of cluster node which the new VM should act as. Currently both CONTROLLER and MANAGER must be provided, since this permutation is the only one supported now. |
array of ClusterNodeRole | Required |
| user_settings | User settings for the VM Username and password settings for the cluster node VM. Passwords must be at least 12 characters in length and contain at least one lowercase, one uppercase, one numerical, and one special character. Note: These settings will be honored only during VM deployment. Post-deployment, CLI must be used for changing the user settings and changes to these parameters will not have any effect. |
NodeUserSettings | Required |
| vm_id | ID of VM used to recognize it ID of the VM maintained internally and used to recognize it. Note: This is automatically generated and cannot be modified. |
string | Readonly |
ClusterNodeVMDeploymentRequestList (schema)
ClusterNodeVMDeploymentRequest list
List of ClusterNodeVMDeploymentRequests
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Results Array of existing ClusterNodeVMDeploymentRequests |
array of ClusterNodeVMDeploymentRequest | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterNodeVMDeploymentStatusReport (schema)
Report of a VM's deployment status
Contains up-to-date information relating to an auto-deployed VM, including
its status and (potentially) an error message.
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_progress_state | Deployment progress state of node VM Detailed progress state of node VM deployment realization |
VMDeploymentProgressState | Readonly |
| failure_code | Error code for failure In case of auto-deployment-related failure, the code for the error will be stored here. |
integer | |
| failure_message | Error message for failure In case of auto-deployment-related failure, an error message will be stored here. |
string | |
| status | Auto-deployed VM's deployment status Status of the addition or deletion of an auto-deployed cluster node VM. |
string | Required Enum: UNKNOWN_STATE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, WAITING_TO_REGISTER_VM, VM_REGISTRATION_FAILED, VM_WAITING_TO_CLUSTER, VM_WAITING_TO_COME_ONLINE, VM_ONLINE_FAILED, VM_CLUSTERING_IN_PROGRESS, VM_CLUSTERING_FAILED, VM_CLUSTERING_SUCCESSFUL, WAITING_TO_UNDEPLOY_VM, VM_DECLUSTER_IN_PROGRESS, VM_DECLUSTER_FAILED, VM_DECLUSTER_SUCCESSFUL, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL |
ClusterNodeVMFormFactor (schema)
Supported VM form factor for cluster nodes
Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| ClusterNodeVMFormFactor | Supported VM form factor for cluster nodes Specifies the desired "size" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM. |
string | Enum: SMALL, MEDIUM, LARGE, XLARGE |
ClusterProfile (schema)
This is an abstract type. Concrete child types:
BridgeHighAvailabilityClusterProfile
EdgeHighAvailabilityProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ClusterProfile | ClusterProfileType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ClusterProfileListParameters (schema)
ClusterProfile List Parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_system_owned | Whether the list result contains system resources | boolean | Default: "True" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| resource_type | Type of cluster profile | ClusterProfileType | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ClusterProfileListResult (schema)
Cluster Profile queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Cluster Profile Results | array of ClusterProfile (Abstract type: pass one of the following concrete types) BridgeHighAvailabilityClusterProfile EdgeHighAvailabilityProfile |
Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ClusterProfileType (schema)
Supported cluster profiles.
| Name | Description | Type | Notes |
|---|---|---|---|
| ClusterProfileType | Supported cluster profiles. | string | Enum: EdgeHighAvailabilityProfile, BridgeHighAvailabilityClusterProfile |
ClusterProfileTypeIdEntry (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| profile_id | key value | string | Required |
| resource_type | ClusterProfileType |
ClusterRestoreStatus (schema)
Cluster restore status
| Name | Description | Type | Notes |
|---|---|---|---|
| allowed_actions | List of actions that are allowed. | array of string | Readonly Default: "[]" |
| backup_timestamp | Timestamp when backup was initiated in epoch millisecond | EpochMsTimestamp | Readonly |
| endpoints | The list of allowed endpoints, based on the current state of the restore process | array of ResourceLink | Required Readonly |
| id | Unique id for backup request | string | Readonly |
| instructions | Instructions for users to reconcile Restore operations | array of InstructionInfo | Readonly |
| not_allowed_actions | List of actions that are not allowed | array of string | Readonly Enum: VC_UPDATES Default: "[]" |
| restore_end_time | Timestamp when restore was completed in epoch millisecond | EpochMsTimestamp | Readonly |
| restore_start_time | Timestamp when restore was started in epoch millisecond | EpochMsTimestamp | Readonly |
| status | GlobalRestoreStatus | ||
| step | RestoreStep | ||
| total_steps | Total number of steps in the entire restore process | integer | Readonly |
ClusterRestoreStatusRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| restore_component | string | Readonly Enum: LOCAL_MANAGER, GLOBAL_MANAGER Default: "LOCAL_MANAGER" |
ClusterRoleConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| type | Type of this role configuration | string | Required Readonly Enum: ManagementClusterRoleConfig, ControllerClusterRoleConfig |
ClusterStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | Unique identifier of this cluster | string | Readonly |
| control_cluster_status | The current status of the control cluster | ControllerClusterStatus | Deprecated Readonly |
| detailed_cluster_status | Status of all the cluster groups | AllClusterGroupStatus | Readonly |
| mgmt_cluster_status | The current status of the management cluster | ManagementClusterStatus | Deprecated Readonly |
ClusterVirtualIpProperties (schema)
Cluster virtual IP properties
| Name | Description | Type | Notes |
|---|---|---|---|
| force | On enable it ignores duplicate address detection and DNS lookup validation check | string | Enum: true, false Default: "false" |
| ip6_address | Virtual IPv6 address, :: if not configured | string | |
| ip_address | Virtual IP address, 0.0.0.0 if not configured | string |
ClusteringConfig (schema)
Configuration for VM's clustering
Configuration for automatically joining a cluster node to the
cluster after it is deployed. ClusteringConfig is required
if any of the deployment nodes has CONTROLLER role.
| Name | Description | Type | Notes |
|---|---|---|---|
| clustering_type | Type for the clustering config Specifies the type of clustering config to be used. |
string | Required Enum: ControlClusteringConfig |
ClusteringInfo (schema)
Clustering parameters for the controller cluster
| Name | Description | Type | Notes |
|---|---|---|---|
| join_to_existing_cluster | True If the controller node should join an existing cluster Property to indicate if the node must join an existing cluster. |
boolean | Required |
| shared_secret | Shared Secret of the cluster Shared secret of the cluster. |
secure_string | Required |
ClusteringStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| ClusteringStatus | string | Enum: CONNECTED, DISCONNECTED, UNKNOWN |
ClustersAggregateInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_status | Status of all the cluster groups | AllClusterGroupStatus | |
| controller_cluster | Array of Controller Nodes | array of ControllerNodeAggregateInfo | Required |
| management_cluster | Array of Management Nodes | array of ManagementNodeAggregateInfo | Required |
CmThumbprintHashingConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| hashing_algorithm_type | Algorithm type for thumbprint hashing This specifies the hashing algorithm to be used for stamping NSX manager thumbprint in compute manager extension. e.g. When a vCenter is registered as compute manager, thumbprint of NSX manager certificate is stamped in NSXT extension on vCenter. If algorithm type is SHA1, then SHA1 thumbprint of NSX manager API certificate is stamped. If algorithm type is SHA256, then SHA256 thumbprint of NSX manager certificate is stamped. Changing this setting to SHA256 will result in communication issues between WCP component in VC and NSX manager. Hence it is recommended not to use SHA256 if VC WCP feature is being used with NSX. |
string | Required Enum: SHA1, SHA256 |
CollectConfigWorkflowSpec (schema)
Collect Config Workflow spec
Collect config for the requested workflow spec.
| Name | Description | Type | Notes |
|---|---|---|---|
| type | Must be set to the value CollectConfigWorkflowSpec | WorkflowSpecType | Required |
| workflow_resource | WorkflowResource (Abstract type: pass one of the following concrete types) DvpgAndSegmentWorkflowResource DvpgWorkflowResource SegmentAndBridgeProfileWorkflowResource SegmentWorkflowResource VcWorkflowResource VmGroupWorkflowResource |
Required |
ColorCode (schema)
Color code
Color code.
| Name | Description | Type | Notes |
|---|---|---|---|
| ColorCode | Color code Color code. |
string | Enum: GREEN, YELLOW, RED |
ColoredMessage (schema)
A message with a color
A message with a color that shows the message's severity or priority.
| Name | Description | Type | Notes |
|---|---|---|---|
| color | The message color that shows the message's severity or priority The message color that shows the message's severity or priority. |
ColorCode | Readonly Default: "YELLOW" |
| message | A string message A string message. |
string | Readonly |
ColumnItem (schema)
Grid Column
Represents a column of the Grid
| Name | Description | Type | Notes |
|---|---|---|---|
| column_identifier | Identifier for this column Identifies the column and used for fetching content upon an user click or drilldown. If column identifier is not provided, the column's data will not participate in searches and drilldowns. |
string | |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. |
string | Maximum length: 255 |
| field | Column Field Field from which values of the column will be derived. |
string | Required Maximum length: 1024 |
| hidden | Hide the column If set to true, hides the column |
boolean | Default: "False" |
| label | Column Label Label of the column. |
Label | Required |
| navigation | Navigation to a specified UI page Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used. |
string | Maximum length: 1024 |
| render_configuration | Render Configuration Render configuration to be applied, if any. |
array of RenderConfiguration | |
| sort_ascending | Represents order of sorting the values If true, the value of the column are sorted in ascending order. Otherwise, in descending order. |
boolean | Default: "True" |
| sort_key | Key for sorting on this column Sorting on column is based on the sort_key. sort_key represents the field in the output data on which sort is requested. |
string | Maximum length: 255 |
| tooltip | Multi-line tooltip Multi-line text to be shown on tooltip while hovering over a cell in the grid. |
array of Tooltip | |
| type | Field data type Data type of the field. |
string | Required Enum: String, Number, Date Maximum length: 255 Default: "String" |
CommonAgentEndpointInfo (schema)
NSX Application Platform Kafka/ingress endpoints
An endpoint to connect to Kafka/ingress of the NSX Application Platform.
Either FQDN or IP address can be used in the endpoint info.
| Name | Description | Type | Notes |
|---|---|---|---|
| address | address The IP address or the full qualified domain name of Kafka broker/ingress. |
string | Required Format: hostname-or-ip |
| port | port number The port number where the broker is listening to. |
integer | Minimum: 1 Maximum: 65535 |
CommonAgentHostConfigurationInfo (schema)
NSX Application Platform Common Agent host configuration
NSX Application Platform Common Agent configuration that can be applied to host nodes.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ingress_certificate | Broker certificate A ingress certificate to verify the identity of brokers. |
string | |
| ingress_endpoint | List of NSX Application Platform ingress endpoints List of NSX Application Platform ingress endpoints that host nodes contact initially. |
array of CommonAgentEndpointInfo | |
| kafka_certificate | Broker certificate A Kafka broker certificate to verify the identity of brokers. |
string | |
| kafka_endpoint | List of NSX Application Platform Kafka broker endpoints List of NSX Application Platform broker endpoints that host nodes contact initially. |
array of CommonAgentEndpointInfo | |
| nsx_cluster_id | Cluster id of the NSX Manager cluster Cluster id of the NSX Manager cluster. |
string | |
| private_ip_range | List of private IP prefix List of private IP prefix that NSX Application Platform Common Agent network flow is collected from. |
array of CommonAgentPrivateIpRangeInfo | |
| resource_type | Must be set to the value CommonAgentHostConfigurationInfo | string | |
| site_id | Site id of the local manager Site id of the local manager. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| truststore | truststore A truststore to establish the trust between NSX and NSX Application Platform. |
string |
CommonAgentPrivateIpRangeInfo (schema)
NSX Application Platform Common Agent private IP prefix
An IP prefix to mark the private network that NSX Application Platform Common Agent
network flow is collected from.
| Name | Description | Type | Notes |
|---|---|---|---|
| address | IP address The prefix of IP address that marks the range of private network. |
IPAddress | Required |
| address_type | IP address type The type of IP address. |
string | Required Enum: IPV4, IPV6 |
| prefix_length | IP prefix length The length of IP address prefix that marks the range of private network. |
integer | Required Minimum: 1 Maximum: 128 |
CommonUploadFile (schema)
To upload kubeconfig or Kubernetes tools
To upload file content example kubeconfig or Kubernetes tools.
| Name | Description | Type | Notes |
|---|---|---|---|
| file | File to upload Kubeconfig or Kubernetes tools file to be imported. |
multipart_file | Required |
CommunicationEntry (schema) (Deprecated)
A communication entry specifies the security policy between the workload groups
A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| action | Action The action to be applied to all the services. |
string | Enum: ALLOW, DROP, REJECT |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_groups | Destination group paths We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| direction | Direction Define direction of traffic. |
string | Enum: IN, OUT, IN_OUT Default: "IN_OUT" |
| disabled | Flag to deactivate the rule Flag to deactivate the rule. Default is activated. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| logged | Enable logging flag Flag to enable packet logging. Default is deactivated. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| notes | Text for additional notes on changes Text for additional notes on changes. |
string | |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value CommunicationEntry | string | |
| scope | The list of policy paths where the communication entry is applied
Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied on multiple LRs/LRPs. |
array of string | Maximum items: 128 |
| sequence_number | Sequence number of the this CommunicationEntry This field is used to resolve conflicts between multiple CommunicationEntries under CommunicationMap for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple communication entries with the same sequence number then their order is not deterministic. If a specific order of communication entry is desired, then one has to specify unique sequence numbers or use the POST request on the communication entry entity with a query parameter action=revise to let the framework assign a sequence number |
int | |
| services | Names of services In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| source_groups | Source group paths We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| tag | Tag applied on the communication entry User level field which will be printed in CLI and packet logs. |
string | Maximum length: 32 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CommunicationEntryInsertParameters (schema) (Deprecated)
Parameters to tell where communication entry needs to be placed
Parameters to let the admin specify a relative position of a communication
entry w.r.t to another one in the same communication map. If the
communication entry specified in the anchor_path belongs to another
communication map an error will be thrown
This type is deprecated. Use the type RuleInsertParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| anchor_path | The communication map/communication entry path if operation is 'insert_after' or 'insert_before' | string | |
| operation | Operation | string | Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top" |
CommunicationEntryListRequestParameters (schema) (Deprecated)
CommunicationEntry list request parameters
This type is deprecated. Use the type RuleListRequestParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
CommunicationEntryListResult (schema) (Deprecated)
Paged Collection of CommunicationEntries
This type is deprecated. Use the type RuleListResult instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CommunicationEntry list results | array of CommunicationEntry | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CommunicationInsertParameters (schema) (Deprecated)
Parameters to tell where communication map/communication entry
needs to be placed
Parameters to let the admin specify a relative position of a communication
map or communication entry w.r.t to another one.
This type is deprecated. Use the type RuleInsertParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| anchor_path | The communication map/communication entry path if operation is 'insert_after' or 'insert_before' | string | |
| operation | Operation | string | Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top" |
CommunicationMap (schema) (Deprecated)
Contains ordered list of CommunicationEntries
Ordered list of CommunicationEntries. This object is created by default
along with the Domain.
This type is deprecated. Use the type SecurityPolicy instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| category | A way to classify a communication map, if needed. - Distributed Firewall - Policy framework for Distributed Firewall provides four pre-defined categories for classifying a communication map. They are "Emergency", "Infrastructure", "Environment" and "Application". Amongst the layer 3 communication maps,there is a pre-determined order in which the policy framework manages the priority of these communication maps. Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a communication map into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four layer 3 categories. |
string | |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildCommunicationEntry |
|
| communication_entries | CommunicationEntries that are a part of this CommunicationMap | array of CommunicationEntry | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| precedence | Precedence to resolve conflicts across Domains This field is used to resolve conflicts between communication maps across domains. In order to change the precedence of a communication map one can fire a POST request on the communication map entity with a query parameter action=revise The precedence field will reflect the value of the computed precedence upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several communication maps, the only way to set the precedence is to explicitly specify the precedence number for each communication map. If no precedence is specified in the payload, a value of 0 is assigned by default. If there are multiple communication maps with the same precedence then their order is not deterministic. If a specific order of communication map is desired, then one has to specify a unique precedence or use the POST request on the communication map entity with a query parameter action=revise to let the framework assign a precedence |
int | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value CommunicationMap | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CommunicationMapInsertParameters (schema) (Deprecated)
Parameters to tell where communication map needs to be placed
Parameters to let the admin specify a relative position of a communication
map w.r.t to another one.
This type is deprecated. Use the type SecurityPolicyInsertParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| anchor_path | The communication map/communication entry path if operation is 'insert_after' or 'insert_before' | string | |
| operation | Operation | string | Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top" |
CommunicationMapListRequestParameters (schema) (Deprecated)
CommunicationMap list request parameters
This type is deprecated. Use the type SecurityPolicyListRequestParameters instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
CommunicationMapListResult (schema) (Deprecated)
Paged Collection of Communication map
This type is deprecated. Use the type SecurityPolicyListResult instead.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CommunicationMap list results | array of CommunicationMap | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CommunityList (schema)
Community list for BGP routing configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| communities | List of BGP community entries List of BGP community entries. Both standard and large communities are supported. Standard community format: aa:nn where aa and nn must be within the range [1 - 65536]. Large BGP Community format: aa:bb:nn where aa (Global Administrator), bb (Local Data Part 1) and nn (Local Data Part 2) must be within the range [1 - 4294967295]. In additon to numbered communites (e.g. 3356:2040), predefined communities (NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED) are supported. |
array of string | Required Minimum items: 1 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value CommunityList | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CommunityListListResult (schema)
Paged collection of CommunityLists
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CommunityList results | array of CommunityList | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CommunityMatchCriteria (schema)
Match criteria based on a community list
| Name | Description | Type | Notes |
|---|---|---|---|
| criteria | Match criteria based on community list path or a regular expression Match criteria specified as a community list path or a regular expression. |
string | Required |
| match_operator | Match operator for community list entries Match operator for community list entries. Not valid when a regular expression is specified for criteria. |
string | Enum: MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_COMMUNITY_REGEX, MATCH_LARGE_COMMUNITY_REGEX |
CommunityMatchExpression (schema)
Community match expression
| Name | Description | Type | Notes |
|---|---|---|---|
| expression | Array of community match operations | array of CommunityMatchOperation | Required |
| operator | Operator Operator for evaluating community match expressions. AND logical AND operator |
string | Readonly Enum: AND |
CommunityMatchOperation (schema)
Community match operation
| Name | Description | Type | Notes |
|---|---|---|---|
| community_list_id | Community list id ID of BGP community list. This value is not required when match_operator is MATCH_REGEX otherwise required. |
string | |
| match_operator | Match operator Match operator for communities from provided community list id. MATCH_ANY will match any community MATCH_ALL will match all communities MATCH_EXACT will do exact match on community MATCH_NONE [operator not supported] will not match any community MATCH_REGEX will match normal communities by evaluating regular expression MATCH_LARGE_COMMUNITY_REGEX will match large communities by evaluating regular expression |
string | Enum: MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_NONE, MATCH_REGEX, MATCH_LARGE_COMMUNITY_REGEX Default: "MATCH_ANY" |
| regular_expression | Regular expression Regular expression to match BGP communities. If match_operator is MATCH_REGEX then this value must be specified. |
string |
ComponentConditionItem (schema)
Antrea Component condition
This indicate component health condition and the reason why not healthy.
| Name | Description | Type | Notes |
|---|---|---|---|
| condition_type | Antrea Component condition type Indicate which component condition it is. |
ComponentConditionType | Readonly |
| last_heartbeat_time | Last heartbeat time Time unit is millisecond. |
EpochMsTimestamp | |
| message | Antrea Component condition message Additional condition information. |
string | |
| reason | Reason of unhealthy status Indicate why not healthy. |
string | |
| status | Component condition status Indicate healthy or unhealthy. |
ConditionStatus |
ComponentConditionType (schema)
Antrea Component condition
Antrea Component condition names collection.
| Name | Description | Type | Notes |
|---|---|---|---|
| ComponentConditionType | Antrea Component condition Antrea Component condition names collection. |
string | Enum: CONTROLLER_HEALTHY, MP_ADAPTER_HEALTHY, MP_CONNECTED, CCP_ADAPTER_HEALTHY, CCP_SESSION_STATE_UP |
ComponentMigrationStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| can_skip | Can the migration of the remaining units in this component be skipped | boolean | Readonly |
| component_type | Component type for the migration status | string | Readonly |
| details | Details about the migration status | string | Readonly |
| percent_complete | Indicator of migration progress in percentage | number | Required Readonly |
| status | Migration status of component | string | Required Readonly Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED |
ComponentStatus (schema)
Antrea Component status
Antrea Component status enum. If lose connection, status will be UNKNOWN
| Name | Description | Type | Notes |
|---|---|---|---|
| ComponentStatus | Antrea Component status Antrea Component status enum. If lose connection, status will be UNKNOWN |
string | Enum: HEALTHY, DEGRADED, FAILED, UNKNOWN |
ComponentTargetVersion (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | string | Required Readonly |
|
| target_version | string | Required Readonly |
ComponentTypeListRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | Component type on which the action is performed or on which the results are filtered | string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ComponentUpgradeChecksInfo (schema)
Meta-data of pre/post-upgrade checks for a component
Meta-data of pre/post-upgrade checks for a component
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | Component type Component type of the pre/post-upgrade checks |
string | Required |
| post_upgrade_checks_info | Collection of post-upgrade checks | array of UpgradeCheckInfo | |
| pre_upgrade_checks_info | Collection of pre-upgrade checks | array of UpgradeCheckInfo |
ComponentUpgradeChecksInfoListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Collection of info of pre/post-upgrade checks for components | array of ComponentUpgradeChecksInfo | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComponentUpgradeStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| can_rollback | Can perform rollback This field indicates whether we can perform upgrade rollback. |
boolean | Readonly |
| can_skip | Can the upgrade of the remaining units in this component be skipped | boolean | Readonly |
| component_type | Component type for the upgrade status | string | Readonly |
| current_version_node_summary | Mapping of current versions of nodes and counts of nodes at the respective versions. | NodeSummaryList | Readonly |
| details | Details about the upgrade status | string | Readonly |
| node_count_at_target_version | Count of nodes at target component version Number of nodes of the type and at the component version |
int | Readonly |
| percent_complete | Indicator of upgrade progress in percentage | number | Required Readonly |
| pre_upgrade_status | Pre-upgrade status of the component-type | UpgradeChecksExecutionStatus | Readonly |
| status | Upgrade status of component | string | Required Readonly Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED |
| target_component_version | Target component version | string | Readonly |
ComputeClusterIdfwConfiguration (schema)
Compute cluster idfw configuration
Idfw configuration for activate/deactivate idfw on cluster level.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| cluster_idfw_enabled | Idfw enabled flag If set to true, idfw is enabled for this cluster |
boolean | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| is_stale | Cluster stale flag If set to true, this cluster has been deleted from NSX. |
boolean | Readonly |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| member | PolicyResourceReference Contains actual policy resource reference object |
PolicyResourceReference | Required |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ComputeClusterIdfwConfiguration | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ComputeClusterIdfwConfigurationListRequestParameters (schema)
Compute cluster idfw configuration request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ComputeClusterIdfwConfigurationListResult (schema)
Paged collection of compute cluster idfw configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Compute cluster wise identity firewall configuration list results | array of ComputeClusterIdfwConfiguration | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComputeCollection (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cm_local_id | Local Id of the compute collection in the Compute Manager | string | Required Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dpu_config | Configuration of homogeneous cluster Specifies property related to cluster homogeneity for SmartNic |
ClusterDpuConfig | Readonly |
| external_id | External ID of the ComputeCollection in the source Compute manager, e.g. mo-ref in VC | string | Required Readonly |
| origin_id | Id of the compute manager from where this Compute Collection was discovered | string | Required Readonly |
| origin_properties | Key-Value map of additional specific properties of compute collection in the Compute Manager | array of KeyValuePair | Readonly |
| origin_type | ComputeCollection type like VC_Cluster. Here the Compute Manager type prefix would help in differentiating similar named Compute Collection types from different Compute Managers | string | Required Readonly |
| owner_id | Id of the owner of compute collection in the Compute Manager | string | Readonly |
| owner_nsx | Specifies owner nsx of the compute collection Specifies owner nsx of the compute collection. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when compute collection prepared by that nsx. OTHER applies to when compute collection prepared by other nsx. MULTIPLE applies to when compute collection tried to prepare by multiple nsx at a time. NONE applies to when compute collection is not prepared by any nsx. |
string | Readonly Enum: SELF, OTHER, MULTIPLE, NONE |
| resource_type | Must be set to the value ComputeCollection | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ComputeCollectionAction (schema)
Compute collection action parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Supported actions on compute-collection For Compute collection, the supported actions are: - remove_nsx: removes NSX from the cluster |
string | Enum: remove_nsx |
ComputeCollectionListRequestParameters (schema)
Compute Collection list parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cm_local_id | Local Id of the compute collection in the Compute Manager | string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| discovered_node_id | Id of the discovered node which belongs to this Compute Collection | string | |
| display_name | Name of the ComputeCollection in source compute manager | string | |
| external_id | External ID of the ComputeCollection in the source Compute manager, e.g. mo-ref in VC | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| node_id | Id of the fabric node created from a discovered node belonging to this Compute Collection | string | |
| origin_id | Id of the compute manager from where this Compute Collection was discovered | string | |
| origin_type | ComputeCollection type like VC_Cluster. Here the Compute Manager type prefix would help in differentiating similar named Compute Collection types from different Compute Managers | string | |
| owner_id | Id of the owner of compute collection in the Compute Manager | string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ComputeCollectionListResult (schema)
Compute Collection list result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Compute Collection list results | array of ComputeCollection | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComputeCollectionNetworkInterfacesListResult (schema)
ComputeCollection Interfaces List Result
List of network interfaces for all discovered nodes in compute collection
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Discovered node network interfaces List of discovered node with network interfaces |
array of DiscoveredNodeNetworkInterfaces | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComputeManager (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| access_level_for_oidc | Specifies access level to NSX from the compute manager Specifies the maximum access level allowed for calls from compute manager to NSX using the OIDC provider. |
string | Enum: FULL, LIMITED Default: "FULL" |
| create_service_account | Specifies whether service account is created or not on compute manager Enable this flag to create service account user on compute manager. This is required by features such as vSphere Lifecycle Manager for authentication with vAPIs from nsx. |
boolean | Default: "False" |
| credential | Login credentials for the compute manager Supported credential types are 'UsernamePasswordLoginCredential', 'SamlTokenLoginCredential', 'SessionLoginCredential'. VerifiableAsymmetricLoginCredential is used for internal purpose only. |
LoginCredential (Abstract type: pass one of the following concrete types) LoginCredential SamlTokenLoginCredential SessionLoginCredential UsernamePasswordLoginCredential VerifiableAsymmetricLoginCredential |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| extension_certificate | Specifies certificate for compute manager extension Specifies certificate for compute manager extension registered on vCenter. |
CertificateData | |
| id | Unique identifier of this resource | string | Sortable |
| multi_nsx | Specifies whether multi nsx feature is enabled for compute manager Enable this flag to manage same compute manager by multiple nsx. |
boolean | Default: "False" |
| origin_properties | Key-Value map of additional specific properties of compute manager | array of KeyValuePair | Readonly |
| origin_type | Compute manager type like vCenter | string | Required |
| resource_type | Must be set to the value ComputeManager | string | |
| reverse_proxy_https_port | Proxy https port of compute manager Specifies https port of the reverse proxy to connect to compute manager. For e.g. In case of VC, this port can be retrieved from this config file /etc/vmware-rhttpproxy/config.xml. |
integer | Minimum: 1 Maximum: 65535 Default: "443" |
| server | IP address or hostname of compute manager | string | Required Format: hostname-or-ip |
| set_as_oidc_provider | Specifies whether compute manager has been set as OIDC provider If the compute manager is VC and need to set set as OIDC provider for NSX then this flag should be set as true. This is specific to wcp feature, should be enabled when this feature is being used. |
boolean | Default: "False" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ComputeManagerListRequestParameters (schema)
Compute manager list parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| origin_type | Compute manager type like vCenter | string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| server | IP address or hostname of compute manager | string | Format: hostname-or-ip |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ComputeManagerListResult (schema)
List of compute managers
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of compute managers | array of ComputeManager | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ComputeManagerStatus (schema)
Runtime status information of the compute manager
| Name | Description | Type | Notes |
|---|---|---|---|
| connection_errors | Errors when connecting with compute manager | array of ErrorInfo | Readonly |
| connection_status | Status of connection with the compute manager | string | Readonly Enum: UP, DOWN, CONNECTING |
| connection_status_details | Details about connection status | string | Readonly |
| last_sync_time | Timestamp of the last successful update of Inventory, in epoch milliseconds. | EpochMsTimestamp | Readonly |
| oidc_end_point_id | Specifies Id of corresponding OidcEndPoint If Compute manager is trusted as authorization server, then this Id will be Id of corresponding oidc end point. |
string | Readonly |
| registration_errors | Errors when registering with compute manager | array of ErrorInfo | Readonly |
| registration_status | Registration status of compute manager | string | Readonly Enum: REGISTERED, UNREGISTERED, REGISTERING, REGISTERED_WITH_ERRORS |
| version | Version of the compute manager | string | Readonly |
ComputeManagerTopology (schema)
Details where NVDS will be migrated to
| Name | Description | Type | Notes |
|---|---|---|---|
| compute_manager_id | Identifier of vcenter where VDS will be created | string | Required |
| dvswitch | Datacenter, VDS mapping | array of VdsTopology | Required |
Condition (schema)
Represents the leaf level condition
Represents the leaf level condition. Evaluation of the condition expression
will be case insensitive.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| exclude | Members to be excluded from the condition List of members to be excluded from the condition. This field is applicable only for condition representing the list of malicious IPs. Only IPAddressExpression and PathExpression are supported. The PathExpression should have paths of Groups that of the group_type IPAddress. Multiple PathExpressions are not supported here. |
ExcludedMembersList | |
| id | Unique identifier of this resource | string | Sortable |
| key | Key | string | Required Enum: Tag, Name, OSName, ComputerName, NodeType, GroupType, ALL, IPAddress, PodCidr |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| member_type | Group member type For global groups (groups created from Global Manager), the supported Member Types are - VirtualMachine, Segment, SegmentPort, Group, DVPG and DVPort. For local groups (groups created on the local policy manager), the supported member types are IPSet, VirtualMachine, LogicalPort, LogicalSwitch, Segment, SegmentPort, Pod, Service, Namespace, TransportNode, Group, DVPG, DVPort, KubernetesCluster, KubernetesNamespace, AntreaEgress, AntreaIPPool, KubernetesIngress, KubernetesGateway, KubernetesService and KubernetesNode. |
string | Required Enum: IPSet, VirtualMachine, LogicalPort, LogicalSwitch, Segment, SegmentPort, Pod, Service, Namespace, TransportNode, Group, DVPG, DVPort, IPAddress, VpcSubnet, KubernetesCluster, KubernetesNamespace, AntreaEgress, AntreaIPPool, KubernetesIngress, KubernetesGateway, KubernetesService, KubernetesNode, VpcSubnetPort |
| operator | operator Operator is made non-mandatory to support Segment and SegmentPort tag based expression. To evaluate expression for other types, operator value should be provided. |
string | Enum: EQUALS, CONTAINS, STARTSWITH, ENDSWITH, NOTEQUALS, NOTIN, MATCHES, IN |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value Condition | string | Required Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression |
| scope_operator | operator Default operator when not specified explicitly would be considered as EQUALS. If value for Condition is empty, then condition will not be evaluated. For example, Condition with key as Tag and value as "|tag" would be evaluated for tag value not for empty scope value. |
string | Enum: EQUALS, NOTEQUALS |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| value | Value | string | Required Minimum length: 1 |
ConditionStatus (schema)
Antrea Component condition status
Antrea Component condition status shared by all component condition.
| Name | Description | Type | Notes |
|---|---|---|---|
| ConditionStatus | Antrea Component condition status Antrea Component condition status shared by all component condition. |
string | Enum: HEALTHY, UNHEALTHY |
ConditionalForwarderZone (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| domain_names | Domain names of a forwarder zone A forwarder domain name should be a valid FQDN. If reverse lookup is needed for this zone, reverse lookup domain name like X.in-addr.arpa can be defined. Here the X represents a subnet. |
array of string | Required Minimum items: 1 Maximum items: 100 |
| source_ip | Source ip of the forwarder The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used. |
IPv4Address | |
| upstream_servers | Ips of upsteam DNS servers Ip address of the upstream DNS servers the DNS forwarder accesses. |
array of IPv4Address | Required Minimum items: 1 Maximum items: 3 |
ConditionalValueConstraintExpression (schema)
Represents the leaf level conditional value constraint.
Represents the leaf level expression to restrict the target attribute value
based on the set of existing values. Generally, used in combination with
RelatedAttributeConditionalExpression to constraint the values related to
another attribute on the same resource. This object is always used in
conjunction with some exression.
Example -
{
"condition" : {
"operator":"INCLUDES",
"rhs_value": ["/infra/domains/mgw/groups/VCENTER", "/infra/domains/mgw/groups/SRM", "/infra/domains/mgw/groups/NSX"],
"value_constraint": {
"resource_type": "ValueConstraintExpression",
"operator":"EXCLUDES",
"values":["/infra/domains/mgw/groups/VCENTER", "/infra/domains/mgw/groups/SRM", "/infra/domains/mgw/groups/NSX"]
}
}
| Name | Description | Type | Notes |
|---|---|---|---|
| operator | Set operation to constraint values. INCLUDES_ANY operator supported only for StringArrayConstraintValue |
string | Required Enum: INCLUDES, INCLUDES_ANY, EXCLUDES, EQUALS |
| rhs_value | Array of values to perform operation. List of values. |
array of string | |
| rhs_value_with_type | Array of values to perform operation. List of values. |
ConstraintValue (Abstract type: pass one of the following concrete types) CidrArrayConstraintValue IntegerArrayConstraintValue StringArrayConstraintValue |
|
| value_constraint | Value Constraint Values to apply the conditional constraint on target. |
ValueConstraintExpression | Required |
ConfigState (schema)
Config State
Configuration State. | SANDBOXED_REALIZATION_PENDING - This is applicable to only Global intent in the NSX+ platform. The intent in this state indicates that the Global intent is having a conflict with local intent in the corresponding site and it is sandboxed in an intent logical store. Also the realization is pending until the conflict is resolved. Policy Alarm will be genereated and notified to the NSX+ admin to alert the user to take action to resolve the conflicts.
| Name | Description | Type | Notes |
|---|---|---|---|
| ConfigState | Config State Configuration State. | SANDBOXED_REALIZATION_PENDING - This is applicable to only Global intent in the NSX+ platform. The intent in this state indicates that the Global intent is having a conflict with local intent in the corresponding site and it is sandboxed in an intent logical store. Also the realization is pending until the conflict is resolved. Policy Alarm will be genereated and notified to the NSX+ admin to alert the user to take action to resolve the conflicts. |
string | Enum: SUCCESS, IN_PROGRESS, ERROR, UNKNOWN, UNINITIALIZED, SANDBOXED_REALIZATION_PENDING |
ConfigType (schema)
Config Type
| Name | Description | Type | Notes |
|---|---|---|---|
| ConfigType | Config Type | string | Enum: nsxa-state, nsxa-edge-cluster, nsxa-lrouter, nsxa-service-router, nestdb, edge-agent, dataplane, nsd, manager, controller, core |
ConfigurationState (schema)
Describes status of configuration of an entity
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
ConfigurationStateElement (schema)
Describes status of configuration of an entity
| Name | Description | Type | Notes |
|---|---|---|---|
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| state | State of configuration on this sub system | string | Required Readonly Enum: in_progress, success, failed, partial_success, in_sync, VM_DEPLOYMENT_FAILED, VM_POWER_ON_FAILED, VM_POWER_OFF_FAILED, VM_UNDEPLOY_FAILED, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, EDGE_CONFIG_ERROR, REGISTRATION_FAILED, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_NETWORK_EDIT_PENDING, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, NOT_AVAILABLE, REGISTRATION_TIMEDOUT, ADVANCED_CONFIG_EDIT_FAILED, VM_RESOURCE_RESERVATION_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, pending, orphaned, unknown, error, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_POWER_ON_IN_PROGRESS, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_SUCCESSFUL, VM_DEPLOYMENT_RESTARTED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_READY, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, ADVANCED_CONFIG_EDIT_PENDING, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_FOR_NON_LCM_EDGE, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_IN_PROGRESS, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
| sub_system_address | URI of backing resource on sub system | string | Readonly |
| sub_system_id | Identifier of backing resource on sub system | string | Readonly |
| sub_system_name | Name of backing resource on sub system | string | Readonly |
| sub_system_type | Type of backing resource on sub system | string | Readonly |
ConjunctionOperator (schema)
Represents the operators AND or OR
Represents the operators AND or OR.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| conjunction_operator | Conjunction Operator Node | string | Required Enum: OR, AND |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ConjunctionOperator | string | Required Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ConnectivityAdvancedConfig (schema)
Advanced configuration for Policy connectivity
| Name | Description | Type | Notes |
|---|---|---|---|
| connectivity | Connectivity configuration Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity. |
string | Enum: ON, OFF Default: "ON" |
ConsolidatedAPIListRequestParameters (schema)
Consolidated effective IP addresses API list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| ip_filter | An IPAddress or subnet for filtering the results. This filter can be used to verify an ip membership in the effective results |
IPElement | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| site_id | UUID of the site from which the effective IP addresses are to be fetched | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ConsolidatedEffectiveIPAddressMemberListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of site wise consolidated effective ip addresses for the given NSGroup | array of EffectiveIPInfo | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ConsolidatedEffectiveIPListRequestParameters (schema)
Consolidated API Realization list request params
List request params for the pass through type api that get data from the
Enforcement point. Enforcement point is mandatory for this request.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point The path of the enforcement point on which the API needs to be executed. Forward slashes must be escaped using %2F. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| ip_filter | An IPAddress or subnet for filtering the results. This filter can be used to verify an ip membership in the effective results |
IPElement | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| site_id | UUID of the site from which the effective IP addresses are to be fetched | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ConsolidatedRealizedStatus (schema)
Consolidated Realized Status for an Intent Object
Consolidated Realized Status of an intent object across enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| consolidated_status | Consolidated Realized Status Consolidated Realized Status across enforcement points. |
ConsolidatedStatus | Readonly |
| consolidated_status_per_enforcement_point | List of Consolidated Realized Status per Enforcement Point List of Consolidated Realized Status per enforcement point. |
array of ConsolidatedStatusPerEnforcementPoint | Readonly |
| intent_path | String Path of the intent object Intent path of object, forward slashes must be escaped using %2F. |
string | Required Readonly |
| intent_version | Intent version for the status Represent highest intent version across all realized objects |
string | Readonly |
| publish_status | Aggregated Realization state of this object | string | Required Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR |
| publish_time | Publish time of the intent This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time |
EpochMsTimestamp | Readonly Sortable |
| site_uuid | id of Site Site UUID supplied for realized site. |
string | |
| time_taken_for_realization | Appoximate time taken in milliseconds for end to end realization. This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization. |
integer |
ConsolidatedStatus (schema)
Consolidated Status
Consolidated Status of an intent object. Status Consolidation of an intent happens at
multiple levels:
- Per Enforcement Point: calculation of the consolidated status is performed using all
realized entities that the intent objet maps to on a specific enforcement point.
- Across Enforcement Points: calculation of the consolidated status is performend
aggregating the consolidated status from each enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| consolidated_status | Consolidated Realized Status Consolidated Realized Status of an intent object. |
ConfigState | Readonly |
ConsolidatedStatusNsxT (schema)
NSX-T Consolidated Status
Detailed Realized Status of an intent object on an NSX-T type of enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| alarm | Alarm Information Details Alarm information details. |
PolicyRuntimeAlarm | Readonly |
| consolidated_status | Consolidated Realized Status Consolidated Realized Status of an Intent object per enforcement point. |
ConsolidatedStatus | Readonly |
| enforced_status | Enforced Realized Status Detailed Realized Status inherent to an NSX-T Enforcement Point. |
EnforcedStatusDetailsNsxT | Readonly |
| enforcement_point_id | Enforcement Point Id Enforcement Point Id. |
string | Readonly |
| enforcement_point_path | Enforcement point Path Policy Path referencing the enforcement point where the info is fetched. |
string | Readonly |
| resource_type | Must be set to the value ConsolidatedStatusNsxT | string | Required |
| site_path | Site Path The site where this enforcement point resides. |
string | Readonly |
ConsolidatedStatusPerEnforcementPoint (schema)
Consolidated Realized Status Per Enforcement Point
Consolidated Realized Status Per Enforcement Point.
| Name | Description | Type | Notes |
|---|---|---|---|
| alarm | Alarm Information Details Alarm information details. |
PolicyRuntimeAlarm | Readonly |
| consolidated_status | Consolidated Realized Status Consolidated Realized Status of an Intent object per enforcement point. |
ConsolidatedStatus | Readonly |
| enforcement_point_id | Enforcement Point Id Enforcement Point Id. |
string | Readonly |
| enforcement_point_path | Enforcement point Path Policy Path referencing the enforcement point where the info is fetched. |
string | Readonly |
| resource_type | Must be set to the value ConsolidatedStatusPerEnforcementPoint | string | Required |
| site_path | Site Path The site where this enforcement point resides. |
string | Readonly |
ConstantFieldValue (schema)
Constant Field Value
Constant Field Value.
| Name | Description | Type | Notes |
|---|---|---|---|
| constant | Constant Value Constant Value that the field must be set to. |
object | |
| resource_type | Must be set to the value ConstantFieldValue | string | Required Enum: ConstantFieldValue |
Constraint (schema)
Constraint definition.
Constraint object to constraint any attribute on a resource based on
specified expression.
Example- Restrict the allowed services in Edge Communication Entry to list of
services, if the destinationGroups contain vCenter.
{
"target":{
"target_resource_type":"CommunicationEntry",
"attribute":"services",
"path_prefix":"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries"
}
"constraint_expression":{
"related_attribute":{
"attribute":"destinationGroups"
}
"condition":{
"operator":"INCLUDES",
"rhs_value":{"vCenter"}
"value_constraint":{
"operator":"ALLOW",
"values":{"/ref/services/HTTPS", "/ref/services/HTTOP", ...}
}
}
}
}
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| constraint_expression | Expression to constrain the target attribute value. This property is deprecated. Please use the "constraint_expressions" property instead to specify one or more constraint expressions. If this property is populated, then the "constraint_expressions" value is ignored. |
ConstraintExpression (Abstract type: pass one of the following concrete types) EntityInstanceCountConstraintExpression FieldSanityConstraintExpression RelatedAttributeConditionalExpression ValueConstraintExpression |
Deprecated |
| constraint_expressions | Expressions to constrain the target attribute value. | array of ConstraintExpression (Abstract type: pass one of the following concrete types) EntityInstanceCountConstraintExpression FieldSanityConstraintExpression RelatedAttributeConditionalExpression ValueConstraintExpression |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| message | User friendly message to be shown to users upon violation. | string | |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value Constraint | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target | Target resource attribute details. This property is deprecated. Please use the "targets" property instead to specify one or more targets. If this property is populated, then the "targets" value is ignored. |
ConstraintTarget | Deprecated |
| target_owner_type | Constraint target's owner type | string | Enum: GM, LM, ALL |
| targets | Collection of target resources attribute details. | array of ConstraintTarget | |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ConstraintExpression (schema)
Base class for constraint expression
All the types of the expression extend from this abstract class.
This is present for extensibility.
This is an abstract type. Concrete child types:
EntityInstanceCountConstraintExpression
FieldSanityConstraintExpression
RelatedAttributeConditionalExpression
ValueConstraintExpression
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ConstraintExpression | string | Required Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ConstraintGlobalConfig (schema)
Global Constraint configuration
Global Constraint configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| include_system_resources | Include policy resources that are created by system in EntityInstanceCountConstraintExpression constraint If true, resources that are created by the system (i.e create_user set to SYSTEM_USER) will be included as part of counting the created entity instances while evaulating the EntityInstanceCountConstraintExpression type constraint. By default, these resources are not included as part of evaluating the count expression |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ConstraintGlobalConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ConstraintListResult (schema)
Paged Collection of Constraints
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Constraint list results | array of Constraint | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ConstraintTarget (schema)
Resource attribute on which constraint should be applied.
Resource attribute on which constraint should be applied.
Example - sourceGroups attribute of Edge CommunicationEntry to be
restricted, is given as:
{
"target_resource_type":"CommunicationEntry",
"attribute":"sourceGroups",
"path_prefix":"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries"
}
| Name | Description | Type | Notes |
|---|---|---|---|
| attribute | Attribute name of the target entity. | string | |
| path_prefix | Path prefix of the entity to apply constraint.
Path prefix of the entity to apply constraint. It should be a valid string prefix for policy path. This is required to further disambiguiate if multiple policy entities share the same resource type. Example - Edge FW and DFW use the same resource type CommunicationMap, CommunicationEntry, Group, etc. For multi-tenancy path-prefixes (i.e. path starting with /orgs) following values are supported: 1. When constraint is created under '/infra/constraints/' OR under '/orgs/ value is supported. 2. When constraint is created under custom project i.e. '/orgs/ then '/orgs/ |
string | |
| target_resource_type | Resource type of the target entity. This is required in case the
constraint expressions do not specify target resource type.
Target resource type accepts input as DTO Type and or FQDN. It also supports dot format like SecurityPolicy.Rule in a scenario where same DTO type shared across across policy sub tree. For example DTO type Rule shared by both security policy and gateway policy rules. So to specify any constraint for Security policy rule, user can define the target resource type as SecurityPolicy.Rule. |
string |
ConstraintValue (schema)
Base class for each value configuration
All the types of value extend from this abstract class. This
is present for extensibility.
This is an abstract type. Concrete child types:
CidrArrayConstraintValue
IntegerArrayConstraintValue
StringArrayConstraintValue
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | string | Required Enum: StringArrayConstraintValue, CidrArrayConstraintValue, IntegerArrayConstraintValue |
ContainerApplication (schema)
Container application within a project
Container application within a project.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cluster_ips | List of cluster IPs The IPv4 and IPv6 clusterIPs of the container application. |
array of IPAddress | |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this container application belongs to. |
string | Readonly |
| container_project_id | Identifier of the project Identifier of the project which this container application belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container application Identifier of the container application on container cluster e.g. PCF app id, k8s service id. |
string | Required |
| load_balancer_ingress | List of load-balancer ingress points Specifies list of load-balancer ingress points |
array of ContainerLoadBalancerIngress | |
| network_errors | Network errors List of network errors related to container application. |
array of NetworkError | |
| network_status | Network status of container application Network status of container application. |
string | Enum: HEALTHY, UNHEALTHY |
| node_port_local_endpoints | List of NodePortLocalEndpoint Specifies list of local endpoint, when service is NodePortLocal. |
array of NodePortLocalEndpoint | |
| origin_properties | Origin properties Array of additional specific properties of container application in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerApplication | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| service_ports | List of service port Specifies list of service port. |
array of ContainerServicePort | |
| status | Status of the container application Status of the container application. |
string | Enum: UNKNOWN, HEALTHY, UP, DOWN, DEGRADED |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Type of container application | string | Enum: CLUSTER_IP, NODE_PORT, LOAD_BALANCER, EXTERNAL_NAME |
ContainerApplicationInstance (schema)
Container Application Instance
Container application instance within a project.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cluster_node_id | Cluster node id Cluster node id where application instance is running. |
string | |
| container_application_ids | Identifiers of the container application List of identifiers of the container application. |
array of string | |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this application instance belongs to. |
string | Readonly |
| container_project_id | Identifier of the project Identifier of the container project which this container application instance belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container application instance Identifier of the container application instance on container cluster. |
string | Required |
| network_errors | Network errors List of network errors related to container application instance. |
array of NetworkError | |
| network_status | Network status of container application instance Network status of container application instance. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container application instance in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerApplicationInstance | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| status | Status of the container application instance Status of the container application instance. |
string | Enum: UNKNOWN, HEALTHY, UP, DOWN, DEGRADED |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerApplicationInstanceGroupAssociationRequestParams (schema)
List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path
List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered |
string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| pod_id | ContainerApplicationInstance | string | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerApplicationInstanceListRequestParameters (schema)
Container application instance list parameters
Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.
| Name | Description | Type | Notes |
|---|---|---|---|
| container_application_id | Identifier of the container application Identifier of the container application. |
string | |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | |
| container_project_id | Identifier of the container project Identifier of the container project. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| scope_id | Scope id for container cluster Specifies scope id for container cluster. Default value is same as identifier of the cluster. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerApplicationInstanceListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Applications | array of ContainerApplicationInstance | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerApplicationListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Applications | array of ContainerApplication | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerCluster (schema)
Container cluster
Details of container cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cluster_ip_ranges | List of cluster IP range In case of Kubernetes container cluster, it specifies CIDRs that will be assigned to services created on Kubernetes. |
array of IPCIDRBlock | Maximum items: 2 |
| cluster_type | Type of the container cluster Type of the container cluster. In case of creating container cluster first time, it is expected to pass the valid cluster-type. In case of update, if there is no change in cluster-type, then this field can be omitted in the request. |
string | Enum: PAS, PKS, Kubernetes, Openshift, WCP, WCP_Guest, AKS, EKS, TKGm, TKGi, GKE, Gardener, Rancher, TAS, SupervisorCluster, WorkloadCluster, Other |
| cni_type | CNI type for container cluster Specifies Container Network Interface type for container cluster. |
string | Enum: NCP, Antrea, Other Default: "Other" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container cluster External identifier of the container cluster. |
string | |
| infrastructure | Details of infrastructure for the container cluster Details of underlying infrastructure that hosts the container cluster. In case of creating container cluster first time, it is expected to pass the valid infrastructure. In case of update, if there is no change in cluster-type, then this field can be omitted in the request. |
ContainerInfrastructureInfo | |
| network_errors | Network errors List of network errors related to container cluster. |
array of NetworkError | |
| network_status | Network status of container cluster Network status of container cluster. |
string | Enum: HEALTHY, UNHEALTHY |
| node_port_local_range | Node port local range Specifies the port range to be used for NodePortLocal services. |
string | Format: port-or-range |
| node_port_range | Node port range In case of Kubernetes container cluster, it specifies port range to be used for Kubernetes services created with the type NodePort. |
string | Format: port-or-range |
| origin_properties | Origin properties Array of additional specific properties of container cluster in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerCluster | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| supervisor_project_id | Supervisor ContainerProject identifier for cluster Specifies supervisor container project identifier for cluster. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerClusterFilterParameters (schema)
Container cluster filter parameter
Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.
| Name | Description | Type | Notes |
|---|---|---|---|
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| scope_id | Scope id for container cluster Specifies scope id for container cluster. Default value is same as identifier of the cluster. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerClusterListRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| status | Container cluster status | TnContainerStatusType |
ContainerClusterListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Clusters | array of ContainerCluster | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerClusterNode (schema)
Container cluster node
Details of container cluster node i.e. container host.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cni_agent_status | CNI agent status of container cluster node Specifies Container Network Interface agent status of container cluster node. |
string | Enum: HEALTHY, UNHEALTHY |
| container_cluster_id | External identifier of the container cluster External identifier of the container cluster. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container cluster node External identifier of the container cluster node in K8S/PAS. |
string | Required |
| external_ip_addresses | List of external ip address of Node Specifies list of external ip address of Node. |
array of IPAddress | |
| ip_addresses | IP Addresses of Node List of IP addresses of container cluster node. |
array of IPAddress | |
| network_errors | Network errors List of network errors related to container cluster node. |
array of NetworkError | |
| network_status | Network status of container cluster node Network status of container cluster node. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container cluster node in key-value format. |
array of KeyValuePair | |
| pod_cidrs | List of CIDR of container application instance In case of Kubernetes container cluster, it represents the IP ranges assigned to the node for usage by Pod on that node. |
array of IPCIDRBlock | |
| provider_id | Provider id of container node Specifies identifier of container cluster node given by infrastructure provider of container cluster. e.g. in case of vSpehere, it will be instance uuid of worker node virtual machine. |
string | |
| resource_type | Must be set to the value ContainerClusterNode | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerClusterNodeListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of container cluster nodes | array of ContainerClusterNode | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerClusterPropertiesFilterParameters (schema)
Container cluster filter parameter by cluster properties
Request object, containing multiple cluster properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_type | Type of container cluster This is the type of container cluster. |
string | Enum: PAS, PKS, Kubernetes, Openshift, WCP, WCP_Guest, AKS, EKS, TKGm, TKGi, GKE, Gardener, Rancher, TAS, Other |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| infra_type | Type of infrastructure This is the type of container's infrastructure. |
string | Enum: vSphere, AWS, Azure, Google, VMC, KVM, Baremetal |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| scope_id | Scope id for container cluster Specifies scope id for container cluster. Default value is same as identifier of the cluster. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerClusterStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | |
| detail | Detail information on status Detail information on status. |
string | |
| interval | Container cluster status check interval Display the cluster check interval in seconds. |
int | Readonly Minimum: 60 Maximum: 600 |
| status | Container cluster status Display the container cluster status. |
TnContainerStatusType |
ContainerClusterStatusList (schema)
List of the Container cluster
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Container cluster list Container cluster list. |
array of ContainerClusterSummary | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerClusterSummary (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | Required Readonly |
| cluster_name | Container cluster name Display the container cluster name |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| detail | Detail information on status Detail information on status. |
string | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ContainerClusterSummary | string | |
| status | Container cluster status Display the container cluster status. |
TnContainerStatusType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| type | Container cluster type Container cluster type. |
ContainerClusterType |
ContainerClusterType (schema)
Container cluster type
| Name | Description | Type | Notes |
|---|---|---|---|
| ContainerClusterType | Container cluster type | string | Enum: PAS, PKS, Kubernetes, Openshift, WCP, Other |
ContainerConfiguration (schema)
Container that holds widgets
Represents a container to group widgets that belong to a common category or have a common purpose.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| condition | Expression for evaluating condition If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally. |
string | Maximum length: 1024 |
| datasources | Array of Datasource Instances with their relative urls The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API. |
array of Datasource | Minimum items: 0 |
| default_filter_value | Default filter value to be passed to datasources Default filter values to be passed to datasources. This will be used when the report is requested without filter values. |
array of DefaultFilterValue | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Widget Title Title of the widget. If display_name is omitted, the widget will be shown without a title. |
string | Maximum length: 255 |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. |
string | Maximum length: 255 |
| feature_set | Features required to view the widget Features required to view the widget. |
FeatureSet | |
| filter | Id of filter widget for subscription Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property. |
string | Deprecated |
| filter_value_required | Flag to indicate if filter value is necessary Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory. |
boolean | Default: "True" |
| filters | A List of filter ids applied to this widget configuration A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget. |
array of string | |
| footer | Footer | ||
| header | Header | ||
| icons | Icons Icons to be applied at dashboard for widgets and UI elements. |
array of Icon | |
| id | Unique identifier of this resource | string | Sortable |
| is_drilldown | Set as a drilldown widget Set to true if this widget should be used as a drilldown. |
boolean | Default: "False" |
| labels | Labels Labels for the container. |
array of Label | Minimum items: 0 |
| layout | Layout of widgets inside container Layout of widgets can be either vertical or horizontal. If layout is not specified a default horizontal layout is applied. This property is deprecated. Now the layout inside the container can be taken care with the help of 'rowspan' and 'colspan' property. |
Layout | Deprecated |
| legend | Legend for the widget Legend to be displayed. If legend is not needed, do not include it. |
Legend | |
| navigation | Navigation to a specified UI page Hyperlink of the specified UI page that provides details. |
string | Maximum length: 1024 |
| plot_configs | List of plotting configuration for a given widget. List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here. |
array of WidgetPlotConfiguration | |
| resource_type | Must be set to the value ContainerConfiguration | string | Required Readonly Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, DropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration Maximum length: 255 |
| rowspan | Vertical span Represents the vertical span of the widget / container. 1 Row span is equal to 20px. |
int | Minimum: 1 |
| shared | Visiblity of widgets to other users Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users. |
boolean | Deprecated |
| show_header | This decides to show the container header or not. If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header. |
boolean | |
| span | Horizontal span Represents the horizontal span of the widget / container. |
int | Minimum: 1 Maximum: 12 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| weight | Weightage or placement of the widget or container Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details. |
int | Deprecated |
| widgets | Widgets held by the container If not specified, creates an empty container. |
array of WidgetItem | Minimum items: 0 |
ContainerEgress (schema)
Container Egress
Details of Container Egress.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this egress belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| egress_ip | Container egress IP Container egress IP. |
string | Format: ip |
| external_id | External identifier of the container egress Identifier of the container egress. |
string | Required |
| origin_properties | Origin properties Array of additional specific properties of container egress in key-value format. e.g. key can be externalIPPool, value is a string |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerEgress | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| spec | Container egress specification This specifies yaml definition of ContainerEgress resource. e.g. yaml definition of kubernetes egress resource. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerEgressListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of ContainerEgress Specifies list of container egress. |
array of ContainerEgress | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerGateway (schema)
Container gateway
A Gateway describes how traffic can be translated to Services
within the container cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| addresses | List of addresses bound to gateway Specifies addresses which lists the IP addresses that have actually been bound to the gateway. |
array of ContainerGatewayAddress | |
| container_cluster_id | Identifier of the container cluster Specifies identifier of the container cluster of this container gateway. |
string | |
| container_project_id | Identifier of the container project Specifies identifier of the container project of this container gateway. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container gateway Specifies identifier of the container gateway. |
string | Required |
| listeners | List of listener Specifies list of listeners which defines logical endpoints that are bound on this Gateway's addresses. |
array of ContainerGatewayListener | |
| origin_properties | Origin properties Array of additional specific properties of container ip pool in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerGateway | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| spec | Container gateway specification This specifies yaml definition of ContainerGateway resource. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerGatewayAddress (schema)
Container gateway address
Specifies an address that can be bound to a container gateway.
| Name | Description | Type | Notes |
|---|---|---|---|
| address | Address of container gateway Specifies address of container gateway. |
string | Maximum length: 255 |
| type | Type of gateway address Specifies type of gateway address. e.g. Hostname, IPAddress, NamedAddress. |
string | Enum: HOST_NAME, IP_ADDRESS, NAMED_ADDRESS |
ContainerGatewayListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Gateway | array of ContainerGateway | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerGatewayListener (schema)
Container gateway listener
Listener embodies the concept of a logical endpoint where a Gateway accepts
network connections.
| Name | Description | Type | Notes |
|---|---|---|---|
| hostname | Hostname of gateway listener Specifies the virtual hostname to match for protocol type. |
string | Maximum length: 255 |
| name | Name of gateway listener Specifies name of gateway listener |
string | Maximum length: 255 |
| port | Port of gateway listener Specifies network port of gateway. |
integer | Minimum: 0 Maximum: 65535 |
| protocol | Protocol of gateway listener Specifies the network protocol this listener expects to receive. e.g. HTTP,HTTPS,TCP, TLS, UDP. |
string | Enum: HTTP, HTTPS, TCP, TLS, UDP |
ContainerInfrastructureInfo (schema)
Details of container infrastructure
Details of infrastructure hosting the container cluster
e.g. vSphere, AWS, VMC etc..
| Name | Description | Type | Notes |
|---|---|---|---|
| infra_type | Type of the infrastructure Type of the infrastructure. |
string | Required Enum: vSphere, AWS, Azure, Google, VMC, KVM, Baremetal |
ContainerIngressPolicy (schema)
Container Ingress Policy
Details of Container Ingress Policy.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_application_ids | Identifiers of the container application List of identifiers of the container application , on which ingress policy is applied. e.g. IDs of all services on which the ingress is applied in kubernetes. |
array of string | |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this ingress policy belongs to. |
string | |
| container_project_id | Identifier of the project Identifier of the project which this container ingress belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container ingress policy Identifier of the container ingress policy. |
string | Required |
| load_balance_ingress | List of container loadbalancer ingress Specifies list for ingress points for the load balancer. |
array of ContainerLoadBalancerIngress | |
| network_errors | Network errors List of network errors related to container ingress. |
array of NetworkError | |
| network_status | Network status of container ingress Network status of container ingress. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container ingress in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerIngressPolicy | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| spec | Container ingress policy specification Container ingress policy specification. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerIngressPolicyListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Ingress Policy specs | array of ContainerIngressPolicy | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerIpPool (schema)
Container Ip Pool
Details of Container Ip Pool.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_cluster_id | Identifier of the container cluster Specifies identifier of the container cluster this container ip pool belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container ip pool Specifies identifier of the container ip pool. |
string | Required |
| ip_ranges | List of IP ranges with subnet details Specifies list of SubnetIpRange, which is a set of contiguous IP addresses, represented by a CIDR or a pair of start and end IPs, along with subnet definition. |
array of SubnetIpRange | |
| ip_version | IP version of ContainerIpPool Specifies IP version of container IP pool. |
integer | Enum: 4, 6 |
| origin_properties | Origin properties Array of additional specific properties of container ip pool in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerIpPool | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| spec | Container ip pool specification This specifies yaml definition of ContainerIpPool resource. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerIpPoolListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container IP Pool | array of ContainerIpPool | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerListRequestParameters (schema)
Realization list request params
List request params for the pass through type api that get data from the Antrea Cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| cluster_id | Cluster ID ID of the cluster to query |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F. |
string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerLoadBalancerIngress (schema)
Ingress point for load balancer
It represents the status of a load-balancer ingress point.
| Name | Description | Type | Notes |
|---|---|---|---|
| hostname | Hostname of load-balance ingress point Hostname is set for load-balancer ingress points that are DNS based. |
string | Maximum length: 255 |
| ip | IP of load-balancer ingress point IP is set for load-balancer ingress points that are IP based. |
string | Format: ip |
| ports | List of PortStatus Ports is a list of records of service points. |
array of PortStatus |
ContainerNetworkPolicy (schema)
Container Network Policy
Network policy applied to container.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster this network policy belongs to. |
string | |
| container_project_id | Identifier of the project Identifier of the project which this network policy belongs to. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container network policy Identifier of the container network policy. |
string | Required |
| network_errors | Network errors List of network errors related to container network policy. |
array of NetworkError | |
| network_status | Network status of container network policy Network status of container network policy. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container network policy in key-value format. |
array of KeyValuePair | |
| policy_type | Type Type e.g. Network Policy, ASG. |
string | Enum: NETWORK_POLICY, ASG, ACNP, ANP |
| resource_type | Must be set to the value ContainerNetworkPolicy | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| spec | Container network policy specification Container network policy specification. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerNetworkPolicyListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Container Network Policy specs | array of ContainerNetworkPolicy | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerObjectsListRequestParameters (schema)
Container objects list parameters
Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.
| Name | Description | Type | Notes |
|---|---|---|---|
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster. |
string | |
| container_project_id | Identifier of the container project Identifier of the container project. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| scope_id | Scope id for container cluster Specifies scope id for container cluster. Default value is same as identifier of the cluster. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ContainerProject (schema)
Container project within a container cluster
Details of org/namespace within a container cluster.
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| container_cluster_id | Identifier of the container cluster Identifier of the container cluster to which this project/namespace belongs. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External identifier of the container project External identifier of the container project. |
string | Required |
| network_errors | Network errors List of network errors related to container project. |
array of NetworkError | |
| network_status | Network status of container project Network status of container project. |
string | Enum: HEALTHY, UNHEALTHY |
| origin_properties | Origin properties Array of additional specific properties of container project in key-value format. |
array of KeyValuePair | |
| resource_type | Must be set to the value ContainerProject | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ContainerProjectListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of projects | array of ContainerProject | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ContainerServicePort (schema)
Details of service port
Specifices details of port exposed by service.
| Name | Description | Type | Notes |
|---|---|---|---|
| name | Name of port Specifies name of port within the service. |
string | |
| node_port | Node port of container application In case of Kubernetes container cluster, it is port on each node on which the service is exposed, when type of service is NodePort or LoadBalancer. |
integer | Minimum: 0 Maximum: 65535 |
| port | Port of service Specifies port exposed by the service |
integer | Minimum: 0 Maximum: 65535 |
| protocol | IP protocol of port Specifies IP protocol of the port. e.g. TCP, UDP, SCTP. |
string | Enum: TCP, UDP, SCTP |
| target_port | Target port of service Specifies the number or name of port to access on container application instance by the container application. e.g. It is number or name of port to access of pod by service. |
string | Maximum length: 15 |
ContentFilterValue (schema)
Support bundle content filter allowed values
| Name | Description | Type | Notes |
|---|---|---|---|
| ContentFilterValue | Support bundle content filter allowed values | string | Enum: ALL, DEFAULT, REMOVE_CORE_FILES, EAL4_AUDIT |
ContextProfileAttributesMetadata (schema)
Key value structure for holding metadata of context profile attributes
| Name | Description | Type | Notes |
|---|---|---|---|
| key | Key for metadata | string | Required |
| value | Value for metadata key | string | Required |
ContinueMigrationRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| skip | Skip to migration of next component. | boolean | Default: "False" |
ContinueRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| component_type | Component to upgrade. Hints NSX to upgrade a specific component. |
string | |
| skip | Skip to upgrade of next component. | boolean | Default: "False" |
ControlClusterNodeStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| control_cluster_status | Status of this node's connection to the control cluster | ClusteringStatus | Readonly |
| mgmt_connection_status | Status of this node's management plane connection | MgmtConnStatus | Readonly |
ControlConnStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| control_node_ip | IP address of the control Node. | string | Required Readonly |
| failure_status | Failure status of the control Node for e.g CONNECTION_REFUSED,INCOMPLETE_HOST_CERT. | string | Readonly Enum: CONNECTION_REFUSED, INCOMPLETE_HOST_CERT, INCOMPLETE_CONTROLLER_CERT, CONTROLLER_REJECTED_HOST_CERT, HOST_REJECTED_CONTROLLER_CERT, KEEP_ALIVE_TIMEOUT, OTHER_SSL_ERROR, OTHER_ERROR |
| status | Status of the control Node for e.g UP, DOWN. | string | Required Readonly Enum: UP, DOWN |
ControllerClusterRoleConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| control_cluster_listen_addr | The IP and port for the control cluster service on this node | ServiceEndpoint | Readonly |
| control_plane_listen_addr | The IP and port for the control plane service on this node | ServiceEndpoint | Readonly |
| host_msg_client_info | MsgClientInfo | ||
| mpa_msg_client_info | MsgClientInfo | ||
| type | Type of this role configuration | string | Required Readonly Enum: ManagementClusterRoleConfig, ControllerClusterRoleConfig |
ControllerClusterStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| status | The current status of the controller cluster | string | Readonly Enum: NO_CONTROLLERS, UNSTABLE, DEGRADED, STABLE, UNKNOWN |
ControllerNodeAggregateInfo (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 |
| id | Unique identifier of this resource | string | Readonly |
| node_interface_properties | Array of Node interface statistic properties | array of NodeInterfaceProperties | Readonly |
| node_interface_statistics | Array of Node network interface statistic properties | array of NodeInterfaceStatisticsProperties | Readonly |
| node_status | ClusterNodeStatus | Readonly | |
| node_status_properties | Time series of the node's system properties | array of NodeStatusProperties | |
| role_config | ControllerClusterRoleConfig | Readonly |
ControllerProfilerProperties (schema)
Controller profiler properties
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| enabled | True for enabling controller profiler,
False for disabling controller profiler. |
boolean |
CookiePersistenceModeType (schema) (Deprecated)
cookie persistence mode
If the persistence cookie is found in the incoming request, value of the
cookie is used to identify the server that this request should be sent to.
If the cookie is not found, then the server selection algorithm is used to
select a new server to handle that request.
Three different modes of cookie persistence are supported: insert, prefix
and rewrite.
In cookie insert mode, a cookie is inserted by load balancer in the HTTP
response going from server to client.
In cookie prefix and rewrite modes, server controls the cookie and load
balancer only manipulates the value of the cookie. In prefix mode, server's
cookie value is prepended with the server IP and port and then sent to the
client. In rewrite mode, entire server's cookie value is replaced with the
server IP and port in the response before sending it to the client.
| Name | Description | Type | Notes |
|---|---|---|---|
| CookiePersistenceModeType | cookie persistence mode If the persistence cookie is found in the incoming request, value of the cookie is used to identify the server that this request should be sent to. If the cookie is not found, then the server selection algorithm is used to select a new server to handle that request. Three different modes of cookie persistence are supported: insert, prefix and rewrite. In cookie insert mode, a cookie is inserted by load balancer in the HTTP response going from server to client. In cookie prefix and rewrite modes, server controls the cookie and load balancer only manipulates the value of the cookie. In prefix mode, server's cookie value is prepended with the server IP and port and then sent to the client. In rewrite mode, entire server's cookie value is replaced with the server IP and port in the response before sending it to the client. |
string | Deprecated Enum: INSERT, PREFIX, REWRITE |
CookieTimeType (schema) (Deprecated)
Snat translation type
Both session cookie and persistence cookie are supported,
Use LbSessionCookieTime for session cookie time setting,
Use LbPersistenceCookieTime for persistence cookie time setting
| Name | Description | Type | Notes |
|---|---|---|---|
| CookieTimeType | Snat translation type Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting |
string | Deprecated Enum: LbSessionCookieTime, LbPersistenceCookieTime |
CopyFromRemoteFileProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| preserve_file_properties | Preserve file properties flag | boolean | Default: "True" |
| protocol | Protocol to use to copy file | Protocol (Abstract type: pass one of the following concrete types) HttpProtocol HttpsProtocol ScpProtocol SftpProtocol |
Required |
| server | Remote server hostname or IP address | string | Required Pattern: "^.+$" |
| uri | URI of file to copy | string | Required |
CopyRemoteFileProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| preserve_file_properties | Preserve file properties flag | boolean | Default: "True" |
| server | Remote server hostname or IP address | string | Required Pattern: "^.+$" |
| uri | URI of file to copy | string | Required |
CopyToRemoteFileProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| preserve_file_properties | Preserve file properties flag | boolean | Default: "True" |
| protocol | Protocol to use to copy file Only scp and sftp may be used. |
Protocol (Abstract type: pass one of the following concrete types) HttpProtocol HttpsProtocol ScpProtocol SftpProtocol |
Required |
| server | Remote server hostname or IP address | string | Required Pattern: "^.+$" |
| uri | URI of file to copy | string | Required |
CoreCountByEdition (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| features_in_use | Feature in use within product family Feature in use within product family. If there is ATP feature found on any host/edge, all features on it will be listed in ATP product family. |
array of string | Readonly |
| product_family | Product Family Product Family |
string | Readonly |
| raw_core_count_by_type | Raw Core Counts by core type Raw cores counts by type of cores used in license edition. |
RawCoreCount | Readonly |
| total_licensed_core_count | Total Licensed core count across features Total Licensed core count across features. |
string | Readonly |
| total_raw_core | Total raw raw core count across features Total raw raw core count across features. |
string | Readonly |
CoreCountByFeature (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| licensed_core_count | Licensed Core Counts Licensed Core Counts. |
FeatureUsages | Readonly |
| raw_core_counts | Feature Usage Feature Usage. |
FeatureUsages | Readonly |
CoreDumpConfig (schema)
Node core dump config
Node core dump config
| Name | Description | Type | Notes |
|---|---|---|---|
| global_file_limit | Core dump file persistence config global limit | integer | Minimum: 0 Default: "2" |
| global_frequency_threshold | Core dump files frequency threshold config in seconds, set 0 to disable | integer | Minimum: 0 Default: "600" |
| process_config | Core dump config per process limit | array of CoreDumpProcessConfig |
CoreDumpProcessConfig (schema)
Core dump process config
| Name | Description | Type | Notes |
|---|---|---|---|
| limit | Core dump process limit | integer | Required |
| process_name | Core dump process name | string | Required |
CorfuCertificateExpiryCheckProperties (schema)
Corfu Certificate Expiry Check Properties
| Name | Description | Type | Notes |
|---|---|---|---|
| status | Current Status of Corfu Certificate Expiry Check (enabled/disabled) | string | Required |
CountActionArgument (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| count_type | Type of count | string | Required Readonly Enum: UNI_DIRECTIONAL, BI_DIRECTIONAL, UNKNOWN |
| dest_lport | Destination logical port for bidirectional count It is required only when the type of count is bidirectional. Please keep this field aligned with the destination logical port of trace action and packet capture action config when the type of trace action and packet capture action are bidirectional. |
string | Readonly |
| reverse_filter | Packet filter for flows of interest in reverse direction It takes effect only when the type of count is bidirectional. Please keep this aligned with the packet filter of reverse direction of trace action and packet capture action config when the type of count action and packet capture action is bidirectional. |
LiveTraceFilterData (Abstract type: pass one of the following concrete types) FieldsFilterData PlainFilterData |
Readonly |
CountActionConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action_argument | The count action argument | CountActionArgument | Required |
CountObservation (schema)
This is an abstract type. Concrete child types:
BaseCountObservation
PolicyCountObservation
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Type of count observation | string | Required |
CounterResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| backward_results | Count action list results The count action results from the checkpoints traversed by packets from the destination port. |
array of CountObservation (Abstract type: pass one of the following concrete types) BaseCountObservation PolicyCountObservation |
|
| forward_results | Count action list results The count action results from the checkpoints traversed by packets from the source port. |
array of CountObservation (Abstract type: pass one of the following concrete types) BaseCountObservation PolicyCountObservation |
CounterTypesParameter (schema)
Parameters to define returned counter types
| Name | Description | Type | Notes |
|---|---|---|---|
| type | type Counter type query parameters. |
string |
CpuCoreConfigForEnhancedNetworkingStackSwitch (schema) (Deprecated)
Enhanced Networking Stack CPU configuration
Non Uniform Memory Access (NUMA) nodes and Logical cpu cores (Lcores) per NUMA node configuration for Enhanced Networking Stack enabled HostSwitch.
| Name | Description | Type | Notes |
|---|---|---|---|
| num_lcores | Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node | int | Required Minimum: 1 |
| numa_node_index | Unique index of the Non Uniform Memory Access (NUMA) node | int | Required Minimum: 0 |
CpuStats (schema)
CPU core statistics
Provides the following CPU stats for a given core:
- Core ID.
- CPU type.
- Number of packets sent and received per second on the core for the last 100ms.
- Number of packets received per second from the crypto module, the KNI interface,
the slowpath threads and the other cores within the last 100ms.
- Statistics of the mega flow cache which holds flow cache key and the corresponding
flow cache actions for all the entries. The counts are from the time the edge
dataplane is UP and will be reset on edge reboot or edge dataplane restart.
- Statistics of the micro flow cache which holds a hash of the entire flow cache key
and a pointer to the mega flow cache entry. The counts are from the time the edge
dataplane is UP and will be reset on edge reboot or edge dataplane restart.
- Percentage of live CPU utilization of the core sampled within the last 60 seconds.
- Percentage of CPU utilization of the core for actual packet processing for the last
100ms.
| Name | Description | Type | Notes |
|---|---|---|---|
| core | core id CPU id |
string | Readonly |
| cpu_type | cpu type cpu type, one of datapath_core, controlpath_core and service_core |
string | Readonly Enum: datapath_core, controlpath_core, service_core Default: "controlpath_core" |
| crypto | CPU crypto packet rate The total number of packets per second (pps) received from the crypto module for the last 100ms. |
string | Readonly |
| intercore | CPU intercore packet rate The total number of packets per second (pps) received from other cores for the last 100ms. |
string | Readonly |
| kni | CPU Kernel Network Interface (KNI) packet rate The total number of packets per second (pps) received from Linux KNI interface for the last 100ms. |
string | Readonly |
| mega_flowcachestats | Mega flow cache stats Provides statistics of the mega flow cache which holds the flow cache key and the corresponding flow cache actions for all the entries. The flow cache key is the five tuples of an IP connection - src/dst IP, protocol, and src/dst ports. This will be reset on edge reboot or edge dataplane restart. |
FlowCacheStatistics | Readonly |
| micro_flowcachestats | Micro flow cache stats Provides statistics of the micro flow cache which holds a hash of the entire flow cache key and a pointer to the mega flow cache entry, where the flow cache key and actions are stored. This will be reset on edge reboot or edge dataplane restart. |
FlowCacheStatistics | Readonly |
| packet_processing_usage | Datapath CPU packet processing usage Provides the percentage of CPU utilization of the core on actual packet processing for the last 100ms. It is percentage of busy cycles vs. total cycles, where busy cycles are the cycles spent in a poll round where at least one packet was received. |
string | Readonly |
| rx | CPU Rx packet rate The total number of packets per second (pps) received from NICs for the last 100ms. |
string | Readonly |
| slowpath | CPU slowpath packet rate The total number of packets per second (pps) received from slowpath threads for the last 100ms. |
string | Readonly |
| tx | CPU Tx packet rate The total number of packets per second (pps) transmitted from NICs for the last 100ms. This also includes the packets dropped due to Tx ring full. |
string | Readonly |
| usage | CPU usage Provides the percentage of live CPU utilisation of the core sampled within the last 60 seconds. |
string | Readonly |
CpuUsage (schema)
CPU usage of DPDK and non-DPDK cores
| Name | Description | Type | Notes |
|---|---|---|---|
| avg_cpu_core_usage_dpdk | Average utilization of all DPDK cores Indicates the average usage of all DPDK cores in percentage. |
number | Readonly |
| avg_cpu_core_usage_non_dpdk | Average usage of all non-DPDK cores Indicates the average usage of all non-DPDK cores in percentage. |
number | Readonly |
| highest_cpu_core_usage_dpdk | Highest CPU utilization value among DPDK cores Indicates the highest CPU utilization value among DPDK cores in percentage. |
number | Readonly |
| highest_cpu_core_usage_non_dpdk | Highest CPU utilization value among non-DPDK cores Indicates the highest cpu utilization value among non_dpdk cores in percentage. |
number | Readonly |
CreateRemoteDirectoryProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| preserve_file_properties | Preserve file properties flag | boolean | Default: "True" |
| protocol | Protocol to use to copy file | SftpProtocol | Required |
| server | Remote server hostname or IP address | string | Required Pattern: "^.+$" |
| uri | URI of file to copy | string | Required |
Criterion (schema)
Event Criterion
Event Criterion is the logical evaluations by which the event may
be deemed fulfilled. All the evaluations must be met in order for
the criterion to be met (implicit AND).
| Name | Description | Type | Notes |
|---|---|---|---|
| evaluations | Criterion Evaluations Criterion Evaluations. |
array of Evaluation (Abstract type: pass one of the following concrete types) SourceFieldEvaluation |
Required Minimum items: 1 |
Crl (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| crl_type | Type of CRL The type of the CRL. It can be "OneCRL" or "X509" (default). |
string | Enum: OneCRL, X509 Default: "X509" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| details | Details of the X509Crl object. | X509Crl | Readonly |
| details_revoked_by_issuer_and_serial_number | Certificates revoked by issuer and serial number | array of IssuerSerialNumber | Readonly |
| details_revoked_by_subject_and_public_key_hash | Certificates revoked by subject and public key hash | array of SubjectPublicKeyHash | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| one_crl | JSON-encoded OneCRL-like object | string | |
| pem_encoded | PEM encoded CRL data. | string | |
| resource_type | Must be set to the value Crl | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CrlDistributionPoint (schema)
Reference to a CRL Distribution Point where to fetch a CRL
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cdp_uri | CDP URI CRL Distribution Point URI where to fetch the CRL. |
string | Required Readonly Maximum length: 255 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| issuer | Issuer Issuer of the CRL, referring to the CA. |
string | Required Readonly Maximum length: 255 |
| resource_type | Must be set to the value CrlDistributionPoint | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CrlDistributionPointList (schema)
CrlDistributionPoint query result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CrlDistributionPoint list. | array of CrlDistributionPoint | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CrlDistributionPointStatus (schema)
Reference to a CRL Distribution Point where to fetch a CRL
| Name | Description | Type | Notes |
|---|---|---|---|
| error_message | Error Message Error message when fetching the CRL failed. |
string | Readonly |
| status | Status Status of the fetched CRL for this CrlDistributionPoint |
CdpStatusType | Required Readonly |
CrlList (schema)
Crl queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CRL list. | array of Crl | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CrlObjectData (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| crl_type | Type of CRL The type of the CRL. It can be "OneCRL" or "X509" (default). |
string | Enum: OneCRL, X509 Default: "X509" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| one_crl | JSON-encoded OneCRL-like object | string | |
| pem_encoded | PEM encoded CRL data. | string | |
| resource_type | Must be set to the value CrlObjectData | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CrlPemRequestType (schema)
Request Type to get a CRL's PEM file.
| Name | Description | Type | Notes |
|---|---|---|---|
| cdp_uri | CDP URI CRL Distribution Point URI where to fetch the CRL. |
string | Required Readonly Maximum length: 255 |
CrossSiteFlowInfo (schema)
Information about config flow in federation
Represents details of the config flow between sites.
Federation has the following flows
- Global Manager to Local Manager (GM -> LM)
- Local Manager to Glocal Manager (LM -> GM)
- Global Manager Active to Glocal Manager Standby (GM -> GM)
- Local Manager to Local Manager (LM -> LM)
| Name | Description | Type | Notes |
|---|---|---|---|
| from_site_id | Site id of the source | string | |
| from_site_path | Source site policy path | string | |
| full_sync_info | Full sync information for the flow | FullSyncInfo | |
| latency_measured_ts | Timestamp of latency measurement | integer | |
| latency_millis | Latency from source to destination site in milli seconds | integer | |
| leader_node_id | Local leader node id sharded for this remote site. | string | |
| status | Overall status of the flow | string | Enum: GOOD, DISCONNECTED, RECOVERY, ERROR, UNKNOWN, NOT_READY |
| to_site_id | Site id of the destination | string | |
| to_site_path | Destination site policy path | string |
CryptoAlgorithm (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| key_size | Supported key sizes for the algorithm. | array of KeySize | Required Readonly |
| name | Crypto algorithm name. | string | Required Readonly |
CryptoEnforcement (schema)
Action for crypto enforcement
If enforced and if TLS protocol Client/Server Hello has none of the
permitted TLS versions or ciphers then the connection is immediately terminated.
| Name | Description | Type | Notes |
|---|---|---|---|
| CryptoEnforcement | Action for crypto enforcement If enforced and if TLS protocol Client/Server Hello has none of the permitted TLS versions or ciphers then the connection is immediately terminated. |
string | Readonly Enum: ENFORCE, TRANSPARENT |
CspConfig (schema)
CSP authentication configuration
Extra OIDC configuration relevant only for CSP endpoints.
| Name | Description | Type | Notes |
|---|---|---|---|
| additional_org_ids | Additional orginzation IDs A list of organization IDs. CSP tokens must be associated with one of these organizations, or the customer_org_id, in order to be considered valid. |
array of string | |
| customer_org_id | Customer organization ID | string |
Csr (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| algorithm | Cryptographic algorithm (asymmetric) used by the public key for data encryption. | string | Enum: RSA, EC Default: "RSA" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| extensions | X509 extensions to add X509 v3 extensions to be added to a CSR. |
CsrExtensions | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| is_ca | Whether the CSR is for a CA certificate. | boolean | Default: "False" |
| key_size | Size measured in bits of the public key used in a cryptographic algorithm. | integer | Default: "4096" |
| pem_encoded | PEM encoded certificate data. | string | Readonly |
| resource_type | Must be set to the value Csr | string | |
| subject | The certificate owner's information. (CN, O, OU, C, ST, L) | Principal | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CsrExtensions (schema)
Collection of various x509 v3 extensions to be added to a CSR
| Name | Description | Type | Notes |
|---|---|---|---|
| subject_alt_names | Subject alternative names Subject alternative names of the CSR |
SubjectAltNames | Readonly |
CsrList (schema)
Csr queries result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | CSR list. | array of Csr | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
CsrWithDaysValid (schema)
CSR data with days valid
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| algorithm | Cryptographic algorithm (asymmetric) used by the public key for data encryption. | string | Enum: RSA, EC Default: "RSA" |
| days_valid | Number of days the certificate will be valid, default 825 days | integer | Default: "825" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| extensions | X509 extensions to add X509 v3 extensions to be added to a CSR. |
CsrExtensions | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| is_ca | Whether the CSR is for a CA certificate. | boolean | Default: "False" |
| key_size | Size measured in bits of the public key used in a cryptographic algorithm. | integer | Default: "4096" |
| pem_encoded | PEM encoded certificate data. | string | Readonly |
| resource_type | Must be set to the value CsrWithDaysValid | string | |
| subject | The certificate owner's information. (CN, O, OU, C, ST, L) | Principal | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
CsvListResult (schema)
Base type for CSV result.
| Name | Description | Type | Notes |
|---|---|---|---|
| file_name | File name File name set by HTTP server if API returns CSV result as a file. |
string |
CsvRecord (schema)
Base type for CSV records.
| Name | Description | Type | Notes |
|---|---|---|---|
| CsvRecord | Base type for CSV records. | object |
CurrentBackupOperationStatus (schema)
Current backup operation status
| Name | Description | Type | Notes |
|---|---|---|---|
| backup_id | Unique identifier of current backup | string | |
| current_step | Current step of operation | string | Enum: BACKUP_CREATING_CLUSTER_BACKUP, BACKUP_CREATING_NODE_BACKUP |
| current_step_message | Additional human-readable status information about current step | string | |
| end_time | Time when operation is expected to end | EpochMsTimestamp | |
| operation_type | Type of operation that is in progress. Returns none if no operation is in progress, in which case none of the other fields will be set. | string | Enum: NONE, BACKUP |
| start_time | Time when operation was started | EpochMsTimestamp |
CurrentRealizationStateBarrier (schema)
The current global barrier number of the realized state
| Name | Description | Type | Notes |
|---|---|---|---|
| current_barrier_number | Gives the current global barrier number for NSX | integer | Required Readonly |
CustomAttributeAction (schema)
Request Parameters for Custom Context Profile Attributes
Request Parameter which specify action to either add or remove the custom values.
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Add or Remove Custom Context Profile Attribute values. Action parameter determines whether to add or remove Custom Context Profile Attribute values. |
string | Required Enum: add, remove |
CustomFilterWidgetConfiguration (schema)
Custom Filter widget Configuration
Represents configuration for custom filter widget. For this widget the data source is not applicable. It defines ui identifer for filter UI component and render it on dashboard view. This configuration can only be used for system owned widgets.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alias | Alias to be used when emitting filter value Alias to be used when emitting filter value. |
string | |
| condition | Expression for evaluating condition If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally. |
string | Maximum length: 1024 |
| datasources | Array of Datasource Instances with their relative urls The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API. |
array of Datasource | Minimum items: 0 |
| default_filter_value | Default filter value to be passed to datasources Default filter values to be passed to datasources. This will be used when the report is requested without filter values. |
array of DefaultFilterValue | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Widget Title Title of the widget. If display_name is omitted, the widget will be shown without a title. |
string | Maximum length: 255 |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. |
string | Maximum length: 255 |
| feature_set | Features required to view the widget Features required to view the widget. |
FeatureSet | |
| filter | Id of filter widget for subscription Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property. |
string | Deprecated |
| filter_value_required | Flag to indicate if filter value is necessary Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory. |
boolean | Default: "True" |
| filters | A List of filter ids applied to this widget configuration A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget. |
array of string | |
| footer | Footer | ||
| icons | Icons Icons to be applied at dashboard for widgets and UI elements. |
array of Icon | |
| id | Unique identifier of this resource | string | Sortable |
| is_drilldown | Set as a drilldown widget Set to true if this widget should be used as a drilldown. |
boolean | Default: "False" |
| legend | Legend for the widget Legend to be displayed. If legend is not needed, do not include it. |
Legend | |
| plot_configs | List of plotting configuration for a given widget. List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here. |
array of WidgetPlotConfiguration | |
| resource_type | Must be set to the value CustomFilterWidgetConfiguration | string | Required Readonly Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, DropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration Maximum length: 255 |
| rowspan | Vertical span Represents the vertical span of the widget / container. 1 Row span is equal to 20px. |
int | Minimum: 1 |
| shared | Visiblity of widgets to other users Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users. |
boolean | Deprecated |
| show_header | This decides to show the container header or not. If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header. |
boolean | |
| span | Horizontal span Represents the horizontal span of the widget / container. |
int | Minimum: 1 Maximum: 12 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| ui_component_identifier | UI identifier for filter component to be rendered inside view/container User defined filter component selector to be rendered inside view/container. |
string | Required |
| weight | Weightage or placement of the widget or container Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details. |
int | Deprecated |
CustomSignatureModification (schema)
IDS raw signatures
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| overridden_signature | overridden custom signature Overridden custom signature. |
OverriddenSignature | |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| raw_signature | IDS raw signature IDS raw signature. |
string | |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value CustomSignatureModification | string | |
| signature_id | IDS custom signature ID IDS custom signature ID. |
string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CustomSignatureValidationPayload (schema)
IDS raw signatures
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| deleted_signatures | List of deleted custom signature paths List of deleted custom signature paths. Paths should be of type IdsCustomSignaturePreview. As the Validate action is only supported on Preview Signatures. |
array of string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| modified_signatures | IDS custom signature modification collection IDS custom signature modification collection. |
array of CustomSignatureModification | |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value CustomSignatureValidationPayload | string | |
| revert_overridden_signatures | List of custom signature ids that need to be reverted to default action/state List of custom signature ids that need to be reverted to default action/state. |
array of string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
CustomWidgetConfiguration (schema)
Custom widget Configuration
Represents configuration for custom widget. For this widget the data source is not applicable. It defines ui identifer to identify UI component and render it on dashboard view. This configuration can only be used for system owned widgets.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| condition | Expression for evaluating condition If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally. |
string | Maximum length: 1024 |
| datasources | Array of Datasource Instances with their relative urls The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API. |
array of Datasource | Minimum items: 0 |
| default_filter_value | Default filter value to be passed to datasources Default filter values to be passed to datasources. This will be used when the report is requested without filter values. |
array of DefaultFilterValue | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Widget Title Title of the widget. If display_name is omitted, the widget will be shown without a title. |
string | Maximum length: 255 |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. |
string | Maximum length: 255 |
| feature_set | Features required to view the widget Features required to view the widget. |
FeatureSet | |
| filter | Id of filter widget for subscription Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property. |
string | Deprecated |
| filter_value_required | Flag to indicate if filter value is necessary Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory. |
boolean | Default: "True" |
| filters | A List of filter ids applied to this widget configuration A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget. |
array of string | |
| footer | Footer | ||
| icons | Icons Icons to be applied at dashboard for widgets and UI elements. |
array of Icon | |
| id | Unique identifier of this resource | string | Sortable |
| is_drilldown | Set as a drilldown widget Set to true if this widget should be used as a drilldown. |
boolean | Default: "False" |
| legend | Legend for the widget Legend to be displayed. If legend is not needed, do not include it. |
Legend | |
| plot_configs | List of plotting configuration for a given widget. List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here. |
array of WidgetPlotConfiguration | |
| resource_type | Must be set to the value CustomWidgetConfiguration | string | Required Readonly Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, DropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration Maximum length: 255 |
| rowspan | Vertical span Represents the vertical span of the widget / container. 1 Row span is equal to 20px. |
int | Minimum: 1 |
| shared | Visiblity of widgets to other users Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users. |
boolean | Deprecated |
| show_header | This decides to show the container header or not. If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header. |
boolean | |
| span | Horizontal span Represents the horizontal span of the widget / container. |
int | Minimum: 1 Maximum: 12 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| ui_component_identifier | UI identifier for component to be rendered inside view/container User defined component selector to be rendered inside view/container. |
string | |
| weight | Weightage or placement of the widget or container Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details. |
int | Deprecated |
CvxConnectionInfo (schema)
CVX Connection Info
Credential info to connect to a CVX type of enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| enforcement_point_address | Enforcement Point Address Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be "10.192.1.1" - On an NSX-T MP running on custom port, the value could be "192.168.1.1:32789" - On an NSX-T MP in VMC deployments, the value could be "192.168.1.1:5480/nsxapi" |
string | Required |
| password | Password Password. |
secure_string | Required |
| resource_type | Must be set to the value CvxConnectionInfo | string | Required Enum: NSXTConnectionInfo, NSXVConnectionInfo, CvxConnectionInfo, AviConnectionInfo |
| thumbprint | Thumbprint of Enforcement Point Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX. |
string | |
| username | Username Username. |
secure_string | Required |
DADMode (schema)
DAD Mode
Duplicate address detection modes.
| Name | Description | Type | Notes |
|---|---|---|---|
| DADMode | DAD Mode Duplicate address detection modes. |
string | Enum: LOOSE, STRICT |
DADProfile (schema)
Duplicate address detection profile.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| dad_mode | DAD Mode | DADMode | Default: "LOOSE" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ns_retries | NS retries count Number of Neighbor solicitation packets generated before completing the Duplicate address detection process. |
integer | Minimum: 0 Maximum: 10 Default: "3" |
| resource_type | Must be set to the value DADProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| wait_time | Wait time The time duration in seconds, to wait for Neighbor advertisement after sending the Neighbor solicitation message. |
integer | Minimum: 0 Maximum: 60 Default: "1" |
DADProfileListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of DADProfile | array of DADProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DADStatus (schema)
DAD Status
Duplicate address detection status for IP address on port.
| Name | Description | Type | Notes |
|---|---|---|---|
| DADStatus | DAD Status Duplicate address detection status for IP address on port. |
string | Enum: DUPLICATED, TENTATIVE, ASSIGNED, NOT_APPLICABLE, UNKNOWN |
DHGroup (schema)
Diffie-Hellman groups
Diffie-Hellman groups represent algorithm used to derive shared
keys between IPSec VPN initiator and responder over an
unsecured network.
GROUP2 uses 1024-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.
GROUP19 uses 256-bit random Elliptic Curve (ECP) group.
GROUP20 uses 384-bit random ECP group.
GROUP21 uses 521-bit random ECP group.
| Name | Description | Type | Notes |
|---|---|---|---|
| DHGroup | Diffie-Hellman groups Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit random Elliptic Curve (ECP) group. GROUP20 uses 384-bit random ECP group. GROUP21 uses 521-bit random ECP group. |
string | Enum: GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21 |
DNSForwarderStatisticsPerEnforcementPoint (schema)
DNS forwarder statistics per enforcement point
DNS forwarder statistics per enforcement point.
This is an abstract type. Concrete child types:
NsxTDNSForwarderStatistics
| Name | Description | Type | Notes |
|---|---|---|---|
| enforcement_point_path | Enforcement point path Policy path referencing the enforcement point from where the statistics are fetched. |
string | Readonly |
| resource_type | string | Required Enum: NsxTDNSForwarderStatistics |
DNSForwarderStatusPerEnforcementPoint (schema)
DNS forwarder status per enforcement point
DNS forwarder status per enforcement point.
This is an abstract type. Concrete child types:
NsxTDNSForwarderStatus
| Name | Description | Type | Notes |
|---|---|---|---|
| enforcement_point_path | Enforcement point path Policy path referencing the enforcement point from where the status is fetched. |
string | Readonly |
| resource_type | string | Required Enum: NsxTDNSForwarderStatus |
DSAppliedToType (schema)
Resource type valid for use as AppliedTo filter in section API
| Name | Description | Type | Notes |
|---|---|---|---|
| DSAppliedToType | Resource type valid for use as AppliedTo filter in section API | string | Enum: NSGroup, LogicalSwitch, LogicalRouter, LogicalPort |
DSExcludeList (schema)
Exclusion List
List of entities excluded for enforcing a service or a feature.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| member_count | Total Member Count Total number of members present in Exclude List. |
integer | Readonly |
| members | Member list List of members in Exclusion List |
array of ResourceReference | Required Maximum items: 1000 |
| resource_type | Must be set to the value DSExcludeList | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DSInsertParameters (schema)
Parameters to tell where rule/section need to be added. All the params take rule/section Id.
| Name | Description | Type | Notes |
|---|---|---|---|
| id | Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'. | string | Maximum length: 64 |
| operation | Operation | string | Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top" |
DSListRequestParameters (schema)
Parameters to filter list of sections/rules.
Pagination and Filtering parameters to get only a subset of sections/rules.
| Name | Description | Type | Notes |
|---|---|---|---|
| applied_tos | AppliedTo's referenced by this section or section's Distributed Service Rules . Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| destinations | Destinations referenced by this section's Distributed Service Rules . The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| filter_type | Filter type Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria. |
string | Enum: FILTER, SEARCH Default: "FILTER" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| services | NSService referenced by this section's Distributed Service Rules . Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| sources | Sources referenced by this section's Distributed Service Rules . The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string |
DSRule (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _owner | Owner of this resource | OwnerResourceLink | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| action | Action Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DETECT - Detect IDS Signatures. ALLOW_CONTINUE - Allows rules to jump from this rule. Action on matching rules in the destination category will decide next step. Application is default destination until new categories are supported to jump to. DETECT_PREVENT - Detect and Prevent IDS Signatures. |
string | Required Enum: ALLOW, DROP, REJECT, REDIRECT, DO_NOT_REDIRECT, DETECT, ALLOW_CONTINUE, DETECT_PREVENT |
| applied_tos | AppliedTo List List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any. |
array of ResourceReference | Maximum items: 128 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destinations | Destination List List of the destinations. Null will be treated as any. |
array of ResourceReference | Maximum items: 128 |
| destinations_excluded | Negation of destination Negation of the destination. |
boolean | Default: "False" |
| direction | Rule direction Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified. |
string | Enum: IN, OUT, IN_OUT Default: "IN_OUT" |
| disabled | Rule enable/disable flag Flag to disable rule. Disabled will only be persisted but never provisioned/realized. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Identifier of the resource | string | Readonly |
| ip_protocol | IPv4 vs IPv6 packet type Type of IP packet that should be matched while enforcing the rule. |
string | Enum: IPV4, IPV6, IPV4_IPV6 Default: "IPV4_IPV6" |
| is_default | Default rule Flag to indicate whether rule is default. |
boolean | Readonly |
| logged | Enable logging flag Flag to enable packet logging. Default is disabled. |
boolean | Default: "False" |
| notes | Notes User notes specific to the rule. |
string | Maximum length: 2048 |
| priority | Rule priority Priority of the rule. |
integer | Readonly |
| resource_type | Must be set to the value DSRule | string | |
| rule_tag | Tag User level field which will be printed in CLI and packet logs. |
string | Maximum length: 32 |
| sources | Source List List of sources. Null will be treated as any. |
array of ResourceReference | Maximum items: 128 |
| sources_excluded | Negation of source Negation of the source. |
boolean | Default: "False" |
DSRuleState (schema)
Rule Realization State
Rule Realization State
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| revision_desired | Desired state revision number This attribute represents revision number of rule's desired state. |
integer | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
DSSection (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| applied_tos | AppliedTo List List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo. |
array of ResourceReference | Maximum items: 128 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| is_default | Default section flag It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section. |
boolean | Readonly |
| resource_type | Must be set to the value DSSection | string | |
| rule_count | Rule count Number of rules in this section. |
integer | Readonly |
| section_type | Section Type Type of the rules which a section can contain. Only homogeneous sections are supported. |
string | Required Enum: LAYER2, LAYER3, L3REDIRECT, IDS |
| stateful | Stateful nature of the distributed service rules in the section. Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless. |
boolean | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DSSectionListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DSSectionQueryParameters (schema)
Section query parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cascade | Flag to cascade delete of this object to all it's child objects. | boolean | Default: "False" |
DSSectionState (schema)
Section Realization State
Section Realization Status
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| revision_desired | Section's desired state revision number This attribute represents revision number of section's desired state. |
integer | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
DSService (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| is_valid | Target validity Will be set to false if the referenced NSX resource has been deleted. |
boolean | Readonly |
| service | Distributed Service Network and Security Service element Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService. |
NSServiceElement (Abstract type: pass one of the following concrete types) ALGTypeNSService EtherTypeNSService ICMPTypeNSService IGMPTypeNSService IPProtocolNSService L4PortSetNSService |
|
| target_display_name | Target display name Display name of the NSX resource. |
string | Readonly Maximum length: 255 |
| target_id | Target ID Identifier of the NSX resource. |
string | Maximum length: 64 |
| target_type | Target type Type of the NSX resource. |
string | Maximum length: 255 |
DVSConfig (schema) (Deprecated)
The DVS Configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| host_infra_traffic_res | Resource allocation associated with NiocProfile host_infra_traffic_res specifies bandwidth allocation for various traffic resources. |
array of ResourceAllocation | |
| lacp_group_configs | Array of Link Aggregation Control Protocol (LACP) configuration It contains information about VMware specific multiple dynamic LACP groups. |
array of LacpGroupConfigInfo | |
| lldp_send_enabled | Enabled or disabled sending LLDP packets | boolean | Default: "False" |
| mtu | Maximum Transmission Unit used for uplinks | int | Minimum: 1600 |
| name | The DVS name | string | Required |
| uplink_port_names | Uplink port names Names of uplink ports for this DVS. |
array of string | Required Minimum items: 1 |
| uuid | The DVS uuid | string |
DailyTelemetrySchedule (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| frequency_type | Must be set to the value DailyTelemetrySchedule | string | Required |
| hour_of_day | Hour at which data will be collected Hour at which data will be collected. Specify a value between 0 through 23. |
integer | Required Minimum: 0 Maximum: 23 |
| minutes | Minute at which data will be collected Minute at which data will be collected. Specify a value between 0 through 59. |
integer | Minimum: 0 Maximum: 59 Default: "0" |
DashboardSummaryListRequestQueryParameters (schema)
Query parameters passed to the dashboard APIs
Represents the query parameters, such as the tenancy context and the pagination
properties, that the dashboard APIs (ids-summary, affected-vms) accept.
| Name | Description | Type | Notes |
|---|---|---|---|
| context | TenancyContextQueryParameter | ||
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DataCounter (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| dropped | The dropped packets or bytes | integer | |
| multicast_broadcast | The multicast and broadcast packets or bytes | integer | |
| total | The total packets or bytes | integer | Required |
DataPathL3 (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| arp_hold_pkt_drops | The drops of packet(IPv4) pending on ARP resolution. | integer | |
| drop_route_ipv4_drops | Packet(IPv4) matching drop routes. | integer | |
| drop_route_ipv6_drops | Packet(IPv6) matching drop routes. | integer | |
| no_route_ipv4_drops | No IPv4 routes. | integer | |
| no_route_ipv6_drops | No IPv6 routes. | integer | |
| ns_hold_pkt_drops | The drops of packet(IPv6) pending on neighbor resolution. | integer | |
| pkt_attr_error_drops | Packets which failed attribute operation. | integer | |
| rpf_ipv4_drops | Reverse path forwarding drops of packet(IPv4). | integer | |
| rpf_ipv6_drops | Reverse path forwarding drops of packet(IPv6). | integer | |
| rx_pkt_parsing_error_drops | Packets failed to be parsed. | integer | |
| ttl_ipv4_drops | Packet(IPv4) drops due to low TTL. | integer | |
| ttl_ipv6_drops | Packet(IPv6) drops due to low TTL. | integer | |
| tx_dispatch_queue_too_long_drops | Packets being tail dropped in the txDispatchQueue. | integer |
DataSourceParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| source | The data source, either realtime or cached. If not provided, cached data is returned. | DataSourceType |
DataSourceType (schema)
Data source type.
| Name | Description | Type | Notes |
|---|---|---|---|
| DataSourceType | Data source type. | string | Enum: realtime, cached |
DataTypeCollectionConfiguration (schema)
Data type collection configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| collection_frequency | Data Collection Frequency In Seconds The frequency in seconds at which data is collected |
integer | Required Minimum: 15 Maximum: 86400 |
| data_type | Data type Defines the type of data being collected |
string | Required Enum: STATUS, STATISTICS |
DatapathCounterResult (schema)
Datapath counter result
The datapath counter result.
| Name | Description | Type | Notes |
|---|---|---|---|
| module_counters | The counters of the datapath module The data of the datapath module counters. |
array of DatapathModuleCounter | Required Readonly |
| module_name | The name of the datapath module The name of the datapath module (e.g., VDL2, VDR). |
string | Required Readonly |
DatapathModuleCounter (schema)
The counter of the datapath module
The counter of the datapath module.
| Name | Description | Type | Notes |
|---|---|---|---|
| counter_name | The name of the counter The name of the counter. |
string | Required Readonly |
| counter_value | The value of the counter The value of the counter. |
integer | Required Readonly |
DatapathPacketDrops (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| broadcast_rate_limiting_packet_drops | Drops due to broadcast rate limiting. | integer | |
| fastpath_packet_drops | Drops by the Fastpath. | integer | |
| firewall_flood_limit_packet_drops | Firewall flood limit drops. | integer | |
| firewall_internal_error_packet_drops | Drops due to Firewall detected internal error. | integer | |
| firewall_malformed_packet_drops | Drop due to Firewall detected malformed packet. | integer | |
| firewall_packet_rejects | Drops due to Firewall packet rejects. | integer | |
| firewall_rule_received_packet_drops | Firewall rule drops at RX. | integer | |
| firewall_rule_transmitted_packet_drops | Firewall rule drops at TX. | integer | |
| firewall_scrx_packet_drops | Firewall scrx packet drops. | integer | |
| firewall_state_check_packet_drops | Firewall state check drops. | integer | |
| firewall_state_table_full_packet_drops | Drops due to Firewall state table full. | integer | |
| firewall_total_packet_drops | Firewall total packet drops. | integer | |
| hostswitch_network_mismatch_packet_drops | RX Drops at vswitch due to network mismatch. | integer | |
| hostswitch_received_forged_mac_packet_drops | RX drops at vswtich due to forged mac. | integer | |
| l3_hop_limit_packet_drops | L3 Drops due to hop limit (TTL). | integer | |
| l3_neighbor_unreachable_packet_drops | L3 Drops due to unreachable neighbor. | integer | |
| l3_no_route_packet_drops | L3 Drops due to no route. | integer | |
| l3_reverse_path_forwarding_packet_drops | L3 drops due to reverse path forwarding. | integer | |
| overlay_received_packet_drops | Overlay RX drops. | integer | |
| overlay_transmitted_packet_drops | Overlay TX drops. | integer | |
| overlay_uplink_received_packet_drops | Overlay uplink RX drops. | integer | |
| overlay_uplink_transmitted_packet_drops | Overlay uplink TX drops. | integer | |
| packet_parsing_error_drops | Drops due to parsing errors. | integer | |
| spoof_guard_packet_drops | Drops due to spoofguard. | integer | |
| workload_bpdu_filter_packet_drops | Drops due to BPDU filtering. | integer | |
| workload_dhcp_not_allowed_packet_drops | Drops due to workload DHCP not allowed. | integer | |
| workload_ipv6_ra_guard_packet_drops | Drops due to workload ipv6 router advertisement guard. | integer |
DatapathStatsActionArgument (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| datapath_stats_type | Type of datapath statistics action Type of datapath statistics action. UNI_DIRECTIONAL - Perform the datapath statistics action for the traffic ingressed from the source logical port. BI_DIRECTIONAL - Perform the datapath statistics action for the traffic ingressed from the source logical port and the destination logical port, respectively. |
string | Required Readonly Enum: UNI_DIRECTIONAL, BI_DIRECTIONAL |
| dest_lport | Destination logical port for bidirectional datapath statistics action It is required only when the type of datapath statistics action is bidirectional. |
string | Readonly |
| reverse_filter | Packet filter for flows of interest in reverse direction It takes effect only when the type of datapath statistics action is bidirectional. |
LiveTraceFilterData (Abstract type: pass one of the following concrete types) FieldsFilterData PlainFilterData |
Readonly |
DatapathStatsActionConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action_argument | Action argument for datapath statistics Action argument for datapath statistics. |
DatapathStatsActionArgument | Required Readonly |
| sampling_argument | Sample argument for datapath statistics Only first-N sampling is supported and the maximum sampling number is 65535. |
SamplingArgument (Abstract type: pass one of the following concrete types) FirstNSampling IntervalSampling PacketNumberSampling |
Readonly |
DatapathStatsResult (schema)
Datapath statistics action result
The datapath statistics action result.
| Name | Description | Type | Notes |
|---|---|---|---|
| direction | Direction of datapath statistics action result | string | Readonly Enum: FORWARD, REVERSE |
| transport_node_datapath_stats | Datapath statistics for transport nodes The datapath statistics for transport nodes. |
array of TransportNodeDatapathStats | Readonly |
Datasource (schema)
Datasource Instance
An instance of a datasource configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Datasource instance's display name Name of a datasource instance. |
string | Required Maximum length: 255 |
| keystore_info | Key Store Info Key Store information for all the url aliases defined in datasource. Use this property if key store information is same for each url aliases in the datasource. |
KeyStoreInfo | |
| urls | Array of relative urls and their aliases Array of urls relative to the datasource configuration. For example, api/v1/fabric/nodes is a relative url of nsx-manager instance. |
array of UrlAlias | Required |
DatetimeUTC (schema)
Datetime string in UTC
Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'
| Name | Description | Type | Notes |
|---|---|---|---|
| DatetimeUTC | Datetime string in UTC Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ' |
string |
DecryptionFailAction (schema)
TLS handshake fail action
Action to take when TLS handshake fails.
| Name | Description | Type | Notes |
|---|---|---|---|
| DecryptionFailAction | TLS handshake fail action Action to take when TLS handshake fails. |
string | Readonly Enum: BLOCK, BYPASS |
DedicatedResources (schema)
Dedicated Resources to Project for Logging
To assign dedicated resources from default project to custom project for logging.
Resources dedicated to this project for logging cannot be dedicated to other projects.
| Name | Description | Type | Notes |
|---|---|---|---|
| tier_0s | Array of Tier0s paths or label path dedicated to this Project for logging. Logs for Tier0s mentioned will have this project's context. Tier0s or labels mentioned under dedicated_resources should also be part of tier_0s under project payload. Label should have reference of Tier0 path. |
array of string |
DefaultFilterValue (schema)
Default filter values
An instance of a datasource configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| alias | Filter alias Filter alias. |
string | Required |
| value | Filter default value Filter default value. |
string | Required |
DeleteMigrationDataFileSpec (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| federation_site_id | Id of the site in NSX-T Federation Id of the site in NSX-T Federation |
string | |
| file_type | Type of the Migration data file that needs to be deleted. | string | Required Enum: VRA_INPUT, EDGE_CUTOVER_MAPPING, BYOT_L3_MAPPING, AVI_LB_MAPPING |
DeleteRemoteDirectoryProperties (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| directory_path | Directory Path Directory Path which needs to be retained |
string | |
| port | Server port | integer | Minimum: 1 Maximum: 65535 |
| preserve_file_properties | Preserve file properties flag | boolean | Default: "True" |
| protocol | Protocol to use to delete directory Protocol to use to delete directory |
SftpProtocol | Required |
| server | Remote server hostname or IP address | string | Required Pattern: "^.+$" |
| uri | URI of file to copy | string | Required |
DeleteRequestParameters (schema)
Parameters that affect how delete operations are processed
| Name | Description | Type | Notes |
|---|---|---|---|
| force | Force delete the resource even if it is being used somewhere
If true, deleting the resource succeeds even if it is being referred as a resource reference. |
boolean | Default: "False" |
DependentServices (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| dependent_services | List of firewall dependent services List of firewall dependent services. |
array of string |
DeploymentChecksAction (schema)
Deployment checks
Pre/Post deployment checks.
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Pre/post deployment checks Run pre/post deployment checks. PRE_CHECKS - Run pre-check before deployment. POST_CHECKS - Run post-check after deployment. ABORT_CHECKS - Abort running pre/post deployement checks. |
string | Required Enum: PRE_CHECKS, POST_CHECKS, ABORT_CHECKS |
DeploymentChecksExecutionRequired (schema)
Request for pre/post checks execution required or not
Request for pre/post checks execution required or not.
| Name | Description | Type | Notes |
|---|---|---|---|
| form_factor | Deployment form factor Form factor in use for deployment. |
FormFactorType | Required |
DeploymentChecksExecutionRequiredResult (schema)
Result for pre/post checks execution required or not
Result for pre/post checks execution required or not.
| Name | Description | Type | Notes |
|---|---|---|---|
| is_required | Flag for pre/post checks required Flag for pre/post checks execution required or not. |
boolean | Default: "True" |
DeploymentChecksStatus (schema)
Pre/Post deployment status
Pre/Post deployment status.
| Name | Description | Type | Notes |
|---|---|---|---|
| description | More detail about check Show more information about pre/post check performed. |
string | |
| name | Name of pre/post check | string | |
| reason | Reason in case of pre/post check failure Reason for failure of pre/post check. Otherwise empty. |
string | |
| status | Status of pre/post checks Status pre/post check. SUCCESS - Successfully completed pre/post check. FAILED - Failed pre/post check. WARNING - Warning in pre/post check. SKIPPED - Pre/post check skipped. IN_PROGRESS - Pre/post check in progress. STOPPING - Stopping pre/post check. STOPPED - Pre/post check stopped. NOT_STARTED - Pre/post check not started |
string | Enum: SUCCESS, FAILED, WARNING, SKIPPED, IN_PROGRESS, STOPPING, STOPPED, NOT_STARTED |
DeploymentChecksStatusResult (schema)
Status of pre/post checks
List of pre/post checks status.
| Name | Description | Type | Notes |
|---|---|---|---|
| results | Array of pre/post deployment checks Array of pre/post deployment checks. |
array of DeploymentChecksStatus |
DeploymentConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| placement_type | string | Required Enum: VsphereDeploymentConfig |
DeploymentProgressStatus (schema)
Progress status of deployment/undeployment/upgrade
Progress status of deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| error_message | Error message Errors during deployment. |
array of string | |
| overall_status | Progress status of deployment Progress status of deployment. DEPLOYMENT_IN_PROGRESS - Deployment in progress. UNDEPLOYMENT_IN_PROGRESS - Undeployment in progress. UPGRADE_IN_PROGRESS - Upgrade in progress. UPDATE_IN_PROGRESS - Update in progress. DEPLOYMENT_QUEUED - Deployment queued. UNDEPLOYMENT_QUEUED - Undeployment queued. UPDATE_QUEUED - Update queued. DEPLOYMENT_SUCCESSFUL - Deployment successful. UNDEPLOYMENT_SUCCESSFUL - Undeployment successful. UPGRADE_SUCCESSFUL - Upgrade successful. UPDATE_SUCCESSFUL - Update successful. DEPLOYMENT_FAILED - Deployment failed. UNDEPLOYMENT_FAILED - Undeployment failed. UPGRADE_FAILED - Upgrade failed. UPDATE_FAILED - Update failed. NOT_DEPLOYED - Deployment pending. |
string | Required Enum: DEPLOYMENT_IN_PROGRESS, UNDEPLOYMENT_IN_PROGRESS, UPGRADE_IN_PROGRESS, UPDATE_IN_PROGRESS, DEPLOYMENT_QUEUED, UNDEPLOYMENT_QUEUED, UPDATE_QUEUED, DEPLOYMENT_SUCCESSFUL, UNDEPLOYMENT_SUCCESSFUL, UPGRADE_SUCCESSFUL, UPDATE_SUCCESSFUL, DEPLOYMENT_FAILED, UNDEPLOYMENT_FAILED, UPGRADE_FAILED, UPDATE_FAILED, NOT_DEPLOYED |
| percentage | Percentage completed Percentage completed for deployment. |
integer | |
| progress_message | Progress message More information about progress. |
string |
DeploymentRegistry (schema)
NSX Application Platform registry template
Template for storing docker registry and helm url.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| certificate_id | Private CA or Self Signed Certificate ID. Helm repo certificate to access locally hosted helm repository |
string | |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildDeploymentRegistry |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| docker_registry | Docker registry url Docker registry url to access docker images. |
string | Required |
| helm_repo | Helm repo url Helm repo url to access helm charts. |
string | Required |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DeploymentRegistry | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DeploymentSpecName (schema)
Deployment spec to be used in upgrade
Used to provide the deployment spec for Upgrade.
| Name | Description | Type | Notes |
|---|---|---|---|
| deployment_spec_name | Deployment Spec Name This indicates the deployment spec. |
string | Required Readonly |
| storage_id | Storage Id Moref of the datastore in VC. |
string | Readonly |
DeploymentTemplate (schema)
Service Deployment Template
Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX.
| Name | Description | Type | Notes |
|---|---|---|---|
| attributes | Deployment Template attributes List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. |
array of Attribute | Maximum items: 128 |
| name | name Deployment Template name. |
string |
DeploymentVersionSpec (schema)
Deployment version
Deployment version with chart name
| Name | Description | Type | Notes |
|---|---|---|---|
| chart_name | Chart name Deployment chart name. |
string | |
| versions | Deployment versions List of deployment versions. |
string |
DeploymentVersions (schema)
List of deployment versions
Different NSX Application Platform deployment versions.
| Name | Description | Type | Notes |
|---|---|---|---|
| versions | Deployment versions List of deployment versions. |
array of DeploymentVersionSpec |
DeploymentZone (schema) (Deprecated)
Deployment zone
Logical grouping of enforcement points.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use Site.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildEnforcementPoint |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enforcement_points | Logical grouping of enforcement points | array of EnforcementPoint | |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DeploymentZone | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DeploymentZoneListRequestParameters (schema) (Deprecated)
DeploymentZone list request parameters
DeploymentZone list request parameters.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use SiteListRequestParameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DeploymentZoneListResult (schema) (Deprecated)
Paged Collection of Deployment Zones
Paged Collection of Deployment Zones.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use SiteListResult.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Deployment Zones | array of DeploymentZone | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DestinationNsxApiEndpoint (schema)
Destination NSX manager details
Details about the destination NSX manager for the migration
| Name | Description | Type | Notes |
|---|---|---|---|
| destination_nsx_ip | Destination NSX IP ddress or host name IP address or host name of the destination NSX manager to which the config will be migrated. |
string | Required Format: hostname-or-ip |
| destination_nsx_password | Password for destination NSX manager Valid password for connecting to the destination NSX manager. |
secure_string | |
| destination_nsx_port | Destination NSX manager port Destination NSX manager port that will be used to apply details. |
int | Default: "443" |
| destination_nsx_username | Username for destination NSX manager Valid username for connecting to the destination NSX manager. |
string |
DetachClusterParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| force | string | Enum: true, false | |
| graceful-shutdown | string | Enum: true, false Default: "false" |
|
| ignore-repository-ip-check | string | Enum: true, false Default: "false" |
DfwDropCounters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| rx_dropped | Number of received packets dropped by firewall. The number of received packets dropped by distributed firewall rules due to rule actions. |
integer | |
| tx_dropped | Number of sent packets dropped by firewall. The number of sent packets dropped by distributed firewall rules due to rule actions. |
integer |
DfwFirewallConfiguration (schema)
DFW Firewall related configurations
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildIdsSettings ChildPolicyExcludeList |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| disable_auto_drafts | Auto draft deactivate flag To deactivate auto drafts, set it to true. By default, auto drafts are enabled. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_firewall | Firewall enable flag If set to true, Firewall is enabled. |
boolean | Default: "True" |
| global_addrset_mode_enabled | A flag to indicate if global address set is enabled in DFW When this flag is set to true, global address set is enabled in Distributed Firewall. |
boolean | Default: "True" |
| global_macset_optimization_mode_enabled | Global MACSet Optimization Flag MACSet optimization is turned on when this flag is set to true. By default it is set to false. |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| idfw_enabled | Identity firewall enable flag If set to true, identity firewall is enabled. |
boolean | Default: "False" |
| idfw_event_log_scraper_enabled | Enable event log scraping Enables event log scraping for Identity firewall. |
boolean | Default: "False" |
| idfw_loginsight_enabled | Enable Loginsight server for Identity Firewall If set to true, collection of login/logout events from Loginsight server is enabled. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DfwFirewallConfiguration | string | Required Enum: DfwFirewallConfiguration |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DfwHeapMemoryUsage (schema)
DFW heap memory usage
Distributed Firewall heap memory utilization.
| Name | Description | Type | Notes |
|---|---|---|---|
| description | Description of the DFW module Description of the DFW module. |
string | Readonly |
| name | Name of the DFW module Name of the DFW heap on specified host. |
string | Readonly |
| total_mb | Total size of heap for the specified heap in mb units Total size of heap for the specified heap in mb units. |
integer | Readonly |
| usage_pct | Percentage of heap utilized for specific heap Percentage of heap utilized for specific heap. |
number | Readonly |
| used_mb | Utilized size of heap for the specified heap in mb units Utilized size of heap for the specified heap in mb units. |
integer | Readonly |
DhGroup (schema)
Diffie-Hellman groups
Diffie-Hellman groups represent algorithm used to derive shared
keys between IPSec VPN initiator and responder over an
unsecured network.
GROUP2 uses 1048-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.
GROUP19 uses 256-bit Random Elliptic Curve (ECP) group.
GROUP20 uses 384-bit Random ECP group.
GROUP21 uses 521-bit Random ECP group.
| Name | Description | Type | Notes |
|---|---|---|---|
| DhGroup | Diffie-Hellman groups Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1048-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit Random Elliptic Curve (ECP) group. GROUP20 uses 384-bit Random ECP group. GROUP21 uses 521-bit Random ECP group. |
string | Enum: GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21 |
DhcpConfig (schema)
DHCP configuration
DHCP config.
This dhcp configuration can be overriden per subnet.
| Name | Description | Type | Notes |
|---|---|---|---|
| dhcp_relay_config_path | DHCP relay config path Policy path of DHCP-relay-config. If configured then all the subnets will be configured with the DHCP relay server. If not specified, then the local DHCP server will be configured for all connected subnets. |
string | |
| dns_client_config | Dns client configuration Dns configuration |
DnsClientConfig | |
| enable_dhcp | Activate or Deactivate DHCP If activated, the DHCP server will be configured based on IP address type. If deactivated then neither DHCP server nor relay shall be configured. |
boolean |
DhcpDeleteLeaseRequestParameters (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| ip | IPAddress | Required | |
| mac | MACAddress | Required |
DhcpDeleteLeases (schema)
List of DHCP leases to be deleted
| Name | Description | Type | Notes |
|---|---|---|---|
| leases | List of DHCP leases | array of DhcpDeleteLeaseRequestParameters | Required Minimum items: 1 Maximum items: 100 |
DhcpFilter (schema) (Deprecated)
DHCP filtering configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| client_block_enabled | Indicates whether DHCP client blocking is enabled | boolean | Required |
| server_block_enabled | Indicates whether DHCP server blocking is enabled | boolean | Required |
| v6_client_block_enabled | Indiactes whether DHCP v6 client blocking is enabled | boolean | Default: "False" |
| v6_server_block_enabled | Indiactes whether DHCP V6 server blocking is enabled | boolean | Default: "False" |
DhcpHeader (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| op_code | Message op code / message type This is used to specify the general type of message. A client sending request to a server uses an op code of BOOTREQUEST, while a server replying uses an op code of BOOTREPLY. |
string | Enum: BOOTREQUEST, BOOTREPLY Default: "BOOTREQUEST" |
DhcpIpPool (schema) (Deprecated)
DHCP ip-pool
DHCP ip-pool to define dynamic ip allocation ranges.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| allocation_ranges | Ip-ranges Ip-ranges to define dynamic ip allocation ranges. |
array of IpPoolRange | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| error_threshold | Error threshold, valid [80-100], default 100 Error threshold. Alert will be raised if the pool usage reaches the given threshold. |
integer | Minimum: 80 Maximum: 100 Default: "100" |
| gateway_ip | Gateway ip Gateway ip address of the allocation. |
IPAddress | |
| id | Unique identifier of this resource | string | Sortable |
| lease_time | Lease time Lease time, in seconds, [60-(2^32-1)]. Default is 86400. |
integer | Minimum: 60 Maximum: 4294967295 Default: "86400" |
| options | DHCP options If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level. |
DhcpOptions | |
| resource_type | Must be set to the value DhcpIpPool | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| warning_threshold | Warning threshold, valid [50-80], default 80 Warning threshold. Alert will be raised if the pool usage reaches the given threshold. |
integer | Minimum: 50 Maximum: 80 Default: "80" |
DhcpIpPoolListResult (schema) (Deprecated)
A list of DHCP ip pools
A paginated list of DHCP ip pools.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of DHCP ip pools A paginated list of DHCP ip pools. |
array of DhcpIpPool | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpIpPoolUsage (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| allocated_number | allocated number. COULD BE INACCURATE, REFERENCE ONLY. | integer | Required |
| allocated_percentage | allocated percentage. COULD BE INACCURATE, REFERENCE ONLY. | integer | Required |
| dhcp_ip_pool_id | uuid of dhcp ip pool | string | Required |
| pool_size | pool size | integer | Required |
DhcpLeasePerIP (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| expire_time | expire time of the lease | string | |
| ip_address | ip address of client | string | Required |
| lease_time | lease time of the ip address, in seconds | string | |
| mac_address | mac address of client | string | Required |
| start_time | start time of lease | string | Required |
| subnet | subnet of client network | string |
DhcpLeaseRequestParameters (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| address | can be an ip address, or an ip range, or a mac address | string | |
| pool_id | The uuid of dhcp ip pool | string | |
| source | The data source, either realtime or cached. If not provided, cached data is returned. | DataSourceType |
DhcpLeases (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| dhcp_server_id | dhcp server uuid | string | |
| ipv6_leases | The ipv6 lease info list of the server | array of DhcpV6Lease | Minimum items: 0 Maximum items: 65535 |
| leases | The lease info list of the server | array of DhcpLeasePerIP | Minimum items: 0 Maximum items: 65535 |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
| timestamp | timestamp of the lease info | EpochMsTimestamp |
DhcpLeasesResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| connectivity_path | Policy path to Segment, Tier0 or Tier1 gateway Policy path to Segment, Tier0 or Tier1 gateway where DHCP server is attached. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| dhcp_server_id | dhcp server uuid | string | |
| ipv6_leases | The ipv6 lease info list of the server | array of DhcpV6Lease | Minimum items: 0 Maximum items: 65535 |
| leases | The lease info list of the server | array of DhcpLeasePerIP | Minimum items: 0 Maximum items: 65535 |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
| timestamp | timestamp of the lease info | EpochMsTimestamp |
DhcpOption121 (schema) (Deprecated)
DHCP option 121
DHCP option 121 to define classless static route.
| Name | Description | Type | Notes |
|---|---|---|---|
| static_routes | DHCP classless static routes Classless static route of DHCP option 121. |
array of ClasslessStaticRoute | Required Minimum items: 1 Maximum items: 27 |
DhcpOptions (schema) (Deprecated)
DHCP options
Define DHCP options of the DHCP service.
| Name | Description | Type | Notes |
|---|---|---|---|
| option121 | Option 121 DHCP option 121 to define classless static routes. Once Option 121 was defined, Option 249 will be auto-generated because they are equivalent. |
DhcpOption121 | |
| others | Generic DHCP options other than option 121 To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. -------------------------- Code Name -------------------------- 2 Time Offset 6 Domain Name Server 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time |
array of GenericDhcpOption | Minimum items: 0 Maximum items: 255 |
DhcpProfile (schema) (Deprecated)
DHCP profile to specify edge cluster and members
DHCP profile to specify edge cluster and members on which the dhcp server
will run. A DhcpProfile can be referenced by different logical DHCP servers.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| edge_cluster_id | Edge cluster uuid Edge cluster uuid on which the referencing logical DHCP server runs. |
string | Required |
| edge_cluster_member_indexes | Edge node indexes The Edge nodes on which the DHCP servers run. If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster. If only one edge node is provided, the DHCP servers will run without HA support. |
array of integer | Minimum items: 0 Maximum items: 2 |
| enable_standby_relocation | Flag to enable standby DHCP server relocation Flag to enable the auto-relocation of standby DHCP Service in case of edge node failure. Only tier 1 and auto placed DHCP servers are considered for the relocation. |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value DhcpProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DhcpProfileListResult (schema) (Deprecated)
A list of DHCP profiles
A paginated list of DHCP profiles.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of DHCP profiles A paginated list of logical DHCP profiles. |
array of DhcpProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpRelayConfig (schema)
DHCP relay configuration
DHCP relay configuration.
Please note, the realized-state of this entity returned by the
"GET /policy/api/v1/infra/realized-state/realized-entity" with this entity
policy-path is irrelevant with the application status of this entity.
Please do not rely on this returned realized-state to determine how this
dhcp-relay-config was applied. The dhcp realization information was
reflected in the realization states of the referencing Segment or T0/T1
gateway.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DhcpRelayConfig | string | |
| server_addresses | DHCP relay addresses DHCP server IP addresses for DHCP relay configuration. Both IPv4 and IPv6 addresses are supported. |
array of IPAddress | Required Maximum items: 8 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DhcpRelayConfigListResult (schema)
Paged collection of DhcpRelayConfigs
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | DhcpRelayConfig results | array of DhcpRelayConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpRelayProfile (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value DhcpRelayProfile | string | |
| server_addresses | array of IPAddress | Required | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DhcpRelayProfileListResult (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Dhcp relay profile list results | array of DhcpRelayProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpRelayService (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| dhcp_relay_profile_id | dhcp relay profile referenced by the dhcp relay service | string | Required |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value DhcpRelayService | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DhcpRelayServiceListResult (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Dhcp relay service list results | array of DhcpRelayService | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpServerConfig (schema)
DHCP server configuration
DHCP server configuration.
Please note, the realized-state of this entity returned by the
"GET /policy/api/v1/infra/realized-state/realized-entity" with this entity
policy-path is irrelevant with the application status of this entity.
Please do not rely on this returned realized-state to determine how this
dhcp-server-config was applied. The dhcp realization information was
reflected in the realization states of the referencing Segment or T0/T1
gateway.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| edge_cluster_path | Edge cluster path or label of type PolicyEdgeCluster The reference to the edge cluster using the policy path of the edge cluster or label of type PolicyEdgeCluster. Auto assigned if only one edge cluster is configured on enforcement-point. Modifying edge cluster will reallocate DHCP server to the new edge cluster. Please note that re-allocating edge-cluster will result in losing of all exisitng DHCP lease information. Change edge cluster only when losing DHCP leases is not a real problem, e.g. cross-site migration or failover and all client hosts will be reboot and get new IP addresses. |
string | |
| enable_standby_relocation | Stand-By Relocation If no "preferred-edge-paths" were defined, and the "enable-standby-relocation"=true, once a new edge-node was added to the edge-cluster, the stand-by node of the DHCP could possibly be moved to another edge-node. But there is no guarantee that the stand-by will be moved. Please note, if the dhcp-server-config was applied to a gateway, and this gateway has defined its own edge-cluster and preferred edge-nodes, then the edge-cluster and nodes defined in dhcp-server-config will be ignored. |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| lease_time | IP address lease time in seconds IP address lease time in seconds. |
integer | Deprecated Minimum: 60 Maximum: 4294967295 Default: "86400" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| preferred_edge_paths | Edge node path Policy paths to edge nodes on which the DHCP servers run. The first edge node is assigned as active edge, and second one as stanby edge. If only one edge node is specified, the DHCP servers will run without HA support. When this property is not specified, edge nodes are auto-assigned during realization of the DHCP server. |
array of string | Maximum items: 2 |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DhcpServerConfig | string | |
| server_address | DHCP server address in CIDR format DHCP server address in CIDR format. Prefix length should be less than or equal to 30. DHCP server is deployed as DHCP relay service. This property is deprecated, use server_addresses instead. Both properties cannot be specified together with different new values. |
string | Deprecated Format: ip-cidr-block |
| server_addresses | DHCP server address in CIDR format DHCP server address in CIDR format. Both IPv4 and IPv6 address families are supported. Prefix length should be less than or equal to 30 for IPv4 address family and less than or equal to 126 for IPv6. When not specified, IPv4 value is auto-assigned to 100.96.0.1/30. Ignored when this object is configured at a Segment. |
array of string | Maximum items: 2 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DhcpServerConfigListResult (schema)
Paged collection of DhcpServerConfigs
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | DhcpServerConfig results | array of DhcpServerConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpServerLeaseRequestParameters (schema)
DHCP server lease request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| address | IP or MAC address IP address, IP range or MAC address to retrieve specific lease information. Either a "address" or a "segment_path" can be provided, but not both in the same call. |
string | |
| connectivity_path | String Path of Tier0, Tier1 or Segment String Path of Tier0, Tier1 or Segment where DHCP server is deployed. Specify Tier0/Tier1 gateway path for DHCP server attached to the gateway. Segment path must be specified for local DHCP server configuration. |
string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point Enforcement point path. Required when multiple enforcement points are configured. |
string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| segment_path | Segment path to retrieve lease information Segment path to retrieve lease information. Either a "address" or a "segment_path" can be provided, but not both in the same call. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| source | The data source The data source, either realtime or cached. If not provided, cached data is returned. |
DataSourceType |
DhcpServerRequestParameters (schema)
DHCP server list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| connectivity_path | String Path of Tier0, Tier1 or Segment String Path of Tier0, Tier1 or Segment where DHCP server is deployed. Specify Tier0/Tier1 gateway path for DHCP server attached to the gateway. Segment path must be specified for local DHCP server configuration. |
string | Required |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point Enforcement point path. Required when multiple enforcement points are configured. |
string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DhcpServerState (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
DhcpServerStatistics (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| acks | The total number of DHCP ACK packets | integer | Required |
| declines | The total number of DHCP DECLINE packets | integer | Required |
| dhcp_server_id | dhcp server uuid | string | Required |
| discovers | The total number of DHCP DISCOVER packets | integer | Required |
| errors | The total number of DHCP errors | integer | Required |
| informs | The total number of DHCP INFORM packets | integer | Required |
| ip_pool_stats | The DHCP ip pool usage statistics | array of DhcpIpPoolUsage | |
| nacks | The total number of DHCP NACK packets | integer | Required |
| offers | The total number of DHCP OFFER packets | integer | Required |
| releases | The total number of DHCP RELEASE packets | integer | Required |
| requests | The total number of DHCP REQUEST packets | integer | Required |
| timestamp | timestamp of the statistics | EpochMsTimestamp | Required |
DhcpServerStatus (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_node | uuid of active transport node | string | Required |
| error_message | Error message, if available | string | |
| service_status | UP means the dhcp service is working fine on both active transport-node
and stand-by transport-node (if have), hence fail-over can work at this time if there is failure happens on one of the transport-node; DOWN means the dhcp service is down on both active transport-node and stand-by node (if have), hence the dhcp-service will not repsonse any dhcp request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The dhcp service may be working (or not working); NO_STANDBY means dhcp service is working in one of the transport node while not in the other transport-node (if have). Hence if the dhcp service in the working transport-node is down, fail-over will not happen and the dhcp service will go down. |
string | Required Enum: UP, DOWN, ERROR, NO_STANDBY |
| stand_by_node | uuid of stand_by transport node. null if non-HA mode | string |
DhcpStaticBinding (schema) (Deprecated)
DHCP static binding
DHCP static binding to define a static ip allocation.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| gateway_ip | Gateway ip Gateway ip address of the allocation. |
IPAddress | |
| host_name | Host name The host name to be assigned to the host. |
string | Format: hostname |
| id | Unique identifier of this resource | string | Sortable |
| ip_address | Ip address The ip address to be assigned to the host. |
IPAddress | Required |
| lease_time | Lease time Lease time, in seconds, [60-(2^32-1)]. Default is 86400. |
integer | Minimum: 60 Maximum: 4294967295 Default: "86400" |
| mac_address | MAC address The MAC address of the host. |
MACAddress | Required |
| options | DHCP options If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level. |
DhcpOptions | |
| resource_type | Must be set to the value DhcpStaticBinding | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DhcpStaticBindingConfig (schema)
Base class for DHCP options
DHCP IPv4 and IPv6 static bindings are extended from this abstract class.
This is an abstract type. Concrete child types:
DhcpV4StaticBindingConfig
DhcpV6StaticBindingConfig
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DhcpStaticBindingConfig | string | Required Enum: DhcpV4StaticBindingConfig, DhcpV6StaticBindingConfig |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DhcpStaticBindingConfigListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of DhcpStaticBindingConfig | array of DhcpStaticBindingConfig (Abstract type: pass one of the following concrete types) DhcpV4StaticBindingConfig DhcpV6StaticBindingConfig |
Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpStaticBindingListResult (schema) (Deprecated)
A list of DHCP static bindings
A paginated list of DHCP static bindings.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of DHCP static bindings A paginated list of DHCP static bindings. |
array of DhcpStaticBinding | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpStaticBindingState (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
DhcpStatistics (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| acks | The total number of DHCP ACK packets | integer | Required |
| declines | The total number of DHCP DECLINE packets | integer | Required |
| dhcp_server_id | dhcp server uuid | string | Required |
| discovers | The total number of DHCP DISCOVER packets | integer | Required |
| errors | The total number of DHCP errors | integer | Required |
| informs | The total number of DHCP INFORM packets | integer | Required |
| ip_pool_stats | The DHCP ip pool usage statistics | array of DhcpIpPoolUsage | |
| nacks | The total number of DHCP NACK packets | integer | Required |
| offers | The total number of DHCP OFFER packets | integer | Required |
| releases | The total number of DHCP RELEASE packets | integer | Required |
| requests | The total number of DHCP REQUEST packets | integer | Required |
| timestamp | timestamp of the statistics | EpochMsTimestamp | Required |
DhcpV4Options (schema)
DHCP options for IPv4 address family
DHCP options for IPv4 server.
| Name | Description | Type | Notes |
|---|---|---|---|
| option121 | DHCP option 121 DHCP option 121 to define classless static routes. |
DhcpOption121 | |
| others | Other DHCP options To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. -------------------------- Code Name -------------------------- 2 Time Offset 6 Domain Name Server 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time |
array of GenericDhcpOption | Minimum items: 0 Maximum items: 255 |
DhcpV4StaticBindingConfig (schema)
DHCP static binding
DHCP IPv4 static bindings are configured for each segment.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| gateway_address | Gateway IP address When not specified, gateway address is auto-assigned from segment configuration. |
IPv4Address | |
| host_name | Host name Hostname to assign to the host. |
string | Maximum length: 63 |
| id | Unique identifier of this resource | string | Sortable |
| ip_address | IP assigned to host IP assigned to host. The IP address must belong to the subnet, if any, configured on Segment. |
IPv4Address | Required |
| lease_time | Lease time DHCP lease time in seconds. |
integer | Minimum: 60 Maximum: 4294967295 Default: "86400" |
| mac_address | MAC address of host MAC address of the host. |
MACAddress | Required |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| options | DHCP options IPv4 DHCP options. |
DhcpV4Options | |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DhcpV4StaticBindingConfig | string | Required Enum: DhcpV4StaticBindingConfig, DhcpV6StaticBindingConfig |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DhcpV6InfoBase (schema) (Deprecated)
Base type of IPv6 ip-allocation
Base type of IPv6 ip-allocation extended by ip-pool and static-binding.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_nameservers | DNS ips Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property. |
array of IPv6Address | Minimum items: 0 Maximum items: 2 |
| domain_names | Domain name Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property. |
array of string | |
| id | Unique identifier of this resource | string | Sortable |
| lease_time | Lease time Lease time, in seconds. |
integer | Minimum: 60 Maximum: 4294967295 Default: "86400" |
| preferred_time | Preferred time Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used. |
integer | Minimum: 48 Maximum: 4294967295 |
| resource_type | Must be set to the value DhcpV6InfoBase | string | |
| sntp_servers | SNTP server ips SNTP server ips. |
array of IPv6Address | Minimum items: 0 Maximum items: 2 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DhcpV6IpPool (schema) (Deprecated)
DHCP IPv6 ip pool
DHCP IPv6 ip pool to define dynamic ip allocation ranges.
The DhcpV6IpPool would only provide stateless DHCP (domain search list,
DNS servers, SNTP servers) to client if both the ranges and excluded_ranges
are not specified.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_nameservers | DNS ips Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property. |
array of IPv6Address | Minimum items: 0 Maximum items: 2 |
| domain_names | Domain name Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property. |
array of string | |
| excluded_ranges | Excluded range of IPv6 addresses Excluded addresses to define dynamic ip allocation ranges. |
array of IpPoolRange | Minimum items: 0 Maximum items: 128 |
| id | Unique identifier of this resource | string | Sortable |
| lease_time | Lease time Lease time, in seconds. |
integer | Minimum: 60 Maximum: 4294967295 Default: "86400" |
| preferred_time | Preferred time Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used. |
integer | Minimum: 48 Maximum: 4294967295 |
| ranges | Ip address ranges Ip address ranges to define dynamic ip allocation ranges. |
array of IpPoolRange | Minimum items: 0 Maximum items: 128 |
| resource_type | Must be set to the value DhcpV6IpPool | string | |
| sntp_servers | SNTP server ips SNTP server ips. |
array of IPv6Address | Minimum items: 0 Maximum items: 2 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DhcpV6IpPoolListResult (schema) (Deprecated)
A list of DHCP IPv6 ip pools
A paginated list of DHCP IPv6 ip pools.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of DHCP IPv6 ip pools A paginated list of DHCP IPv6 ip pools. |
array of DhcpV6IpPool | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DhcpV6Lease (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| duid | DHCP unique identifier | string | Required |
| expire_time | expire time of the lease | string | |
| ia_type | identity association type | string | Required Enum: IA_INVALID, IA_NA, IA_TA, IA_PD |
| iaid | An identifier for an IA | integer | Required |
| ip_addresses | ip addresses of client | array of string | Minimum items: 0 Maximum items: 65535 |
| lease_time | lease time of the ip address, in seconds | string | |
| start_time | start time of lease | string | Required |
DhcpV6StaticBinding (schema) (Deprecated)
DHCP IPv6 static binding
DHCP IPv6 static binding to define a static ip allocation.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_nameservers | DNS ips Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property. |
array of IPv6Address | Minimum items: 0 Maximum items: 2 |
| domain_names | Domain name Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property. |
array of string | |
| id | Unique identifier of this resource | string | Sortable |
| ip_addresses | Ip address list When not specified, no ip address will be assigned to client host. |
array of IPv6Address | Minimum items: 0 Maximum items: 1 |
| lease_time | Lease time Lease time, in seconds. |
integer | Minimum: 60 Maximum: 4294967295 Default: "86400" |
| mac_address | MAC address The MAC address of the host. Either client-duid or mac-address, but not both. |
MACAddress | |
| preferred_time | Preferred time Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used. |
integer | Minimum: 48 Maximum: 4294967295 |
| resource_type | Must be set to the value DhcpV6StaticBinding | string | |
| sntp_servers | SNTP server ips SNTP server ips. |
array of IPv6Address | Minimum items: 0 Maximum items: 2 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DhcpV6StaticBindingConfig (schema)
DHCP static binding
DHCP IPv6 static bindings are configured for each segment.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_nameservers | DNS nameservers to be set to client host When not specified, no DNS nameserver will be set to client host. |
array of string | Minimum items: 0 Maximum items: 2 |
| domain_names | Domain names to be assigned to client host When not specified, no domain name will be assigned to client host. |
array of string | |
| id | Unique identifier of this resource | string | Sortable |
| ip_addresses | IP addresses to be assigned to client host When not specified, no ip address will be assigned to client host. |
array of IPv6Address | Minimum items: 0 Maximum items: 1 |
| lease_time | Lease time Lease time, in seconds. |
integer | Minimum: 60 Maximum: 4294967295 Default: "86400" |
| mac_address | MAC address The MAC address of the client host. Either client-duid or mac-address, but not both. |
MACAddress | Required |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| preferred_time | Preferred time Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used. |
integer | Minimum: 48 Maximum: 4294967295 |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DhcpV6StaticBindingConfig | string | Required Enum: DhcpV4StaticBindingConfig, DhcpV6StaticBindingConfig |
| sntp_servers | SNTP server ips SNTP server IP addresses. |
array of IPv6Address | Minimum items: 0 Maximum items: 2 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DhcpV6StaticBindingListResult (schema) (Deprecated)
A list of DHCP IPv6 static bindings
A paginated list of DHCP IPv6 static bindings.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of DHCP IPv6 static bindings A paginated list of DHCP IPv6 static bindings. |
array of DhcpV6StaticBinding | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
Dhcpv6Header (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| msg_type | DHCP message type This is used to specify the DHCP v6 message. To request the assignment of one or more IPv6 addresses, a client first locates a DHCP server and then requests the assignment of addresses and other configuration information from the server. The client sends a Solicit message to the All_DHCP_Relay_Agents_and_Servers address to find available DHCP servers. Any server that can meet the client's requirements responds with an Advertise message. The client then chooses one of the servers and sends a Request message to the server asking for confirmed assignment of addresses and other configuration information. The server responds with a Reply message that contains the confirmed addresses and configuration. SOLICIT - A client sends a Solicit message to locate servers. ADVERTISE - A server sends and Advertise message to indicate that it is available. REQUEST - A client sends a Request message to request configuration parameters. REPLY - A server sends a Reply message containing assigned addresses and configuration parameters. |
string | Enum: SOLICIT, ADVERTISE, REQUEST, REPLY Default: "SOLICIT" |
DirectionType (schema) (Deprecated)
port mirroring direction
| Name | Description | Type | Notes |
|---|---|---|---|
| DirectionType | port mirroring direction | string | Deprecated Enum: INGRESS, EGRESS, BIDIRECTIONAL Default: "BIDIRECTIONAL" |
DirectoryAdDomain (schema)
Active Directory Domain
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| base_distinguished_name | Directory domain base distinguished name Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head. |
string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| event_log_servers | Event Log server of directory domain Directory domain Event Log server's information including host, name, protocol and so on. |
array of DirectoryEventLogServer | Readonly Maximum items: 50 |
| id | Unique identifier of this resource | string | Sortable |
| ldap_servers | LDAP server of directory domain Directory domain LDAP servers' information including host, name, port, protocol and so on. |
array of DirectoryLdapServer | Required Maximum items: 50 |
| name | Directory domain name Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains. |
string | Required |
| netbios_name | Directory domain NETBIOS name NetBIOS names can contain all alphanumeric characters except for the certain disallowed characters. Names can contain a period, but names cannot start with a period. NetBIOS is similar to DNS in that it can serve as a directory service, but more limited as it has no provisions for a name hierarchy and names are limited to 15 characters. The netbios name is case insensitive and is stored in upper case regardless of input case. |
string | Required |
| resource_type | Must be set to the value DirectoryAdDomain | string | Required Enum: DirectoryAdDomain |
| selective_sync_settings | SelectiveSync settings SelectiveSync settings toggle the SelectiveSync feature and selected OrgUnits. If this is not specified, SelectiveSync is disabled by default. |
SelectiveSyncSettings | |
| sync_settings | Directory domain sync settings Each domain sync settings can be changed using this object. It is not required since there are default values used if there is no specification for this object. |
DirectoryDomainSyncSettings | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DirectoryAdGroup (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| distinguished_name | Directory group distinguished name | string | Required |
| domain_id | Domain id Domain ID this directory group belongs to. |
string | Required |
| domain_name | Directory domain distinguished name Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head. |
string | Required |
| domain_sync_node_id | Domain synchronization root node id Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set. |
string | |
| id | Unique identifier of this resource | string | Sortable |
| object_guid | Active directory group object guid GUID is a 128-bit value that is unique not only in the enterprise but also across the world. GUIDs are assigned to every object created by Active Directory, not just User and Group objects. |
string | Required |
| resource_type | Must be set to the value DirectoryAdGroup | string | Required |
| secure_id | Active directory group secure id A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components - The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID. |
string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DirectoryDomain (schema)
Directory Domain
This is an abstract type. Concrete child types:
DirectoryAdDomain
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| event_log_servers | Event Log server of directory domain Directory domain Event Log server's information including host, name, protocol and so on. |
array of DirectoryEventLogServer | Readonly Maximum items: 50 |
| id | Unique identifier of this resource | string | Sortable |
| ldap_servers | LDAP server of directory domain Directory domain LDAP servers' information including host, name, port, protocol and so on. |
array of DirectoryLdapServer | Required Maximum items: 50 |
| name | Directory domain name Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains. |
string | Required |
| resource_type | Must be set to the value DirectoryDomain | string | Required Enum: DirectoryAdDomain |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DirectoryDomainListResults (schema)
List of Directory Domain
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Directory Domains | array of DirectoryDomain (Abstract type: pass one of the following concrete types) DirectoryAdDomain |
Required Maximum items: 500 |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DirectoryDomainSize (schema)
Size of Directory Domain
| Name | Description | Type | Notes |
|---|---|---|---|
| group_count | Number of groups | int | Readonly |
| group_member_count | Number of group members | int | Readonly |
| user_count | Number of users | int | Readonly |
DirectoryDomainSyncRequest (schema)
Directory domain synchronization request
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Sync type requested Sync type could be either FULL sync or DELTA sync. The full sync fetches all the objects under the configured sync nodes while delta sync will get the changed objects from previous sync time. |
string | Required Enum: FULL_SYNC, DELTA_SYNC, STOP_SYNC |
| delay | Request to execute the sync with some delay in seconds The delay can be added to execute the sync action in the future. |
integer | Minimum: 0 Default: "0" |
DirectoryDomainSyncSettings (schema)
Domain synchronization settings
| Name | Description | Type | Notes |
|---|---|---|---|
| delta_sync_interval | Delta synchronization inverval in minutes Directory domain delta synchronization interval time between two delta sync in minutes. |
integer | Minimum: 5 Maximum: 720 Default: "180" |
| full_sync_cron_expr | Full synchronization cron expression Directory domain full synchronization schedule using cron expression. For example, cron expression "0 0 12 ? * SUN *" means full sync is scheduled every Sunday midnight. If this object is null, it means there is no background cron job running for full sync. |
string | |
| sync_delay_in_sec | Sync delay (in second). Sync delay after Directory domain has been successfully created. if delay is -1, initial full sync will not be triggered. |
int | Minimum: -1 Maximum: 600 Default: "30" |
DirectoryDomainSyncStats (schema)
Directory domain synchronization statistics
| Name | Description | Type | Notes |
|---|---|---|---|
| avg_delta_sync_time | Average time spent for all historical delta sync All the historical delta sync are counted in calculating the average delta sync time in milliseconds. |
integer | Readonly |
| avg_full_sync_time | Average time spent for all historical full sync All the historical full sync are counted in calculating the average full sync time in milliseconds. |
integer | Readonly |
| current_state | Current state of directory domain sync context Current running state of the directory domain in synchronization life cycle. It could be one of the following five states. SELECTIVE_FULL_SYNC and SELECTIVE_DELTA_SYNC are sync states for selective sync. |
string | Required Readonly Enum: IDLE, FULL_SYNC, DELTA_SYNC, SELECTIVE_FULL_SYNC, SELECTIVE_DELTA_SYNC |
| current_state_begin_time | Current state elapsed time Since what time the current state has begun. The time is expressed in millisecond epoch time. |
EpochMsTimestamp | Required Readonly |
| num_delta_sync | Total number of successful delta sync number of successful historical delta sync initiated either by system or by API request. |
integer | Readonly |
| num_full_sync | Total number of successful full sync number of successful historical full sync initiated either by system or by API request. |
integer | Readonly |
| prev_sync_end_time | Previous sync ended time Directory domain previous sync ending time expressed in millisecond epoch time. |
EpochMsTimestamp | Required Readonly |
| prev_sync_error | Previous sync error Directory domain previous sync status error if last status was failure. |
string | Readonly |
| prev_sync_status | Previous sync status Directory domain previous sync status. It could be one of the following two states. |
string | Required Readonly Enum: SUCCESS, FAILURE, UNKNOWN |
| prev_sync_type | Previous sync type Directory domain previous sync type. It could be one of the following five states. Right after the directory domain is configured, this field is set to IDLE. |
string | Required Readonly Enum: IDLE, FULL_SYNC, DELTA_SYNC, SELECTIVE_FULL_SYNC, SELECTIVE_DELTA_SYNC |
DirectoryDomanDeleteRequestParameters (schema)
Directory domain delete request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| force | Force delete the resource even if it is being used somewhere
If true, deleting the resource succeeds even if it is being referred as a resource reference. |
boolean | Default: "False" |
DirectoryEventLogServer (schema)
Event log server of directory domain
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| domain_name | Directory domain name Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains. |
string | |
| host | Event log server host name Directory Event Log server DNS host name or ip address which is reachable by NSX manager to be connected and do event fetching. |
string | Required Format: hostname-or-ip |
| id | Unique identifier of this resource | string | Sortable |
| password | Event log server password Directory event log server connection password. |
secure_string | |
| resource_type | Must be set to the value DirectoryEventLogServer | string | |
| status | Event log server connection status Event log server connection status object |
DirectoryEventLogServerStatus | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| username | Event log server username Directory event log server connection user name. |
string |
DirectoryEventLogServerStatus (schema)
Event log server connection status
| Name | Description | Type | Notes |
|---|---|---|---|
| error_message | Additional optional detail error message | string | Readonly |
| last_event_record_id | Last event record ID Last event record ID is an opaque integer value that shows the last successfully received event from event log server. |
integer | Readonly |
| last_event_time_created | Time when last event record ID was received Time of last successfully received and record event from event log server. |
EpochMsTimestamp | Readonly |
| last_polling_time | Last polling time | EpochMsTimestamp | Readonly |
| status | Current connection status of event log server Connection status: OK: All OK ERROR: Generic error |
string | Required Readonly Enum: OK, ERROR |
DirectoryGroup (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| distinguished_name | Directory group distinguished name | string | Required |
| domain_id | Domain id Domain ID this directory group belongs to. |
string | Required |
| domain_name | Directory domain distinguished name Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head. |
string | Required |
| domain_sync_node_id | Domain synchronization root node id Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set. |
string | |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value DirectoryGroup | string | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DirectoryGroupListResults (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Directory group list | array of DirectoryGroup (Abstract type: pass one of the following concrete types) DirectoryAdGroup DirectoryGroup |
Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DirectoryGroupMember (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| group_distinguished_name | Group distinguished name Directory group distinguished name this group member belongs to. |
string | Required |
| group_id | Group identifier Directory group id this group member belongs to |
string | Required |
| id | Unique identifier of this resource | string | Sortable |
| member_group_distinguished_name | Member group distinguished name Directory group name this group member owns |
string | Required |
| member_group_id | Member group identifier Directory group id this group member owns |
string | Required |
| nested | Nesting flag Whether this member group is a directory member of the parent group speicified by group_id or a nested member group which parent group is also member group of the parent group speicified by group_id. |
boolean | Required |
| resource_type | Must be set to the value DirectoryGroupMember | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DirectoryGroupMemberListResults (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Directory group member list | array of DirectoryGroupMember | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DirectoryLdapServer (schema)
LDAP server of directory domain
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| domain_name | Directory domain name Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains. |
string | |
| host | LDAP server host name Directory LDAP server DNS host name or ip address which is reachable by NSX manager to be connected and do object synchronization. |
string | Required Format: hostname-or-ip |
| id | Unique identifier of this resource | string | Sortable |
| password | LDAP server password Directory LDAP server connection password. |
secure_string | |
| port | LDAP server TCP/UDP port Directory LDAP server connection TCP/UDP port. |
integer | Default: "389" |
| protocol | LDAP server protocol Directory LDAP server connection protocol which is either LDAP or LDAPS. |
string | Enum: LDAP, LDAPS Default: "LDAP" |
| resource_type | Must be set to the value DirectoryLdapServer | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| thumbprint | LDAP server certificate thumbprint using SHA-256 algorithm Directory LDAP server certificate thumbprint used in secure LDAPS connection. |
string | |
| username | LDAP server username Directory LDAP server connection user name. |
string |
DirectoryLdapServerListResults (schema)
List of directory domain LDAP servers
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of directory domain LDAP servers | array of DirectoryLdapServer | Required Maximum items: 50 |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DirectoryLdapServerStatus (schema)
Status LDAP server of directory domain
| Name | Description | Type | Notes |
|---|---|---|---|
| error_id | Error ID of the directory LDAP server status Error ID of the directory LDAP server status maintained by the NSX directory service. |
integer | |
| error_message | Error message of the directory LDAP server status Error message of the directory LDAP server status maintained by the NSX directory service. |
string |
DirectoryLdapServerTestParameters (schema)
Parameters for performing LDAP server test
| Name | Description | Type | Notes |
|---|---|---|---|
| action | LDAP server test requested Type of LDAP server test to perform. |
string | Required Enum: CONNECTIVITY |
DirectoryOrgUnit (schema)
Organization Unit
| Name | Description | Type | Notes |
|---|---|---|---|
| children | List of children Organization Units List of children Organization Units if any. |
array of DirectoryOrgUnit | Required Maximum items: 500 |
| distinguished_name | Distinguished name Distinguished name of the organization unit. |
string | Required |
| name | Organization Unit name Organization Unit name. |
string | Required |
DirectoryOrgUnitListResults (schema)
List of organization units
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of Organization Units | array of DirectoryOrgUnit | Required Maximum items: 500 |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DirectorySearchFilterValue (schema)
Searching domain entities using a matching filter value
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| filter_value | Name search filter value Search filter value is a substring match pattern only which the target entity contains. It is case insentive and doesn't allow wildcard. |
string | Required |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DisconnectBridgeWorkflowSpec (schema)
Disconnect bridge workflow spec
Disconnect bridge workflow spec.
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_profile_path | Bridge profile path Bridge profile path used to find the bridge config in the segment to be removed. |
string | Required |
| segment_path | Segment path Path of the segment from which the bridge config specified by the property "bridge_profile_path" will be removed. |
string | Required |
| type | Must be set to the value DisconnectBridgeWorkflowSpec | WorkflowSpecType | Required |
DiscoveredNode (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| boot_bank_volume_details | BOOTBANK volume Info BOOTBANK volume details for the host. |
array of BootBankVolumeInfo | |
| certificate | Certificate of the discovered node | string | |
| cm_local_id | Local Id of the discovered node in the Compute Manager | string | Required Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External id of the discovered node, ex. a mo-ref from VC | string | Required Readonly |
| hardware_id | Hardware Id of the discovered node Hardware Id is generated using system hardware info. It is used to retrieve fabric node of the esx. |
string | Readonly |
| ip_addresses | IP Addresses of the the discovered node. | array of IPAddress | Required Readonly |
| node_type | Discovered Node type like Host | string | Required Readonly |
| origin_id | Id of the compute manager from where this node was discovered | string | Required Readonly |
| origin_properties | Key-Value map of additional specific properties of discovered node in the Compute Manager | array of KeyValuePair | Readonly |
| os_type | OS type of the discovered node | string | Readonly |
| os_version | OS version of the discovered node | string | Readonly |
| owner_nsx | Specifies owner nsx of the discovered node Specifies owner nsx of the discovered node. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when discovered node prepared by that nsx. OTHER applies to when discovered node prepared by other nsx. MULTIPLE applies to when discovered node tried to prepare by multiple nsx at a time. NONE applies to when discovered node is not prepared by any nsx. |
string | Readonly Enum: SELF, OTHER, MULTIPLE, NONE |
| parent_compute_collection | External id of the compute collection to which this node belongs | string | Readonly |
| patch_level | Product patch level Product patch level for the host. |
string | |
| pnic_details | PNIC details PNIC details for the host. |
array of PnicDetail | |
| resource_type | Must be set to the value DiscoveredNode | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| stateless | Specifies whether host is stateless The stateless property describes whether host persists its state across reboot or not. If state persists, value is set as false otherwise true. |
boolean | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DiscoveredNodeInterfaceProperties (schema)
Discovered node network interface properties
Network interface properties of discovered node
| Name | Description | Type | Notes |
|---|---|---|---|
| connected_switch | Connected switch Switch name which is connected to nic, switch can be opaque, proxyHostSwitch or virtual |
string | |
| connected_switch_type | Type of virtual switch Type of virtual switch can be VSS, DVS or N-VDS. |
string | Enum: VSS, DVS, N-VDS |
| interface_id | Interface ID Id of the network interface |
string | |
| physical_address | Interface MAC address Mac address of the interface |
MACAddress |
DiscoveredNodeListRequestParameters (schema)
Discovered Node list parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cm_local_id | Local Id of the discovered node in the Compute Manager | string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| display_name | Display name of discovered node | string | |
| external_id | External id of the discovered node, ex. a mo-ref from VC | string | |
| has_parent | Discovered node has a parent compute collection or is a standalone host | string | Enum: true, false |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| ip_address | IP address of the discovered node | string | |
| node_id | Id of the fabric node created from the discovered node | string | |
| node_type | Discovered Node type like HostNode | string | |
| origin_id | Id of the compute manager from where this node was discovered | string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| parent_compute_collection | External id of the compute collection to which this node belongs | string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DiscoveredNodeListResult (schema)
Discovered Node list result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Discovered Node list results | array of DiscoveredNode | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DiscoveredNodeNetworkInterfaces (schema)
Discovered node network interfaces
All the network interfaces of the discovered node
| Name | Description | Type | Notes |
|---|---|---|---|
| discovered_node_id | Discovered node Id Id of the discovered node |
string | Required |
| network_interfaces | Discovered Node interfaces Network interfaces of the node |
array of DiscoveredNodeInterfaceProperties |
DiscoveredResource (schema)
Base class for resources that are discovered and automatically updated
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| resource_type | The type of this resource. | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DiscoveredResourceAssociation (schema)
Association for discovered resource
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| discovered_resource_type | Type of the discovered resource Type of the discovered resource for which association is being configured. |
string | Required Enum: VirtualMachine, ComputeCollection |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External id of the discovered resource External id of the discovered resource for which association is being configured. |
string | Required |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value DiscoveredResourceAssociation | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DiscoveredResourceAssociationListRequestParameters (schema)
List request parameters for discovered resource associations
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| discovered_resource_external_id | External id of the discovered resource External id of the discovered resource for which association is being queried. |
string | |
| discovered_resource_type | Type of the discovered resource Type of the discovered resource for which association is being queried. |
string | Enum: VirtualMachine, ComputeCollection |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DiscoveredResourceScope (schema)
Scope of discovered resource
| Name | Description | Type | Notes |
|---|---|---|---|
| scope_id | Scope Id of scope for discovered resource Specifies the scope id of discovered resource. |
string | |
| scope_type | Type of scope Type of the scope for the discovered resource. |
string | Enum: CONTAINER_CLUSTER, VPC |
DiscoveredVifListParameters (schema)
Segment list parameters
The parameters to fetch the discovered VIF state.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| host_switch_id | VDS identifier Host switch id. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| segment_id | Segment identifier Segment id. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DiscoveredVifState (schema)
Discovered Vif State
State of VIFs connected to discovered segment on the TransportNode.
| Name | Description | Type | Notes |
|---|---|---|---|
| error_msg | Error message Error encountered during segment port creation for the discovered VIF. |
string | |
| id | VIF Id Id of discovered VIF. |
string | Required |
| segment_path | Path of the discovered segment Segment path related with discovered VIF. |
string | Required |
| segment_port_path | Path of the segment port SegmentPort path related with discovered VIF. |
string | Required |
| state | Discovered VIF State The state of specific discovered VIF. |
string | Enum: PENDING, ATTACHMENT_IN_PROGRESS, ATTACHMENT_SUCCESS, ATTACHMENT_FAILED |
DiscoveredVifStateListResult (schema)
Segment queries result
Array of result of discovered VIF state result.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Discovered Segment Results | array of DiscoveredVifState | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DiscoveryProfileBindingMap (schema)
Base Discovery Profile Binding Map
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DiscoveryProfileBindingMap | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DiskProvisioning (schema)
Disk provisioning type
Disk provisioning type for deploying VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| DiskProvisioning | Disk provisioning type Disk provisioning type for deploying VM. |
string | Required Enum: THIN, LAZY_ZEROED_THICK, EAGER_ZEROED_THICK |
DistributedFirewall (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| alg_handler_drops | alg handler error. | integer | |
| bad_offset_drops | bad-offset. | integer | |
| bad_timestamp_drops | bad-timestamp. | integer | |
| congestion_drops | congestion. | integer | |
| fragment_drops | fragment. | integer | |
| handshake_error_drops | 3wh error. | integer | |
| icmp_err_pkt_drops | icmp errpkt drop. | integer | |
| icmp_error_drops | icmp error. | integer | |
| icmp_flood_overlimit_drops | ICMP flood overlimit. | integer | |
| ignored_offloaded_fpdrops | Ignored offloaded FP. | integer | |
| ignored_offloaded_spdrops | Ignored offloaded SP. | integer | |
| ip_option_drops | ip-option. | integer | |
| l7_alert_drops | L7 alert. | integer | |
| l7_attr_error_drops | L7 attr error. | integer | |
| l7_pending_misc | L7 pending. | integer | |
| lb_reject_drops | LB Reject. | integer | |
| match_drop_rule_rx_drops | Rx pkts dropped by hitting drop/reject rule. | integer | |
| match_drop_rule_tx_drops | Tx pkts dropped by hitting drop/reject rule. | integer | |
| memory_drops | memory. | integer | |
| normalize_drops | normalize. | integer | |
| other_flood_overlimit_drops | OTHER flood overlimit. | integer | |
| pkts_frag_queued_v4_misc | pkts-frag-queued-v4. | integer | |
| pkts_frag_queued_v6_misc | pkts-frag-queued-v6. | integer | |
| proto_cksum_drops | proto-cksum. | integer | |
| rx_ipv4_drop_pkts | Received IPv4 drop packets. | integer | |
| rx_ipv4_reject_pkts | Received IPv4 reject packets. | integer | |
| rx_ipv6_drop_pkts | Received IPv6 drop packets. | integer | |
| rx_ipv6_reject_pkts | Received IPv6 reject packets. | integer | |
| rx_l2_drop_pkts | Received layer 2 drop packets. | integer | |
| seqno_bad_ack_drops | seqno bad ack. | integer | |
| seqno_gt_max_ack_drops | seqno gt maxack. | integer | |
| seqno_lt_minack_drops | seqno lt minack. | integer | |
| seqno_old_ack_drops | seqno old ack. | integer | |
| seqno_old_retrans_drops | seqno old retrans. | integer | |
| seqno_outside_window_drops | seqno outside window. | integer | |
| short_drops | short. | integer | |
| spoof_guard_drops | spoofguard. | integer | |
| src_limit_misc | src-limit. | integer | |
| state_insert_drops | state-insert. | integer | |
| state_limit_drops | state-limit. | integer | |
| state_mismatch_drops | state-mismatch. | integer | |
| strict_no_syn_drops | strict no syn. | integer | |
| syn_expected_drops | SYN Expected. | integer | |
| syn_proxy_drops | synproxy. | integer | |
| tcp_flood_overlimit_drops | TCP flood overlimit. | integer | |
| tx_ipv4_drop_pkts | Sent IPv4 drop packets. | integer | |
| tx_ipv4_reject_pkts | Sent IPv4 reject packets. | integer | |
| tx_ipv6_drop_pkts | Sent IPv6 drop packets. | integer | |
| tx_ipv6_reject_pkts | Sent IPv6 reject packets. | integer | |
| tx_l2_drop_pkts | Sent layer 2 drop packets. | integer | |
| udp_flood_overlimit_drops | UDP flood overlimit. | integer |
DistributedFloodProtectionProfile (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_rst_spoofing | Flag to indicate rst spoofing is enabled If set to true, rst spoofing will be enabled. Flag is used only for distributed firewall profiles. |
boolean | Default: "False" |
| enable_syncache | Flag to indicate syncache is enabled If set to true, sync cache will be enabled. Flag is used only for distributed firewall profiles. |
boolean | Default: "False" |
| icmp_active_flow_limit | Active ICMP connections limit If this field is empty, firewall will not set a limit to active ICMP connections. |
integer | Minimum: 1 Maximum: 1000000 |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| other_active_conn_limit | Timeout after first TN If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections. |
integer | Minimum: 1 Maximum: 1000000 |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DistributedFloodProtectionProfile | FloodProtectionProfileResourceType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_half_open_conn_limit | Active half open TCP connections limit If this field is empty, firewall will not set a limit to half open TCP connections. |
integer | Minimum: 1 Maximum: 1000000 |
| udp_active_flow_limit | Active UDP connections limit If this field is empty, firewall will not set a limit to active UDP connections. |
integer | Minimum: 1 Maximum: 1000000 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DistributedVirtualPortgroup (schema)
Distributed virtual portgroup on a VC
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| backing_type | Backing type for portgroup For distributed virtual portgroup, backing type is standard. For logical switch portgroup, the backing type is set to nsx. |
string | |
| cm_local_id | Id of the portgroup in compute manager Id of the portgroup, eg. a mo-ref from VC. |
string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_id | External id of the virtual portgroup | string | Required Readonly |
| key | Generated UUID of the portgroup | string | |
| origin_type | Portgroup type like DistributedVirtualPortgroup | string | Readonly |
| overall_status | General status of the virtual portgroup This parameters reflects the managed entity status of the portgroup as reported by VC. |
string | Readonly Enum: RED, YELLOW, GREEN, GRAY |
| resource_type | Must be set to the value DistributedVirtualPortgroup | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DistributedVirtualSwitch (schema)
DistributedVirtualSwitch on a VC
| Name | Description | Type | Notes |
|---|---|---|---|
| _last_sync_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cm_local_id | ID of the virtual switch in compute manager | string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| discovered_nodes | Array of discovered nodes connected Array of discovered nodes connected to this switch. |
array of DiscoveredNode | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dpu_failover_policy | Dpu Failover policy for a DVS This specifies the failover policy for a distributed virtual switch from vCenter DVS, specifically related to the Data Processing Unit(DPU). |
DpuFailoverPolicy | Readonly |
| external_id | External id of the virtual switch | string | Required Readonly |
| lacp_group_configs | Array of Link Aggregation Control Protocol (LACP) configuration It contains information about VMware specific multiple dynamic LACP groups. |
array of LacpGroupConfigInfo | |
| network_offload_spec_id | Id of network offload spec Specify the Id of network offload spec. |
string | Readonly |
| origin_id | ID of the compute manager ID of the compute manager where this virtual switch is discovered. |
string | Readonly |
| origin_properties | Key-Value map of additional properties of switch | array of KeyValuePair | Readonly |
| origin_type | Switch type like VmwareDistributedVirtualSwitch | string | Readonly |
| owner_nsx | Specifies owner nsx of the virtual switch Specifies owner nsx of the virtual switch. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when virtual switch owned by that nsx. OTHER applies to whenf virtual switch owned by other nsx. MULTIPLE applies to when virtual switch tried to own by multiple nsx at a time. NONE applies to when virtual switch is not owned by any nsx. |
string | Readonly Enum: SELF, OTHER, MULTIPLE, NONE |
| real_time_config | Real Time Config for a VDS Real time config for VDS which consists of vswitchRT flag and annotations for uplinks. |
RealTimeConfig | Readonly |
| resource_type | Must be set to the value DistributedVirtualSwitch | string | Required |
| scope | List of scopes for discovered resource Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. |
array of DiscoveredResourceScope | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| uplink_port_names | Uplink port names The uniform name of uplink ports on each host. |
array of string | Readonly |
| uplink_portgroup | Uplink portgroup of distributed virtual switch | DistributedVirtualPortgroup | Readonly |
| uuid | UUID of the switch | string | Readonly |
DistributedVirtualSwitchListResult (schema)
Distributed Virtual switch list result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Distributed Virtual switch list | array of DistributedVirtualSwitch | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DnsAnswer (schema) (Deprecated)
Answer of dns nslookup
The response for DNS nslookup.
| Name | Description | Type | Notes |
|---|---|---|---|
| answers | The answers of the query. The answers of the query. |
array of DnsQueryAnswer | Minimum items: 1 Maximum items: 256 |
| authoritative_answers | Authoritative answers Authotitative answers of the query. This is a deprecated property, please use 'answers' instead. |
array of DnsQueryAnswer | Deprecated Minimum items: 1 Maximum items: 256 |
| dns_server | DNS server information Dns server ip address and port, format is "ip address#port". |
string | Required |
| edge_node_id | Edge node id ID of the edge node that performed the query. |
string | Required |
| non_authoritative_answers | Non authoritative answers Non-authotitative answers of the query. This is a deprecated property, please use 'answers' instead. |
array of DnsQueryAnswer | Deprecated Minimum items: 1 Maximum items: 256 |
| raw_answer | Raw message returned from the DNS forwarder It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer. |
string | |
| source_ip | The source ip used in this lookup The source ip used in this lookup. |
IPv4Address | Required |
DnsClientConfig (schema)
Dns configuration
Dns config
| Name | Description | Type | Notes |
|---|---|---|---|
| dns_server_ips | IPs of the DNS servers which need to be configured on the workload VMs
|
array of string |
DnsFailedQueries (schema)
The array of failed DNS queries for active and standby transport node
The array of the failed DNS queries with entry count and timestamp
on active and standby transport node.
| Name | Description | Type | Notes |
|---|---|---|---|
| per_node_failed_queries | The array of failed DNS queries on active and standby transport node The array of failed DNS queries on active and standby transport node. If there is no standby node, the failed queries on standby node will not be present. |
array of PerNodeDnsFailedQueries | Readonly |
| timestamp | Timestamp of the request Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format. |
string | Required Readonly |
DnsFailedQuery (schema)
The failed DNS query
The summary of the failed DNS query. The query result represents a full
query chain from client VM to dns forwarder, and upstream server if no
forwarder cache was hit.
| Name | Description | Type | Notes |
|---|---|---|---|
| address | The adddress be queried The address be queried, can be a FQDN or an ip address. |
string | |
| client_ip | The client host ip address from which the query was issued The client host ip address from which the query was issued. |
string | |
| error_message | The error message of the failed query The detailed error message of the failed query, if any. |
string | |
| error_type | The type of the failure The type of the query failure, e.g. NXDOMAIN, etc. |
string | |
| forwarder_ip | The DNS forwarder ip address to which the query was first received The DNS forwarder ip address to which the query was first received. |
string | |
| record_type | The record type be queried The record type be queried, e.g. A, CNAME, SOA, etc. |
string | |
| source_ip | The source ip address for forwarding query The source ip address that is used to forward a query to an upstream server. |
string | |
| time_spent | Time spent in the query, if applicable The time the query took before it got a failed answer, in ms. |
integer | |
| timestamp | Timestamp of the request Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format. |
string | Required |
| upstream_server_ip | The ip address to which the query was forwarded The upstream server ip address to which the query was forwarded. If the query could not be serviced from the DNS forwarder cache, this property will contain the IP address of the DNS server that serviced the request. If the request was serviced from the cache, this property will be absent. |
string |
DnsFailedQueryRequestParameters (schema) (Deprecated)
The request parameters to get failed DNS queries
To specify how many failed DNS queries will be returned.
| Name | Description | Type | Notes |
|---|---|---|---|
| count | The count of the failed DNS queries How many failed DNS queries should be returned. |
integer | Minimum: 1 Maximum: 1000 Default: "100" |
DnsForwarder (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cache_size | Cache size in KB One DNS answer cache entry will consume ~120 bytes. Hence 1 KB cache size can cache ~8 DNS answer entries, and the default 1024 KB cache size can hold ~8k DNS answer entries. |
int | Minimum: 1 Maximum: 16777216 Default: "1024" |
| conditional_forwarders | Conditional zone forwarders The conditional zone forwarders. During matching a zone forwarder, the DNS forwarder will use the conditional fowarder with the longest domain name that matches the query. |
array of ConditionalForwarderZone | Maximum items: 5 |
| default_forwarder | Default zone forwarder The default zone forwarder that catches all other domain names except those matched by conditional forwarder zone. |
ForwarderZone | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Flag to enable/disable the forwarder | boolean | Default: "True" |
| id | Unique identifier of this resource | string | Sortable |
| listener_ip | Listener ip address The ip address the DNS forwarder listens on. It can be an ip address already owned by the logical-router uplink port or router-link, or a loopback port ip address. But it can not be a downlink port address. User needs to ensure the address is reachable via router or NAT from both client VMs and upstream servers. User will need to create Firewall rules if needed to allow such traffic on a Tier-1 or Tier-0. |
IPv4Address | Required |
| log_level | Log level of the DNS forwarder | string | Enum: DEBUG, INFO, WARNING, ERROR, FATAL Default: "INFO" |
| logical_router_id | Logical router id Specify the LogicalRouter where the DnsForwarder runs. The HA mode of the hosting LogicalRouter must be Active/Standby. |
string | Required |
| resource_type | Must be set to the value DnsForwarder | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
DnsForwarderListResult (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paginated list of DNS forwarders | array of DnsForwarder | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DnsForwarderStatistics (schema) (Deprecated)
Statistics counters of the DNS forwarder
The current statistics counters of the DNS forwarder including cache usages
and query numbers per forwarders.
| Name | Description | Type | Notes |
|---|---|---|---|
| conditional_forwarder_statistics | The statistics of conditional forwarders | array of PerForwarderStatistics | Readonly Minimum items: 0 Maximum items: 5 |
| configured_cache_size | The configured cache size, in kb | integer | Readonly |
| default_forwarder_statistics | The statistics of default forwarder | PerForwarderStatistics | Readonly |
| error_message | Error message, if available | string | Readonly |
| queries_answered_locally | The totocal number of queries answered from local cache | integer | Readonly |
| queries_forwarded | The total number of forwarded dns queries | integer | Readonly |
| timestamp | Time stamp of the current statistics, in ms | EpochMsTimestamp | Readonly |
| total_queries | The total number of received dns queries | integer | Readonly |
| used_cache_statistics | The statistics of used cache | array of PerNodeUsedCacheStatistics | Readonly Minimum items: 0 Maximum items: 2 |
DnsForwarderStatus (schema) (Deprecated)
The current runtime status of DNS forwarder
The current runtime status of the DNS forwarder including the hosting
transport nodes and forwarder service status.
| Name | Description | Type | Notes |
|---|---|---|---|
| active_node | Uuid of active transport node | string | Readonly |
| extra_message | Extra message, if available | string | Readonly |
| standby_node | Uuid of stand_by transport node. null if non-HA mode | string | Readonly |
| status | UP means the DNS forwarder is working correctly on the active transport
node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The dns forwarder may be working (or not working). NO_BACKUP means dns forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down. |
string | Readonly Enum: UP, DOWN, ERROR, NO_BACKUP |
| timestamp | Time stamp of the current status, in ms | EpochMsTimestamp | Readonly |
DnsHeader (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| address | Domain name/IP to query/response This is used to define what is being asked or responded. |
string | Format: hostname-or-ip |
| address_type | This is used to specify the type of the address. V4 - The address provided is an IPv4 domain name/IP address, the Type in query or response will be A V6 - The address provided is an IPv6 domain name/IP address, the Type in query or response will be AAAA | string | Enum: V4, V6 Default: "V4" |
| message_type | Specifies the message type whether it is a query or a response. | string | Enum: QUERY, RESPONSE Default: "QUERY" |
DnsNameString (schema)
An IA5String instance for DNS Name
DNS name string in the "preferred name syntax", as specified by
Section 3.5 of [RFC1034] and as modified by Section 2.1 of [RFC1123].
| Name | Description | Type | Notes |
|---|---|---|---|
| DnsNameString | An IA5String instance for DNS Name DNS name string in the "preferred name syntax", as specified by Section 3.5 of [RFC1034] and as modified by Section 2.1 of [RFC1123]. |
string | Maximum length: 200 |
DnsQueryAnswer (schema) (Deprecated)
Answer of nslookup
| Name | Description | Type | Notes |
|---|---|---|---|
| address | Matched ip address Can be resolved ip address. |
string | |
| name | Matched name Matched name of the given address. |
string | |
| raw_string | Unparsed answer string Unparsed answer string from raw_answer. |
string |
DnsSecurityProfile (schema)
DNS security profile
Used to configure DNS security profile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DnsSecurityProfile | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| ttl | Time to live for DNS cache entry Time to live for DNS cache entry in seconds. Valid TTL values are between 3600 to 864000. However, this field accepts values between 0 through 864000. We define TTL type based on the value of TTL as follows: TTL 0 - cached entry never expires. TTL 1 to 3599 - invalid input and error is thrown TTL 3600 to 864000 - ttl is set to user input TTL field not set by user - TTL type is 'AUTO' and ttl value is set from DNS response packet. User defined TTL value is used only when it is betweeen 3600 to 864000. |
integer | Minimum: 0 Maximum: 864000 Default: "86400" |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DnsSecurityProfileBindingMap (schema)
Binding Map for DNS Security Profile
This entity will be used to establish association between DNS security profile and
Group. With this entity, user can specify intent for applying DNS security profile
profile to particular Group.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| profile_path | Profile Path PolicyPath of associated Profile |
string | Required |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DnsSecurityProfileBindingMap | string | |
| sequence_number | Sequence number DNS Security Profile Binding Map Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000. |
integer | Minimum: 1 Maximum: 100000 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DnsSecurityProfileBindingMapListRequestParameters (schema)
DNS Security Profile Binding Map List Request Parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DnsSecurityProfileBindingMapListResult (schema)
Paged collection of DNS Security Profile Binding Map
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | DNS Security Profile Binding Map List Results | array of DnsSecurityProfileBindingMap | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DnsSecurityProfileListResult (schema)
Paged Collection of DnsSecurityProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | DnsSecurityProfile list results | array of DnsSecurityProfile | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DnsTtlConfig (schema)
DNS TTL config
Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.
| Name | Description | Type | Notes |
|---|---|---|---|
| dns_ttl_type | TTL type. TTL type to decide how to manage ttl. |
string | Required Enum: USE_TTL, AUTO, NEVER_EXPIRE |
| ttl | DNS server TTL The number of seconds that snooped DNS responses are retained in the cache. Used only when dns_ttl_type is USE_TTL. |
integer | Minimum: 3600 Maximum: 864000 Default: "86400" |
Domain (schema)
Domain
Domain.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildCommunicationMap ChildDomainDeploymentMap ChildEndpointPolicy ChildForwardingPolicy ChildGatewayPolicy ChildGroup ChildIdsGatewayPolicy ChildIdsSecurityPolicy ChildRedirectionPolicy ChildSecurityPolicy |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value Domain | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DomainDeploymentMap (schema)
Domain Deployment Map
Binding of domain to the enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enforcement_point_path | Absolute path of enforcement point Path of enforcement point on which domain shall be enforced. |
string | Required |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value DomainDeploymentMap | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
DomainDeploymentMapListRequestParameters (schema)
Domain Deployment Map List Request Parameters
Domain Deployment Map list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DomainDeploymentMapListResult (schema)
Paged Collection of Domain Deployment Map
Paged collection of Domain Deployment Map.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Domain Deployment Map List Result Domain Deployment Map list result. |
array of DomainDeploymentMap | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DomainListRequestParameters (schema)
Domain list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
DomainListResult (schema)
Paged Collection of Domains
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Domain list results | array of Domain | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DonutConfiguration (schema)
Donut Configuration
Represents configuration of a Donut
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| condition | Expression for evaluating condition If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally. |
string | Maximum length: 1024 |
| count | Expression to retrieve count to be shown on Donut Expression to retrieve count to be shown on Donut. |
string | |
| datasources | Array of Datasource Instances with their relative urls The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API. |
array of Datasource | Minimum items: 0 |
| default_filter_value | Default filter value to be passed to datasources Default filter values to be passed to datasources. This will be used when the report is requested without filter values. |
array of DefaultFilterValue | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_count | Show or hide the count of entities If true, displays the count of entities in the donut |
boolean | Default: "True" |
| display_name | Widget Title Title of the widget. If display_name is omitted, the widget will be shown without a title. |
string | Maximum length: 255 |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. |
string | Maximum length: 255 |
| feature_set | Features required to view the widget Features required to view the widget. |
FeatureSet | |
| filter | Id of filter widget for subscription Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property. |
string | Deprecated |
| filter_value_required | Flag to indicate if filter value is necessary Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory. |
boolean | Default: "True" |
| filters | A List of filter ids applied to this widget configuration A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget. |
array of string | |
| footer | Footer | ||
| icons | Icons Icons to be applied at dashboard for widgets and UI elements. |
array of Icon | |
| id | Unique identifier of this resource | string | Sortable |
| is_drilldown | Set as a drilldown widget Set to true if this widget should be used as a drilldown. |
boolean | Default: "False" |
| label | Label of the Donut Configuration Displayed at the middle of the donut, by default. It labels the entities of donut. |
Label | |
| legend | Legend for the widget Legend to be displayed. If legend is not needed, do not include it. |
Legend | |
| navigation | Navigation to a specified UI page Hyperlink of the specified UI page that provides details. |
string | Maximum length: 1024 |
| plot_configs | List of plotting configuration for a given widget. List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here. |
array of WidgetPlotConfiguration | |
| resource_type | Must be set to the value DonutConfiguration | string | Required Readonly Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, DropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration Maximum length: 255 |
| rowspan | Vertical span Represents the vertical span of the widget / container. 1 Row span is equal to 20px. |
int | Minimum: 1 |
| sections | Sections | array of DonutSection | Required Minimum items: 1 |
| shared | Visiblity of widgets to other users Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users. |
boolean | Deprecated |
| show_header | This decides to show the container header or not. If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header. |
boolean | |
| span | Horizontal span Represents the horizontal span of the widget / container. |
int | Minimum: 1 Maximum: 12 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| weight | Weightage or placement of the widget or container Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details. |
int | Deprecated |
DonutPart (schema)
Portion of a donut or stats chart
Represents an entity or portion to be plotted on a donut or stats chart.
| Name | Description | Type | Notes |
|---|---|---|---|
| condition | Expression for evaluating condition If the condition is met then the part will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API. |
string | |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. |
string | |
| field | Value of the portion or entity of donut or stats chart A numerical value that represents the portion or entity of the donut or stats chart. |
string | Required Maximum length: 1024 |
| hide_empty_legend | Hide the legend if the data for the part is not available If true, legend will be shown only if the data for the part is available. This is applicable only if legends are specified in widget configuration. |
boolean | Default: "False" |
| label | Label of the portion or entity of donut or stats chart If a section 'template' holds this donut or stats part, then the label is auto-generated from the fetched field values after applying the template. |
Label | |
| navigation | Navigation to a specified UI page Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used. |
string | |
| render_configuration | Render Configuration Additional rendering or conditional evaluation of the field values to be performed, if any. |
array of RenderConfiguration | Minimum items: 0 |
| tooltip | Multi-line tooltip Multi-line text to be shown on tooltip while hovering over the portion. |
array of Tooltip | Minimum items: 0 |
DonutSection (schema)
Section of a donut or stats chart
Represents high level logical grouping of portions or segments of a donut / stats chart.
| Name | Description | Type | Notes |
|---|---|---|---|
| parts | Parts of a donut / stats chart Array of portions or parts of the donut or stats chart. |
array of DonutPart | Required Minimum items: 1 |
| row_list_field | Field from which parts of the donut or stats chart are formed Field of the root of the api result set for forming parts. |
string | Maximum length: 1024 |
| template | Template, if any, for automatically forming the donut or stats parts If true, the section will be appled as template for forming parts. Only one part will be formed from each element of 'row_list_field'. |
boolean | Default: "False" |
DpuFailoverPolicy (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_uplinks | Active uplinks Array of configured active uplinks on DVS for DPU failover policy. |
array of string | Readonly |
| standby_uplinks | Standby uplinks Array of configured standby uplinks on DVS for DPU failover policy. |
array of string | Readonly |
DpuInfo (schema)
DPU information for a Host Transport node
Details of data processing unit (DPU) present on a ESXi Host.
| Name | Description | Type | Notes |
|---|---|---|---|
| dpu_id | Id of DPU Specifies Id of DPU. |
string | Required Readonly |
| firmware_version | Firmware version of DPU Specifies the firmware version of DPU. |
string | Readonly |
| is_primary | Primary flag of DPU Specifies whether this is considered the primary DPU in the host. |
boolean | Readonly |
| model | Model of the DPU Specifies the model of DPU. |
string | Readonly |
| os_version | Operating system version of DPU Specifies the operating system version of DPU. |
string | Readonly |
| state | State of DPU Specifies state of DPU. |
string | Readonly Enum: UNAVAILABLE, UNMANAGED, UNUSED, MANAGED, INVALID |
| vendor | Vendor of DPU Specifies the vendor of DPU. |
string | Readonly |
DpuStatusProperties (schema)
Data processing unit status properties
| Name | Description | Type | Notes |
|---|---|---|---|
| cpu_cores | CPU core count The number of CPU cores on the system. |
integer | Readonly |
| dpu_alias | Data processing unit alias DPU alias |
string | Readonly |
| dpu_id | Data processing unit ID | string | Readonly |
| load_average | System load average One, five, and fifteen minute load averages for the system. |
array of number | Readonly |
| mem_cache | Cached RAM size in kilobytes Amount of RAM on the system that can be flushed out to disk, in kilobytes. |
integer | Readonly |
| mem_total | Total RAM size in kilobytes System Amount of RAM allocated to the system, in kilobytes. |
integer | Readonly |
| mem_used | Used RAM size in kilobytes Amount of RAM in use on the system, in kilobytes. |
integer | Readonly |
DriverConfig (schema)
These are driver specific configuration options.
| Name | Description | Type | Notes |
|---|---|---|---|
| driver_info | This is physical nic driver version. | array of string | |
| high_performance_config_params | List of parameters that could be used to configure high performance. | array of HighPerformanceConfigParams | |
| high_performance_config_type | Must be set to the value DriverConfig | string | Required Enum: ADV_CONFIG, DRIVER_CONFIG, MISC_CONFIG |
| version | Based on the high_performance_config_type, it could be either driver version or host version. For high_performance_config_type as ADV_CONFIG or MISC_CONFIG, this represents host version. For high_performance_config_type as DRIVER_CONFIG, this represents physical NIC driver version. | array of string |
DropdownFilterPlotConfiguration (schema)
Dropdown Filtert plotting configuration
Dropdown Filter plotting configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| allow_maximize | Allow maximize capability for this widget Allow maximize capability for this widget |
boolean | |
| allow_search | Allow search on drop down filter Allow search on drop down filter. |
boolean | Default: "False" |
| condition | Expression for evaluating condition for this chart config If the condition is met then the given chart config is applied to the widget configuration. |
string | Maximum length: 1024 |
DropdownFilterWidgetConfiguration (schema)
Dropdown Filter widget Configuration
Represents configuration for dropdown filter widget.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alias | Alias to be used when emitting filter value Alias to be used when emitting filter value. |
string | |
| condition | Expression for evaluating condition If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally. |
string | Maximum length: 1024 |
| datasources | Array of Datasource Instances with their relative urls The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API. |
array of Datasource | Minimum items: 0 |
| default_filter_value | Default filter value to be passed to datasources Default filter values to be passed to datasources. This will be used when the report is requested without filter values. |
array of DefaultFilterValue | |
| default_value | Expression to specify default value Expression to specify default value of filter. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Widget Title Title of the widget. If display_name is omitted, the widget will be shown without a title. |
string | Maximum length: 255 |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. |
string | Maximum length: 255 |
| dropdown_filter_plot_config | Dropdown filter plotting configuration Dropdown filter plotting configuration. This plotting configuration will be applicable for the Dropdown filter only. |
DropdownFilterPlotConfiguration | |
| dropdown_item | Definition for item of a dropdown Defines the item of a dropdown. |
DropdownItem | |
| feature_set | Features required to view the widget Features required to view the widget. |
FeatureSet | |
| filter | Id of filter widget for subscription Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property. |
string | Deprecated |
| filter_value_required | Flag to indicate if filter value is necessary Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory. |
boolean | Default: "True" |
| filters | A List of filter ids applied to this widget configuration A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget. |
array of string | |
| footer | Footer | ||
| icons | Icons Icons to be applied at dashboard for widgets and UI elements. |
array of Icon | |
| id | Unique identifier of this resource | string | Sortable |
| is_drilldown | Set as a drilldown widget Set to true if this widget should be used as a drilldown. |
boolean | Default: "False" |
| legend | Legend for the widget Legend to be displayed. If legend is not needed, do not include it. |
Legend | |
| placeholder_msg | Placeholder message to be shown in filter Placeholder message to be displayed in dropdown filter. |
string | |
| plot_configs | List of plotting configuration for a given widget. List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here. |
array of WidgetPlotConfiguration | |
| resource_type | Must be set to the value DropdownFilterWidgetConfiguration | string | Required Readonly Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, DropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration Maximum length: 255 |
| rowspan | Vertical span Represents the vertical span of the widget / container. 1 Row span is equal to 20px. |
int | Minimum: 1 |
| shared | Visiblity of widgets to other users Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users. |
boolean | Deprecated |
| show_header | This decides to show the container header or not. If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header. |
boolean | |
| span | Horizontal span Represents the horizontal span of the widget / container. |
int | Minimum: 1 Maximum: 12 |
| static_filter_condition | Expression for evaluating condition If the condition is met then the static filter will be added. If no condition is provided, then the static filters will be applied unconditionally. |
string | |
| static_filters | Additional static items to be added in dropdown filter Additional static items to be added in dropdown filter. Example can be 'ALL'. |
array of StaticFilter | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| weight | Weightage or placement of the widget or container Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details. |
int | Deprecated |
DropdownItem (schema)
Dropdown item definition
| Name | Description | Type | Notes |
|---|---|---|---|
| additional_value | An additional value for item to be display in dropdown. An additional key-value pair for item to be display in dropdown. |
object | |
| display_name | Display name for item to be displayed in dropdown expression to extract display name to be shown in the drop down. |
string | Maximum length: 1024 |
| field | Expression for dropdown items of filter An expression that represents the items of the dropdown filter. |
string | Required |
| short_display_name | A property value to be shown once value is selected for a filter. Property value is shown in the drop down input box for a filter. If the value is not provided 'display_name' property value is used. |
string | Maximum length: 1024 |
| value | Value for item to be displayed in dropdown Value of filter inside dropdown filter. |
string | Required |
Dscp (schema) (Deprecated)
One of Quality-of-Service or Encapsulated-Remote-Switched-Port-Analyzer
Dscp value is ignored in case of 'TRUSTED' DscpMode.
| Name | Description | Type | Notes |
|---|---|---|---|
| mode | DscpMode | ||
| priority | Internal Forwarding Priority | int | Minimum: 0 Maximum: 63 Default: "0" |
DscpBit (schema)
Dscp bit config
To define the Dscp bit in Global In-band network telemetry configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| dscp_bit | DSCP bit for indicating the existence of INT header. A DSCP bit is allocated to indicate the existence of INT header. It takes effect only when the INT indicator mode is DSCP_BIT. The user should guarantee that the given DSCP bit is specifically allocated for INT. |
int | Required Minimum: 0 Maximum: 5 |
| indicator_type | Must be set to the value DscpBit | string | Required Enum: DSCP_BIT, DSCP_VALUE |
DscpIndicator (schema)
Abstract base type for Global In-band network telemetry configuration
The DscpIndicator is the base class for global In-band network telemetry
configurations for different types in a NSX domain.
This is an abstract type. Concrete child types:
DscpBit
DscpValue
| Name | Description | Type | Notes |
|---|---|---|---|
| indicator_type | The method for indicating the existence of INT header. | string | Required Enum: DSCP_BIT, DSCP_VALUE |
DscpMode (schema) (Deprecated)
Trust settings
| Name | Description | Type | Notes |
|---|---|---|---|
| DscpMode | Trust settings | string | Deprecated Enum: TRUSTED, UNTRUSTED Default: "TRUSTED" |
DscpTrustMode (schema)
Trust settings
When you select the Trusted mode the inner header DSCP value is applied
to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic,
the outer IP header takes the default value.Untrusted mode is supported
on overlay-based and VLAN-based logical port.
| Name | Description | Type | Notes |
|---|---|---|---|
| DscpTrustMode | Trust settings When you select the Trusted mode the inner header DSCP value is applied to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic, the outer IP header takes the default value.Untrusted mode is supported on overlay-based and VLAN-based logical port. |
string | Enum: TRUSTED, UNTRUSTED Default: "TRUSTED" |
DscpValue (schema)
Dscp bit config
To define the Dscp value in Global In-band network telemetry configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| dscp_value | DSCP value for indicating the existence of INT header. A DSCP value is allocated to indicate the existence of INT header. It takes effects only when the INT indicator mode is DSCP_VALUE. The user should guarantee that the given DSCP value is specifically allocated for INT. |
int | Required Minimum: 1 Maximum: 63 |
| indicator_type | Must be set to the value DscpValue | string | Required Enum: DSCP_BIT, DSCP_VALUE |
DuplicateAddressBindingEntry (schema) (Deprecated)
Duplicate address binding information
| Name | Description | Type | Notes |
|---|---|---|---|
| binding | Combination of IP-MAC-VLAN binding | PacketAddressClassifier | |
| binding_timestamp | Timestamp of binding Timestamp at which the binding was discovered via snooping or manually specified by the user |
EpochMsTimestamp | |
| conflicting_port | ID of logical port with the same address binding Provides the ID of the port on which the same address bidning exists |
string | |
| source | Address binding source Source from which the address binding entry was obtained |
AddressBindingSource | Default: "UNKNOWN" |
DuplicateIPDetection (schema) (Deprecated)
Duplicate IP detection and control
| Name | Description | Type | Notes |
|---|---|---|---|
| duplicate_ip_detection_enabled | Indicates whether duplicate IP detection should be enabled | boolean | Default: "False" |
DuplicateIPDetectionOptions (schema)
Controls duplicate IP detection options
Contains dupliacte IP detection related discovery options.
| Name | Description | Type | Notes |
|---|---|---|---|
| duplicate_ip_detection_enabled | Duplicate IP detection Indicates whether duplicate IP detection should be enabled |
boolean | Default: "False" |
Dvpg (schema)
DVPG details
DVPG details.
| Name | Description | Type | Notes |
|---|---|---|---|
| data_center_id | Datacenter ID Datacenter ID. |
string | Readonly |
| data_center_name | Datacenter name Datacenter name. |
string | Readonly |
| id | DVPG ID DVPG ID. |
string | Required Readonly |
| name | DVPG name DVPG name. |
string | Readonly |
| vds_id | VDS ID VDS ID. |
string | Readonly |
| vds_name | VDS name VDS name. |
string | Readonly |
| vlan_id | VLAN ID A single vlan ID or comma separated vlan ranges. Example - "200" or "1-100,201-300" |
string | Readonly |
| vm_count | Number of vm's Number of vm's that belong to dvpg. |
int | Readonly |
DvpgAggregateInfo (schema)
DVPG aggregate info
DVPG aggregate info.
| Name | Description | Type | Notes |
|---|---|---|---|
| assessment_result | Assessment result for the resource Assessment result for the resource. |
ColorCode | Readonly |
| dvpg | DVPG details DVPG details |
Dvpg | Readonly |
| migration_status | DVPG migration status DVPG migration status. |
DvpgMigrationStatus | Readonly |
DvpgAggregateInfoListRequestParameters (schema)
DVPG aggregate info list request parameters
DVPG aggregate info list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| assessment_result | Assessment result for the resource Assessment result for the resource. |
ColorCode | |
| data_center_id | Datacenter ID Datacenter ID. |
string | |
| data_center_name | Datacenter name Datacenter name. |
string | |
| dvpg_id | DVPG ID DVPG ID. |
string | |
| dvpg_name | DVPG name DVPG name. |
string | |
| migration_status | DVPG migration status DVPG migration status. |
DvpgMigrationStatus | |
| vds_id | VDS ID VDS ID. |
string | |
| vds_name | VDS name VDS name. |
string | |
| vlan_id | VLAN ID VLAN ID. |
string |
DvpgAggregateInfoListResult (schema)
List of DVPG aggregate info
List of DVPG aggregate info.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged collection of DVPG aggregate info Paged collection of DVPG aggregate info. |
array of DvpgAggregateInfo | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DvpgAndSegmentWorkflowResource (schema)
DVPG and segment workflow resource
DVPG and segment workflow resource.
| Name | Description | Type | Notes |
|---|---|---|---|
| dvpg_id | DVPG ID DVPG ID. |
string | Required |
| segment_path | Segment path Segment path. |
string | Required |
| type | Must be set to the value DvpgAndSegmentWorkflowResource | WorkflowResourceType | Required |
DvpgAndSubnetMigrationUnit (schema)
DVPG and subnet migration unit
DVPG and subnet migration unit.
| Name | Description | Type | Notes |
|---|---|---|---|
| dvpg_and_subnet_to_segment_migration_info_list | Collection of DVPG and subnet migration to segment migration info Collection of DVPG and subnet migration to segment migration info. |
array of DvpgAndSubnetToSegmentMigrationInfo | Readonly |
| ip_subnets | A VnicIpSubnets shared by vNICs connected to a DVPG A VnicIpSubnets shared by vNICs connected to a DVPG. |
VnicIpSubnets | Readonly |
| migration_status | DVPG and subnet unit migration status DVPG and subnet unit migration status. |
DvpgAndSubnetMigrationUnitStatus | Readonly |
| vm_count | Number of VMs connected to a DVPG in the subnets Number of VMs connected to a DVPG in the subnets specified by the the property "subnets". |
int | Readonly |
DvpgAndSubnetMigrationUnitStatus (schema)
DVPG and subnet migration unit status
DVPG and subnet migration unit status.
| Name | Description | Type | Notes |
|---|---|---|---|
| DvpgAndSubnetMigrationUnitStatus | DVPG and subnet migration unit status DVPG and subnet migration unit status. |
string | Enum: NOT_STARTED, IN_PROGRESS, COMPLETED |
DvpgAndSubnetToSegmentMigrationInfo (schema)
DVPG and subnet to segment migration info
DVPG and subnet to segment migration info.
| Name | Description | Type | Notes |
|---|---|---|---|
| migration_status | DVPG and subnet to segment migration status DVPG and subnet to segment migration status. |
DvpgAndSubnetToSegmentMigrationStatus | Readonly |
| segment_path | Segment path Segment path. |
string | Required Readonly |
DvpgAndSubnetToSegmentMigrationStatus (schema)
DVPG and subnet to segment migration status
DVPG and subnet to segment migration status.
| Name | Description | Type | Notes |
|---|---|---|---|
| DvpgAndSubnetToSegmentMigrationStatus | DVPG and subnet to segment migration status DVPG and subnet to segment migration status. |
string | Enum: NOT_STARTED, IN_PROGRESS, COMPLETED |
DvpgIdAndSegmentPathPair (schema)
DVPG ID and Segment path pair
DVPG ID and Segment path pair.
| Name | Description | Type | Notes |
|---|---|---|---|
| dvpg_id | DVPG ID DVPG ID. |
string | Required |
| segment_path | Segment path Segment path. |
string | Required |
DvpgListRequestParameters (schema)
DVPG list request parameters
DVPG list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| data_center_id | Datacenter ID Datacenter ID. |
string | |
| data_center_name | Datacenter name Datacenter name. |
string | |
| dvpg_id | DVPG ID DVPG ID. |
string | |
| dvpg_name | DVPG name DVPG name. |
string | |
| vds_id | VDS ID VDS ID. |
string | |
| vds_name | VDS name VDS name. |
string | |
| vlan_id | VLAN ID VLAN ID. |
string |
DvpgListResult (schema)
List of DVPGs
List of DVPGs.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged collection of DVPGs Paged collection of DVPGs. |
array of Dvpg | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
DvpgMappingInfo (schema)
DVPG mapping info
Mapping info for a DVPG to which an overlay segment has been bridged.
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_profile_path | Bridge profile path Policy path of the L2 bridge profile that has been used for bridging the segment and DVPG |
string | Required Readonly |
| bridging_mode | Bridging mode Bridging mode. |
BridgingMode | Required Readonly |
| dvpg_id | DVPG ID DVPG ID to which the overlay segment has been bridged. |
string | Required Readonly |
| dvpg_name | DVPG name DVPG name. |
string | Required Readonly |
| ipv4_subnet | IPv4 subnet of some/all vNICs connected to the DVPG IPv4 subnet of some/all vNICs connected to the DVPG. This value would have been provided when extend DVPG workflow was performed. |
string | Readonly |
| ipv6_subnet | IPv6 subnet of some/all vNICs connected to the DVPG IPv6 subnet of some/all vNICs connected to the DVPG. This value would have been provided when extend DVPG workflow was performed. |
string | Readonly |
| vlan_id | VLAN ID VLAN ID of the DVPG that has been bridged to overlay segment. |
string | Required Readonly |
DvpgMigrationInfo (schema)
DVPG migration info
Detailed DVPG migration info.
| Name | Description | Type | Notes |
|---|---|---|---|
| dvpg_and_subnet_migration_units | Collection of DVPG and subnet migration units Collection of DVPG and subnet migration units. |
array of DvpgAndSubnetMigrationUnit | Readonly |
| dvpg_id | DVPG ID DVPG ID. |
string | Required Readonly |
DvpgMigrationInfoRequestParameters (schema)
DVPG migration info request parameters
DVPG migration info request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| dvpg_id | DVPG ID DVPG ID. |
string | Required |
DvpgMigrationStatus (schema)
DVPG migration status
DVPG migration status.
| Name | Description | Type | Notes |
|---|---|---|---|
| DvpgMigrationStatus | DVPG migration status DVPG migration status. |
string | Enum: NOT_STARTED, IN_PROGRESS, COMPLETED |
DvpgWorkflowResource (schema)
DVPG workflow resource
DVPG workflow resource.
| Name | Description | Type | Notes |
|---|---|---|---|
| dvpg_id | DVPG Id DVPG Id. |
string | Required |
| type | Must be set to the value DvpgWorkflowResource | WorkflowResourceType | Required |
DynamicContentFilterQueryParameter (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| scope | Restrict scope of dynamic content filters to report | string | Enum: NAPP |
DynamicContentFilterValue (schema)
Support bundle dynamic content filter allowed values, for example, NAPP:SERVICE:PLATFORM_SERVICES
| Name | Description | Type | Notes |
|---|---|---|---|
| DynamicContentFilterValue | Support bundle dynamic content filter allowed values, for example, NAPP:SERVICE:PLATFORM_SERVICES | string |
DynamicContentFilters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| dynamic_content_filters | Support bundle content filter allowed values These filter values will be set by the remote node like the NSX Intelligence Platform for instance. We would not need to know or act on these dynamic content filters, except for passing them on as request parameters along with the support bundle collection API. |
array of DynamicContentFilterValue |
DynamicPluginFileProperties (schema)
Plugin file properties
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| file_name | File name | string | Required |
| plugin_path | Plugin id | string | Required |
| status | Upload status | string | Required Enum: SUCCESS, FAILURE |
EPActionForDnsForwarderRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| action | An action to be performed for DNS forwarder on EP The valid DNS forwarder actions to be performed on EP are, - clear_cache: Clear the current cache of the dns forwarder from specified enforcement point. |
string | Required Enum: clear_cache |
| enforcement_point_path | An enforcement point path, on which the action is to be performed An enforcement point path, on which the action is to be performed. If not specified, default enforcement point path, /infra/sites/default/enforcement-points/default will be considered. |
string | Default: "/infra/sites/default/enforcement-points/default" |
EULAAcceptance (schema)
EULA acceptance status
Indicate the status of End User License Agreement acceptance
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| acceptance | End User License Agreement acceptance status Acceptance status of End User License Agreement |
boolean | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value EULAAcceptance | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
EULAContent (schema)
EULA content
End User License Agreement content
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| content | End User License Agreement content Content of End User License Agreement |
secure_string | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value EULAContent | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
EULAOutputFormatRequestParameters (schema)
Indicate output format of End User License Agreement content
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| value_format | End User License Agreement content output format | string |
EdgeCluster (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| allocation_rules | Allocation rules for auto placement Set of allocation rules and respected action for auto placement of logical router, DHCP and MDProxy on edge cluster members. |
array of AllocationRule | |
| cluster_profile_bindings | Edge cluster profile bindings | array of ClusterProfileTypeIdEntry | |
| deployment_type | Edge cluster deployment type This field is a readonly field which shows the deployment_type of members. It returns UNKNOWN if there are no members, and returns VIRTUAL_MACHINE| PHYSICAL_MACHINE if all edge members are VIRTUAL_MACHINE|PHYSICAL_MACHINE. It returns HYBRID if the cluster contains edge members of both types VIRTUAL_MACHINE and PHYSICAL_MACHINE. |
EdgeDeploymentType | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_inter_site_forwarding | Flag to enable inter site forwarding Flag should be only use in federation for inter site l2 and l3 forwarding. Before enabling this flag, all the edge cluster members must have remote tunnel endpoint configured. TIER0/TIER1 logical routers managed by GM must be associated with edge cluster which has inter-site forwarding enabled. |
boolean | Readonly |
| id | Unique identifier of this resource | string | Sortable |
| member_node_type | Node type of the cluster members Edge cluster is homogenous collection of transport nodes. Hence all transport nodes of the cluster must be of same type. This readonly field shows the type of transport nodes. |
EdgeClusterNodeType | Readonly |
| members | Edge cluster members EdgeCluster only supports homogeneous members. These member should be backed by either EdgeNode or PublicCloudGatewayNode. TransportNode type of these nodes should be the same. DeploymentType (VIRTUAL_MACHINE|PHYSICAL_MACHINE) of these EdgeNodes is recommended to be the same. EdgeCluster supports members of different deployment types. |
array of EdgeClusterMember | |
| node_rtep_ips | Remote tunnel endpoint ip address. List of remote tunnel endpoint ipaddress configured on edge cluster for each transport node. |
array of NodeRtepIpsConfig | Readonly |
| resource_type | Must be set to the value EdgeCluster | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
EdgeClusterAllocationStatus (schema)
Allocationd details of edge cluster
Allocation details of cluster and its members. Contains information of the
edge nodes present in cluster, active and standby services of each node,
utilization details of configured sub-pools. These allocation details can
be monitored by customers to trigger migration of certain service contexts
to different edge nodes, to balance the utilization of edge node resources.
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Display name of the edge cluster | string | Readonly |
| id | Unique identifier of edge cluster System allotted UUID of edge cluster. |
string | Readonly |
| member_count | Count of edge nodes present in the cluster Represents the number of edge nodes in the cluster. |
int | Readonly |
| members | Allocation Status of edge nodes Allocation details of edge nodes present in the cluster. |
array of EdgeMemberAllocationStatus | Readonly |
EdgeClusterInterSiteStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| edge_cluster_id | Edge cluster id Id of the edge cluster whose status is being reported. |
string | Required Readonly |
| edge_cluster_name | Edge cluster name Name of the edge cluster whose status is being reported. |
string | Readonly |
| last_update_timestamp | Last updated timestamp Timestamp when the edge cluster inter-site status was last updated. |
EpochMsTimestamp | Required Readonly |
| member_status | Per edge node inter-site status Per edge node inter-site status. |
array of EdgeClusterMemberInterSiteStatus | Readonly |
| overall_status | Overall IBGP status in the edge cluster Overall status of all edge nodes IBGP status in the edge cluster. |
string | Readonly Enum: UP, DOWN, DEGRADED, UNKNOWN, CONFIGURED |
EdgeClusterListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Edge cluster list results | array of EdgeCluster | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EdgeClusterMember (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| description | description of edge cluster member description of edge cluster member |
string | |
| display_name | display name of edge cluster member display name of edge cluster member |
string | |
| member_index | System generated index for cluster member System generated index for cluster member |
int | Readonly |
| transport_node_id | UUID of edge transport node Identifier of the transport node backed by an Edge node |
string | Required |
EdgeClusterMemberAllocationPool (schema)
This is an abstract type. Concrete child types:
LoadBalancerAllocationPool
| Name | Description | Type | Notes |
|---|---|---|---|
| allocation_pool_type | AllocationPoolType | Required |
EdgeClusterMemberAllocationProfile (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| allocation_pool | Edge Cluster Member Allocation Pool for logical router Logical router allocation can be tracked for specific services and services may have their own hard limits and allocation sizes. For example load balancer pool should be specified if load balancer service will be attached to logical router. |
EdgeClusterMemberAllocationPool (Abstract type: pass one of the following concrete types) LoadBalancerAllocationPool |
|
| allocation_type | Resource allocation type Allocation type is used to specify the mode used to allocate the LR. This is populated only for TIER1 logical router and for TIER0 this will be null. |
string | Readonly Enum: MANUAL, AUTO |
| enable_standby_relocation | Flag to enable standby service router relocation Flag to enable the auto-relocation of standby service router running on edge cluster and node associated with the logical router. Only dynamically allocated tier1 logical routers are considered for the relocation. |
boolean | Default: "False" |
EdgeClusterMemberIndex (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| member_index | Index for cluster member Index for cluster member |
int | Required |
EdgeClusterMemberInterSiteStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| established_bgp_sessions | Established inter-site IBGP sessions Total number of current established inter-site IBGP sessions. |
integer | Readonly |
| neighbor_status | BGP neighbor status Inter-site BGP neighbor status. |
array of BgpNeighborStatusLiteDto | Readonly |
| status | Edge node IBGP status Edge node IBGP status |
string | Readonly Enum: UP, DOWN, DEGRADED, UNKNOWN |
| total_bgp_sessions | Total inter-site IBGP sessions Total number of inter-site IBGP sessions. |
integer | Readonly |
| transport_node | Transport node Edge node details from where the status is being retrived. |
ResourceReference | Required Readonly |
EdgeClusterMemberStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| status | Status of an edge node | string | Required Enum: UP, DOWN, ADMIN_DOWN, PARTIALLY_DISCONNECTED, UNKNOWN |
| transport_node | UUID of edge transport node Transport node backed by an Edge node. |
ResourceReference | Required |
EdgeClusterMemberTransportNode (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| member_index | System generated index for cluster member System generated index for cluster member |
int | Required |
| transport_node_id | UUID of edge transport node Identifier of the transport node backed by an Edge node |
string | Required |
EdgeClusterNodeType (schema)
Supported edge cluster node type.
| Name | Description | Type | Notes |
|---|---|---|---|
| EdgeClusterNodeType | Supported edge cluster node type. | string | Enum: EDGE_NODE, PUBLIC_CLOUD_GATEWAY_NODE, UNKNOWN |
EdgeClusterState (schema)
Realization State of Edge Cluster.
This holds the state of Edge Cluster. If there are errors in
realizing EC outside of MP, it gives details of the components and
specific errors.
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| pending_change_list | List of pending changes Request identifier of the API which modified the entity. |
array of string | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
EdgeClusterStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| edge_cluster_id | Edge cluster id Id of the edge cluster whose status is being reported |
string | Required |
| edge_cluster_status | Status of an edge node | string | Required Enum: UP, DOWN, DEGRADED, UNKNOWN |
| last_update_timestamp | Last updated timestamp Timestamp when the cluster status was last updated |
EpochMsTimestamp | Required Readonly |
| member_status | Per Edge Node Status | array of EdgeClusterMemberStatus | Readonly |
EdgeConfigDiagnosis (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| failed | Failed Config | FailedOrWarningConfig | Required |
| passed | Passed Config | array of ConfigType | Required |
| warning | Config Warning | FailedOrWarningConfig | Required |
EdgeConfigurationState (schema)
Configuration State for Edge and VPN entities.
This contains fields that captures state of Trackable entities.
Edge and VPN state entities extend this object.
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| pending_change_list | List of pending changes Request identifier of the API which modified the entity. |
array of string | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
EdgeDataplaneCpuStats (schema)
Edge dataplane CPU stats
Provides the dataplane CPU statistics per CPU core for a given edge transport
node. It includes the following information:
- Core ID.
- CPU type.
- Number of packets sent and received per second on the core for the last 100ms.
- Number of packets received per second from the crypto module, the KNI interface,
the slowpath threads and the other cores within the last 100ms.
- Statistics of the mega flow cache which holds flow cache key and the corresponding
flow cache actions for all the entries. The counts are from the time the edge
dataplane is UP and will be reset on edge reboot or edge dataplane restart.
- Statistics of the micro flow cache which holds a hash of the entire flow cache key
and a pointer to the mega flow cache entry. The counts are from the time the edge
dataplane is UP and will be reset on edge reboot or edge dataplane restart.
- Percentage of live CPU utilization of the core sampled within the last 60 seconds.
- Percentage of CPU utilization of the core for actual packet processing for the last
100ms.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cores | Statistics of all CPU cores Provides the per-core CPU statistics of an edge transport node for the last 100ms. It includes the number of packets sent and received per second; the number of packets received from the crypto module, the other cores, the Kernel Network interface (KNI), and the slowpath threads per second and the CPU packet processing usage. It also provides the live CPU usage of the core sampled within the last 60 seconds. It includes the flow cache statistics since the time the edge dataplane is UP. The flow cache statistics will be reset on edge reboot or edge dataplane restart. |
array of CpuStats | Maximum items: 64 |
| datapath_cores_mode | Datapath core mode Mode of how the datapath cores get the packets from driver |
string | Readonly |
EdgeDataplaneCtrlPrioSetting (schema)
Information about Edge Dataplane control packet prioritization setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| ctrl_prio_enabled | Control packet prioritization setting | boolean |
EdgeDataplaneFlow (schema)
Edge dataplane flow record
| Name | Description | Type | Notes |
|---|---|---|---|
| dst_ip | Destination IP Destination IP of the flow |
string | |
| dst_port | Destination port Destination port of the flow |
integer | |
| proto | Protocol Protocol of the flow |
integer | |
| src_ip | Source IP Source IP of the flow |
string | |
| src_port | Source port Source port of the flow |
integer | |
| tunnel_dst_ip | Tunnel destination IP Tunnel destination IP of the flow |
string | |
| tunnel_src_ip | Tunnel source IP Tunnel source IP of the flow |
string |
EdgeDataplaneFlowCacheSetting (schema)
Information about Edge Dataplane Flow Cache mode.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| flow_cache_enabled | Flow cache setting | boolean |
EdgeDataplaneFlowMonitorMessage (schema)
Edge dataplane flow monitor message
| Name | Description | Type | Notes |
|---|---|---|---|
| message | Message Edge dataplane flow monitor message |
string |
EdgeDataplaneFlowMonitorStartSetting (schema)
Information about Edge Dataplane flow monitor start setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| core_id | Core id Flow monitor core id |
string | |
| timeout | Timeout for flow monitor in seconds, in the range of 1 - 600. Flow monitor timeout in seconds |
string | Default: "15" |
EdgeDataplaneFlowQueryParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| fields | Fields to include in query results Comma-separated field names to include in query result |
string | |
| top_10 | Collect top 10 flows when set to true Collect top 10 flows when set to true, else collect all flows. |
boolean | Default: "False" |
EdgeDataplaneFwContexts (schema)
Information about Edge Dataplane firewall contexts
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| results | Firewall Context Firewall context |
array of FwContexts | Maximum items: 4096 |
EdgeDataplaneGeneveCbitSetting (schema)
Information about Edge Dataplane geneve cbit setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| geneve_cbit_set | geneve critical bit setting | boolean |
EdgeDataplaneIntrModeSetting (schema)
Information about Edge Dataplane interrupt mode setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| intr_mode_enabled | interrupt mode setting | boolean |
EdgeDataplaneL2vpnPmtuSetting (schema)
Information about Edge Dataplane l2vpn pmtu message generation setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| l2vpn_pmtu_enabled | l2vpn pmtu setting | boolean |
EdgeDataplanePmtuLearningSetting (schema)
Information about Edge Dataplane pmtu learning setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| pmtu_learning_enabled | l3vpn pmtu setting | boolean |
EdgeDataplaneQatAdminSetting (schema)
Information about Edge Dataplane QAT feature enabled setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| qat_admin_enabled | QAT feature enabled setting | boolean |
EdgeDataplaneQatAdminSettingResponse (schema)
Information about Edge Dataplane QAT feature enabled setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| update_message | Datapath QAT enable CLI message Message to display after setting QAT feature |
string | Readonly |
EdgeDataplaneQatStatus (schema)
Information about Edge Dataplane QAT status
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| admin_status | QAT enabled QAT device enabled |
boolean | Readonly |
| device_present | QAT present QAT device present |
boolean | Readonly |
| fips_compliant | FIPS compliance FIPS compliance of QAT feature |
boolean | Readonly |
| is_vm | VM deployment Edge is deployed in VM |
boolean | Readonly |
| operational_status | QAT running QAT device currently running |
boolean | Readonly |
EdgeDataplaneQueueNumPerPortPerCoreSetting (schema)
Rx and Tx queue number
Provides information about the number of receive(Rx) and transmit(Tx) queue per port
per core on the edge transport node.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| queue_num_per_port_per_core | Queue number per port per core The total number of receive(Rx) and transmit(Tx) queues that edge dataplane allocates per port per core. |
integer | Minimum: 1 Maximum: 16 |
EdgeDataplaneRingSize (schema)
Edge dataplane ring size
Provides information about the receive(Rx) and transmit(Tx) ring buffer size of
the edge dataplane. These buffers store the incoming and outgoing packets on the
edge NIC respectively.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| rx_ring_size | Rx ring size The size of the ring buffer which stores the incoming packets on the edge NIC before they are processed. |
integer | |
| tx_ring_size | Tx ring size The size of the ring buffer which stores the packets to be sent out from the edge NIC. |
integer |
EdgeDataplaneRingSizeSetting (schema)
Information about Edge physical port ring size setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| ring_size | ring size | integer |
EdgeDataplaneTopKFlowQueryParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| core_id | CPU core on which the flows are to be monitored CPU core on which the flows are to be monitored |
integer | Minimum: 0 Maximum: 128 |
| fields | Fields to include in query results Comma-separated field names to include in query result |
string | |
| timeout | Timeout for flow monitor in seconds Timeout for flow monitor in seconds |
integer | Minimum: 1 Maximum: 120 Default: "30" |
EdgeDataplaneTopKFlows (schema)
Edge dataplane top-k flow dump
| Name | Description | Type | Notes |
|---|---|---|---|
| flow_count | Count of flow records Count of flow records in the result |
integer | |
| flows | Array of flow records Array of flow records |
array of EdgeDataplaneFlow |
EdgeDataplaneUptModeSetting (schema)
Information about Edge Dataplane UPT mode setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| upt_mode_enabled | UPT (Uniform Pass Thru) mode setting | boolean | Default: "False" |
EdgeDeploymentType (schema)
Supported edge deployment type.
| Name | Description | Type | Notes |
|---|---|---|---|
| EdgeDeploymentType | Supported edge deployment type. | string | Enum: VIRTUAL_MACHINE, PHYSICAL_MACHINE, UNKNOWN |
EdgeDiagnosis (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| config | Edge Config Diagnosis | EdgeConfigDiagnosis | Required |
| ha-state | HA State | string | Required Enum: disabled, offline, discover, statesync, inactive, active, unknown |
EdgeDiagnosisInconsistency (schema)
NSX Edge inconsistency check
| Name | Description | Type | Notes |
|---|---|---|---|
| detail | NSX Edge inconsistency check detail NSX Edge inconsistency check detail |
array of string | |
| title | NSX Edge inconsistency check type NSX Edge inconsistency check type |
string |
EdgeDiagnosisInconsistencyResult (schema)
NSX Edge inconsistency check result
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | NSX Edge inconsistency check result | array of EdgeDiagnosisInconsistency | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EdgeFormFactor (schema)
Supported edge form factor.
| Name | Description | Type | Notes |
|---|---|---|---|
| EdgeFormFactor | Supported edge form factor. | string | Enum: SMALL, MEDIUM, LARGE, XLARGE |
EdgeHighAvailabilityProfile (schema) (Deprecated)
Profile for BFD HA cluster setting
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| bfd_allowed_hops | BFD allowed hops | integer | Minimum: 1 Maximum: 255 Default: "255" |
| bfd_declare_dead_multiple | Number of times a packet is missed before BFD declares the neighbor down. | integer | Minimum: 2 Maximum: 16 Default: "3" |
| bfd_probe_interval | the time interval (in millisec) between probe packets for heartbeat purpose | integer | Minimum: 50 Maximum: 60000 Default: "500" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value EdgeHighAvailabilityProfile | ClusterProfileType | Required |
| standby_relocation_config | Standby service contexts relocation setting | StandbyRelocationConfig | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
EdgeIPSecDetermRSSSetting (schema)
Information about Edge IPSec Deterministic RSS Setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| deterministic_esp_rss | Deterministic ESP RSS Config Deterministically queue ESP packets to CPU queues, to achieve higher throughout. |
boolean | |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value EdgeIPSecDetermRSSSetting | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
EdgeIPSecDetermRSSValues (schema)
Information about Edge IPSec Deterministic RSS Values.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| deterministic_esp_rss_driver_status | Deterministic ESP RSS Driver Status Shows driver status of deterministic esp rss feature. |
string | Enum: ENABLED, DISABLED |
| deterministic_esp_rss_enabled | Deterministic ESP RSS Config Status Shows configured value of deterministic esp rss feature. |
boolean | |
| deterministic_esp_rss_status | Deterministic ESP RSS Runtime Status Shows runtime status of deterministic esp rss feature. |
string | Enum: ENABLED, DISABLED |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value EdgeIPSecDetermRSSValues | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
EdgeInconsistencyQueryParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) A cursor points to a specific record in the inconsistency check result |
integer | Minimum: 0 |
| page_size | Maximum number of results to return in this page (server may return fewer) The page size determines the number of records to be returned |
integer | Minimum: 1 Maximum: 100 |
EdgeMemberAllocationStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| allocated_services | Services allocated on edge node List of services allocated on the edge node. |
array of AllocatedService | Readonly |
| allocation_pools | Pool Allocation details Allocation details of pools defined on the edge node. |
array of AllocationPool | Readonly |
| member_index | System generated index for cluster member System generated index for transport node backed by edge node. |
int | Readonly |
| node_display_name | Identifier to use when displaying cluster member in logs or GUI Display name of edge cluster member. Defaults to ID if not set. |
string | Readonly |
| node_id | Unique identifier of edge node System allotted UUID of edge node. |
string | Readonly |
EdgeNode (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| allocation_list | Allocation list List of logical router ids to which this edge node is allocated. |
array of string | Readonly |
| deployment_config | Config for automatic deployment of edge node virtual machine. When this configuration is specified, edge fabric node of deployment_type VIRTUAL_MACHINE will be deployed and registered with MP. |
EdgeNodeDeploymentConfig | |
| deployment_type | EdgeDeploymentType | Readonly | |
| description | Description of this resource This field is deprecated. TransportNode field 'description' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload. |
string | Deprecated Maximum length: 1024 Sortable |
| discovered_ip_addresses | Discovered IP Addresses of the fabric node, version 4 or 6 | array of IPAddress | Readonly |
| display_name | Identifier to use when displaying entity in logs or GUI This field is deprecated. TransportNode field 'display_name' must be used instead. For HostNode, this field defaults to ID if not set. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload. |
string | Deprecated Maximum length: 255 Sortable |
| external_id | ID of the Node maintained on the Node and used to recognize the Node | string | |
| fqdn | Fully qualified domain name of the fabric node | string | Readonly |
| id | Unique identifier of this resource Unique identifier of this resource. |
string | Sortable |
| ip_addresses | IP Addresses of the Node, version 4 or 6 IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered. |
array of IPAddress | |
| node_settings | Current configuration on edge node. Reports the current configuration of host name, SSH and servers configured for DNS, syslog, NTP. The settings are configured as part of automatic deployment of edge virtual machine. The settings are editable. |
EdgeNodeSettings | Required |
| resource_type | Must be set to the value EdgeNode | string | Required |
| tags | Opaque identifiers meaningful to the API user This field is deprecated. TransportNode field 'tags' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload. |
array of Tag | Deprecated Maximum items: 30 |
EdgeNodeDeploymentConfig (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| form_factor | EdgeFormFactor | Default: "MEDIUM" | |
| node_user_settings | Node user settings Username and password settings for the node. Note - these settings will be honored only during node deployment. Post deployment, CLI must be used for changing the user settings, changes to these parameters will not have any effect. |
NodeUserSettings | Required |
| vm_deployment_config | DeploymentConfig (Abstract type: pass one of the following concrete types) DeploymentConfig VsphereDeploymentConfig |
Required |
EdgeNodeRefreshRequestParameters (schema)
Parameters for Edge node refresh request
| Name | Description | Type | Notes |
|---|---|---|---|
| read_only | Read-only flag for Refresh API If readonly is true, then internal objects like resource reservation, allocation etc are updated. Note that Edge transport node intent is not updated. If it is false or if not set, then internal objects and Edge transport node intent both are updated |
boolean | Default: "False" |
EdgeNodeServiceLoggingProperties (schema)
Edge node service properties
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| service_name | Service name | string | Required |
| service_properties |
EdgeNodeServiceLoggingReadOnlyProperties (schema)
Edge node service properties
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| service_name | Service name | string | Required |
| service_properties |
EdgeNodeSettings (schema)
The settings are used during deployment and consequent update of an edge,
unless indicated otherwise.
These settings are editable for manually deployed edge nodes as well.
If using DHCP, you must leave the following fields unset: search_domains,
management_port_subnets, dns_servers and default_gateway_addresses.
EdgeNodeSettings reports current values configured on the edge node.
If the settings lag with actual state on the edge,
these may be refreshed at NSX Manager using API POST api/v1/transport-nodes
/<transport-node-id>?action=refresh_node_configuration&resource_type=
EdgeNode
| Name | Description | Type | Notes |
|---|---|---|---|
| advanced_configuration | Advanced configuration Array of additional specific properties for advanced or cloud- specific deployments in key-value format. |
array of KeyValuePair | |
| allow_ssh_root_login | Allow root SSH logins. Allowing root SSH logins is not recommended for security reasons. Edit of this property is not supported when updating transport node. Use the CLI to change this property. |
boolean | Default: "False" |
| dns_servers | DNS servers. List of DNS servers. |
array of IPAddress | |
| enable_ssh | Enable SSH. Enabling SSH service is not recommended for security reasons. |
boolean | Default: "False" |
| enable_upt_mode | Enable Uniform Passthrough mode. Enable Uniform Passthrough ( UPT ) on VMXNET 3 devices to improve overall system performance and reduces latency. Caution: This involves restart of the edge dataplane and hence may lead to network disruption. Use GET api/v1/transport-nodes/ to monitor realization of UPT. |
boolean | Default: "False" |
| hostname | Host name or FQDN for edge node. | string | Required Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$" |
| ntp_servers | NTP servers. List of NTP servers. |
array of HostnameOrIPAddress | |
| search_domains | Search domain names. List of domain names that are used to complete unqualified host names. |
array of string | |
| syslog_servers | Syslog servers List of Syslog server configuration. |
array of SyslogConfiguration | Maximum items: 5 |
EdgeTransportNodeDatapathMemoryPoolUsage (schema)
Usage of datapath memory pool
Datapath memory pool usage value.
| Name | Description | Type | Notes |
|---|---|---|---|
| description | Description of the memory pool Description of the memory pool. |
string | Readonly |
| name | Name of the datapath memory pool Name of the datapath memory pool as available on edge node CLI. |
string | Readonly |
| usage | Percentage of memory pool in use Percentage of memory pool in use. |
number | Readonly |
EdgeTransportNodeDatapathMemoryUsage (schema)
Detailed view of the datapath memory usage. Details out the heap and per memory pool usage
Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage.
| Name | Description | Type | Notes |
|---|---|---|---|
| datapath_heap_usage | Percentage of heap memory in use Percentage of heap memory in use. |
number | Readonly |
| datapath_mem_pools_usage | array of EdgeTransportNodeDatapathMemoryPoolUsage | ||
| highest_datapath_mem_pool_usage | Highest percentage usage value among datapath memory pools Highest percentage usage value among datapath memory pools. |
number | Readonly |
| highest_datapath_mem_pool_usage_names | array of string |
EdgeTransportNodeMemoryUsage (schema)
Memory usage details of edge node
Point in time usage of system, datapath, swap and cache memory in edge node.
| Name | Description | Type | Notes |
|---|---|---|---|
| cache_usage | Percentage of RAM on the system that can be flushed out to disk Percentage of RAM on the system that can be flushed out to disk. |
number | Readonly |
| datapath_mem_usage_details | Detailed view of the datapath memory usage. Details out the heap and per memory pool usage Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage. |
EdgeTransportNodeDatapathMemoryUsage | Readonly |
| datapath_total_usage | Percentage of memory in use by datapath processes Percentage of memory in use by datapath processes which includes RES and hugepage memory. |
number | Readonly |
| swap_usage | Percentage of swap disk in use Percentage of swap disk in use. |
number | Readonly |
| system_mem_usage | Percentage of RAM in use on edge node Percentage of RAM in use on edge node. |
number | Readonly |
EdgeUpgradeStatus (schema)
Status of edge upgrade
| Name | Description | Type | Notes |
|---|---|---|---|
| can_rollback | Can perform rollback This field indicates whether we can perform upgrade rollback. |
boolean | Readonly |
| can_skip | Can the upgrade of the remaining units in this component be skipped | boolean | Readonly |
| component_type | Component type for the upgrade status | string | Readonly |
| current_version_node_summary | Mapping of current versions of nodes and counts of nodes at the respective versions. | NodeSummaryList | Readonly |
| details | Details about the upgrade status | string | Readonly |
| node_count_at_target_version | Count of nodes at target component version Number of nodes of the type and at the component version |
int | Readonly |
| percent_complete | Indicator of upgrade progress in percentage | number | Required Readonly |
| pre_upgrade_status | Pre-upgrade status of the component-type | UpgradeChecksExecutionStatus | Readonly |
| status | Upgrade status of component | string | Required Readonly Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED |
| target_component_version | Target component version | string | Readonly |
EffectiveIPAddressMemberListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of effective ip addresses for the given NSGroup | array of IPElement | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EffectiveIPInfo (schema)
List of effective ip address along with site id
| Name | Description | Type | Notes |
|---|---|---|---|
| effective_ips | array of IPElement | Required | |
| site_id | Id of the site to which the effective IPs belong to | string | Required |
EffectiveMemberResourceListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of resources which are the effective members of an NSGroup. | array of ResourceReference | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EffectiveMemberTypeListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| result_count | Count of the member types in the results array | integer | Required Readonly |
| results | Collection of member types for the given NSGroup | array of NSGroupValidResourceType | Required |
EffectiveProfileListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged Collection of profiles which are applied to an Entity | array of NSXProfileReference | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EffectiveProfileRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| profile_type | Fetch effectivw profiles of the given profile_type | string | |
| resource_id | The resource for which the effective profiles are to be fetched | string | Required |
| resource_type | Type of the resource for which effective profiles are to be fetched | EffectiveProfileResourceType | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
EffectiveProfileResourceType (schema)
Valid Resource type in effective profiles API
This enum defines the valid Resource types to be used
in effective profiles API
| Name | Description | Type | Notes |
|---|---|---|---|
| EffectiveProfileResourceType | Valid Resource type in effective profiles API This enum defines the valid Resource types to be used in effective profiles API |
string | Enum: NSGroup, LogicalPort, VirtualMachine, TransportNode, LogicalRouter, LogicalSwitch |
EffectiveProfilesResponse (schema)
Enforcement point request entity
| Name | Description | Type | Notes |
|---|---|---|---|
| profiles_list | array of SwitchingProfileTypeIdEntry |
EgressRateLimiter (schema)
A shaper that specifies egress rate properties in Mb/s
| Name | Description | Type | Notes |
|---|---|---|---|
| average_bandwidth | Average bandwidth in Mb/s | int | Minimum: 0 Default: "0" |
| burst_size | Burst size in bytes | int | Minimum: 0 Default: "0" |
| enabled | boolean | Required | |
| peak_bandwidth | Peak bandwidth in Mb/s | int | Minimum: 0 Default: "0" |
| resource_type | Must be set to the value EgressRateLimiter | string | Required Enum: IngressRateLimiter, IngressBroadcastRateLimiter, EgressRateLimiter Default: "IngressRateLimiter" |
EgressRateShaper (schema) (Deprecated)
A shaper that specifies egress rate properties in Mb/s
| Name | Description | Type | Notes |
|---|---|---|---|
| average_bandwidth_mbps | Average bandwidth in Mb/s | int | Minimum: 0 Default: "0" |
| burst_size_bytes | Burst size in bytes | int | Minimum: 0 Default: "0" |
| enabled | boolean | Required | |
| peak_bandwidth_mbps | Peak bandwidth in Mb/s | int | Minimum: 0 Default: "0" |
| resource_type | Must be set to the value EgressRateShaper | string | Required Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper Default: "IngressRateShaper" |
EmbeddedResource (schema)
Base class for resources that are embedded in other resources
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _owner | Owner of this resource | OwnerResourceLink | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Identifier of the resource | string | Readonly |
| resource_type | The type of this resource. | string |
EncapsulationType (schema)
Encapsulation type for L3PortMirrorSession
You can choose the encapsulation type of the mirroring, now we support
GRE, ERSPAN II and ERSPAN III.
| Name | Description | Type | Notes |
|---|---|---|---|
| EncapsulationType | Encapsulation type for L3PortMirrorSession You can choose the encapsulation type of the mirroring, now we support GRE, ERSPAN II and ERSPAN III. |
string | Enum: GRE, ERSPAN_TWO, ERSPAN_THREE |
Endpoint (schema)
Tunnel endpoint configuration
An Endpoint object is part of HostSwitch configuration in TransportNode
| Name | Description | Type | Notes |
|---|---|---|---|
| default_gateway | Gateway IP | IPAddress | Readonly |
| device_name | Name of the virtual tunnel endpoint | string | Readonly |
| ip | IP Address of this virtual tunnel endpoint Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool. |
IPAddress | Readonly |
| ipv6 | IPv6 endpoint | IPv6EndPoint | Readonly |
| label | Unique label for this Endpoint | int | Readonly |
| mac | MAC address | MACAddress | Readonly |
| subnet_mask | Subnet mask | IPAddress | Readonly |
EndpointPolicy (schema)
Contains ordered list of Endpoint Rules
Ordered list of Endpoint Rules ordered by sequence number of the entries.
The maximum number of policies is 25.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildEndpointRule |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| endpoint_rules | Endpoint Rules that are a part of this EndpointPolicy | array of EndpointRule | |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value EndpointPolicy | string | |
| sequence_number | Precedence to resolve conflicts across Domains This field is used to resolve conflicts between maps across domains. |
int | Minimum: 0 Maximum: 499 Default: "0" |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
EndpointPolicyListRequestParameters (schema)
EndpointPolicy list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
EndpointPolicyListResult (schema)
Paged Collection of Groups
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Guest Introspection Map list results | array of EndpointPolicy | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EndpointRule (schema)
Endpoint Rule for guest introspection.
Endpoint Rule comes from user configuration. User configures Endpoint Rule to specify what services are applied on the groups.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| groups | group paths We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Required Maximum items: 50 |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value EndpointRule | string | |
| sequence_number | Sequence number of this Entry This field is used to resolve conflicts between multiple entries under EndpointPolicy. It will be system default value when not specified by user. |
int | Minimum: 0 Maximum: 499 Default: "0" |
| service_profiles | Names of service profiles The policy paths of service profiles are listed here. It pecifies what services are applied on the group. Currently only one is allowed. |
array of string | Required Maximum items: 1 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
EndpointRuleListRequestParameters (schema)
Endpoint Rule list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
EndpointRuleListResult (schema)
Paged Collection of Endpoint Rules
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Endpoint Rule list results | array of EndpointRule | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EnforcedStatusDetailsNsxT (schema)
NSX-T Enforced Realized Status Details
Detailed Realized Status of an intent object on an NSX-T type of enforcement point. This is
a detailed view of the Realized Status of an intent object from an NSX-T enforcement point
perspective.
| Name | Description | Type | Notes |
|---|---|---|---|
| enforced_status_info | Enforced Realized Status Info Information about the realized status of the intent on this enforcement point. Some very recent changes may be excluded when preparing this information, which is indicated by Pending Changes Info. |
EnforcedStatusInfoNsxT | Readonly |
| pending_changes_info | Pending Changes Info Information about pending changes, if any, that aren't reflected in the Enforced Realized Status. |
PendingChangesInfoNsxT | Readonly |
EnforcedStatusInfoNsxT (schema)
NSX-T Enforced Realized Status Information
Information about the realized status of the intent object on an NSX-T type of enforcement point.
Some very recent changes may be excluded when preparing this information, which is indicated by
Pending Changes Info. In addition to the realized status across all scopes, this information holds
details about enforced realized status per scope.
| Name | Description | Type | Notes |
|---|---|---|---|
| enforced_status | Enforced Realized Status Consolidated Realized Status of an Intent object across all scopes of an NSX-T type of enforcement point. |
EnforcedStatusNsxT | Readonly |
| enforced_status_per_scope | List of Enforced Realized Status per Scope List of Enforced Realized Status per Scope. |
array of EnforcedStatusPerScopeNsxT (Abstract type: pass one of the following concrete types) TransportNodeSpanEnforcedStatus |
Readonly |
EnforcedStatusNsxT (schema)
NSX-T Enforced Status
NSX-T Enforced Status.
| Name | Description | Type | Notes |
|---|---|---|---|
| status | Enforced Realized Status Enforced Realized Status. |
RuntimeState | Readonly |
| status_message | Status Message Status Message conveying hints depending on the status value. |
string | Readonly |
EnforcedStatusPerScopeNsxT (schema)
NSX-T Enforced Realized Status Per Scope
NSX-T Detailed Realized Status Per Scope.
This is an abstract type. Concrete child types:
TransportNodeSpanEnforcedStatus
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Resource Type Enforced Realized Status Per Scope Resource Type. |
string | Required Readonly Enum: TransportNodeSpanEnforcedStatus |
EnforcedStatusPerTransportNode (schema)
Enforced Realized Status Per Transport Node
Detailed Realized Status Per Transport Node.
| Name | Description | Type | Notes |
|---|---|---|---|
| display_name | Transport Node Display Name Display name of the transport node. |
string | Readonly |
| enforced_status | Enforced Realized Status Realized Status of an Intent object on this Transport Node. |
EnforcedStatusNsxT | Readonly |
| nsx_id | Transport Node Identifier UUID identifying uniquely the Transport Node. |
string | Readonly |
| path | Transport Node Path Policy Path referencing the transport node. |
string | Readonly |
EnforcementPoint (schema)
Enforcement Point
Enforcement point is the endpoint where policy configurations are applied.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| auto_enforce | Auto Enforce Flag Auto enforce flag suggests whether the policy objects shall be automatically enforced on this enforcement point or not. When this flag is set to true, all policy objects will be automatically enforced on this enforcement point. If this flag is set to false, user shall rely on the usual means of realization, i.e., deployment maps. |
boolean | Default: "True" |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildClusterControlPlane ChildHostTransportNode ChildHostTransportNodeCollection ChildPolicyEdgeCluster ChildPolicyTransportZone ChildSubCluster |
|
| connection_info | Enforcement Point Connection Info Connection Info of the Enforcement Point. |
EnforcementPointConnectionInfo (Abstract type: pass one of the following concrete types) AviConnectionInfo CvxConnectionInfo NSXTConnectionInfo NSXVConnectionInfo |
Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value EnforcementPoint | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| version | Enforcement point Version Version of the Enforcement point. |
string | Readonly |
EnforcementPointConnectionInfo (schema)
Enforcement Point Connection Info
Contains information required to connect to enforcement point.
This is an abstract type. Concrete child types:
AviConnectionInfo
CvxConnectionInfo
NSXTConnectionInfo
NSXVConnectionInfo
| Name | Description | Type | Notes |
|---|---|---|---|
| enforcement_point_address | Enforcement Point Address Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be "10.192.1.1" - On an NSX-T MP running on custom port, the value could be "192.168.1.1:32789" - On an NSX-T MP in VMC deployments, the value could be "192.168.1.1:5480/nsxapi" |
string | Required |
| resource_type | Connection Info Resource Type Resource Type of Enforcement Point Connection Info. |
string | Required Enum: NSXTConnectionInfo, NSXVConnectionInfo, CvxConnectionInfo, AviConnectionInfo |
EnforcementPointListRequestParameters (schema)
Enforcement Point List Request Parameters
Enforcement point list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
EnforcementPointListResult (schema)
Paged Collection of EnforcementPoints
Paged collection of enforcement points.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Enforcement Point List Results Enforcement Point list Results. |
array of EnforcementPoint | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EnforcementPointRequest (schema)
Enforcement point request entity
| Name | Description | Type | Notes |
|---|---|---|---|
| enforcement_point_path | Enforcement point path Policy path of enforcement point on request is to be made. |
string |
EntityInstanceCountConstraintExpression (schema)
Represents the leaf level constraint to restrict the number instances of type.
Represents the leaf level constraint to restrict the number of instances of an entity
type that can be created.
Lowering the limit on the number of instances of a given type is allowed even in cases
where there are instances more than the specified limit already in the system.
In this case, creation of new instances of that type will be disallowed unless the number
of instances goes below the limit.
One of the main usage of this expression is to implement Quotas in the multi-tenancy context.
It allows to limit the number of resources which can be created inside a Project or Vpc.
It also forbids consumption of specific resource by putting its entity count to 0.
Note that, update/delete operations will continue to be allowed on already created instances.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| count | Instance count. Instance count. |
integer | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| operator | Operations supported '<' and '<='. | string | Required |
| resource_type | Must be set to the value EntityInstanceCountConstraintExpression | string | Required Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target_resource_type | Resource type of the target entity. This needs to be set for all
cases where the target does not specify the type.
Target resource type accepts input as DTO Type or FQDN. It also supports dot format like SecurityPolicy.Rule in a scenario where same DTO type shared across across policy sub tree. For example DTO type Rule shared by both security policy and gateway policy rules. So to specify any constraint for Security policy rule, user can define the target resource type SecurityPolicy.Rule. |
string |
EntityType (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| EntityType | string | Enum: MANAGER, CONTROLLER, POLICY, HTTPS, CLUSTER_BOOT_MANAGER, DATASTORE, GLOBAL_MANAGER, ASYNC_REPLICATOR, MONITORING, IDPS_REPORTING, CORFU_NONCONFIG |
EpochMsTimestamp (schema)
Timestamp in milliseconds since epoch
| Name | Description | Type | Notes |
|---|---|---|---|
| EpochMsTimestamp | Timestamp in milliseconds since epoch | integer |
ErrorClass (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| error_code | Error code Error code for the error/warning |
integer | Required Readonly |
| error_message | Error/warning message Error/warning message |
string | Required Readonly |
ErrorInfo (schema)
Error information
| Name | Description | Type | Notes |
|---|---|---|---|
| error_code | Error code Error code of the error. |
int | |
| error_message | Error message | string | Required Readonly |
| timestamp | Timestamp when the error occurred | EpochMsTimestamp | Required Readonly |
ErrorResolverInfo (schema)
Metadata related to a given error_id
| Name | Description | Type | Notes |
|---|---|---|---|
| error_id | The error id for which metadata information is needed | integer | Required |
| resolver_present | Indicates whether there is a resolver associated with the error or not | boolean | Required |
| user_metadata | User supplied metadata that might be required by the resolver | ErrorResolverUserMetadata |
ErrorResolverInfoList (schema)
Collection of all registered ErrorResolverInfo
| Name | Description | Type | Notes |
|---|---|---|---|
| results | ErrorResolverInfo list | array of ErrorResolverInfo | Required |
ErrorResolverMetadata (schema)
Error along with its metadata
| Name | Description | Type | Notes |
|---|---|---|---|
| entity_id | The entity/node UUID where the error has occurred. | string | Required |
| error_id | The error id as reported by the entity where the error occurred. | integer | Required |
| system_metadata | This can come from some external system like syslog collector | ErrorResolverSystemMetadata | |
| user_metadata | User supplied metadata that might be required by the resolver | ErrorResolverUserMetadata |
ErrorResolverMetadataList (schema)
List of errors with their metadata
| Name | Description | Type | Notes |
|---|---|---|---|
| errors | List of errors with their corresponding metadata. | array of ErrorResolverMetadata | Required |
ErrorResolverSystemMetadata (schema)
Metadata fetched from an external system like Syslog or LogInsight.
| Name | Description | Type | Notes |
|---|---|---|---|
| value | The value fetched from another system | string |
ErrorResolverUserInputData (schema)
Corresponds to one property entered by the user
| Name | Description | Type | Notes |
|---|---|---|---|
| data_type | The datatype of the given property. Useful for data validation | string | Required Enum: TEXT, NUMBER, PASSWORD |
| property_name | Name of the property supplied by the user | string | Required |
| property_value | The value associated with the above property | string |
ErrorResolverUserMetadata (schema)
User supplied metadata needed for resolving errors
| Name | Description | Type | Notes |
|---|---|---|---|
| user_input_list | List of user supplied input data. | array of ErrorResolverUserInputData |
EsgToRouterMappingOptionSpec (schema)
Spec for NSX-V ESG to NSX-T Router mapping option
Spec for NSX-V ESG to NSX-T Router mapping option.
| Name | Description | Type | Notes |
|---|---|---|---|
| mapping_option | Mapping option Mapping option can be - - UI - FILE_UPLOAD - NO_MAPPING |
string | Required Enum: UI, FILE_UPLOAD, NO_MAPPING |
EsxGlobalOpaqueConfig (schema)
ESX global opaque configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| opaque_config | A list of global opaque configuration for ESX hosts. | array of KeyValuePair | Required |
| resource_type | Must be set to the value EsxGlobalOpaqueConfig | GlobalConfigType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
EtherTypeNSService (schema)
An NSService element that represents an ethertype protocol
| Name | Description | Type | Notes |
|---|---|---|---|
| ether_type | Type of the encapsulated protocol | integer | Required |
| resource_type | Must be set to the value EtherTypeNSService | string | Required Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService |
EtherTypeServiceEntry (schema)
A ServiceEntry that represents an ethertype protocol
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| ether_type | Type of the encapsulated protocol | integer | Required |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value EtherTypeServiceEntry | string | Required Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry, NestedServiceServiceEntry |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
EthernetHeader (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| dst_mac | Destination MAC address of the Ethernet header The destination MAC address of form: "^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00. |
string | |
| eth_type | The value of the type field to be put into the Ethernet header This field defaults to IPv4. |
integer | Minimum: 1 Maximum: 65535 Default: "2048" |
| src_mac | Source MAC address of the Ethernet header The source MAC address of form: "^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00. |
string |
Evaluation (schema)
Criterion Evaluation
Criterion Evaluation is the basic logical condition to evaluate
whether the event could be potentially met.
This is an abstract type. Concrete child types:
SourceFieldEvaluation
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Resource Type Criterion Evaluation resource type. |
string | Required Enum: SourceFieldEvaluation |
Event (schema)
Reaction Event
The Event is the criterion or criteria applied to the source and,
when met, prompt Policy to run the action.
All Reaction Events are constructed with reference to
the object, the "source", that is logically deemed to be the
object upon which the Event in question initially occurred upon.
Some example events include:
- New object was created.
- Change in realization state.
- Specific API is called.
| Name | Description | Type | Notes |
|---|---|---|---|
| criteria | Event Criteria Criteria applied to the source and, if satisfied, would trigger the action. Criteria is composed of criterions. In order for the Criteria to be met, only one of the criterion must be fulfilled (implicit OR). |
array of Criterion | |
| source | Event Source Source that is logically deemed to be the "object" upon which the Event in question initially occurred upon. |
Source (Abstract type: pass one of the following concrete types) ApiRequestBody ResourceOperation |
Required |
EventListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of events defined | array of MonitoringEvent | Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EvpnConfig (schema)
Evpn Configuration
Evpn Configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| advanced_config | Advanced configuration for evpn config Advanced configuration for evpn config. |
EvpnConfigAdvancedConfig | |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| encapsulation_method | Encapsulation method for EVPN. Encapsulation method for EVPN service that is used by the transport layer. |
EvpnEncapConfig | |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| mode | EVPN service mode In INLINE mode, edge nodes participate both in the BGP EVPN control plane route exchange and in data path tunneling between edge nodes and data center gateways. In ROUTE_SERVER mode, edge nodes participate in the BGP EVPN control plane route exchanges only and do not participate in the data forwarding, i.e., the data path tunnels are directly established between the hypervisors and the data center gateways. DISABLE mode disables EVPN service capability. |
string | Enum: INLINE, ROUTE_SERVER, DISABLE Default: "DISABLE" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value EvpnConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
EvpnConfigAdvancedConfig (schema)
Advanced configuration for evpn config
NSX specific configuration for evpn config
| Name | Description | Type | Notes |
|---|---|---|---|
| EvpnConfigAdvancedConfig | Advanced configuration for evpn config NSX specific configuration for evpn config |
object |
EvpnEncapConfig (schema)
Encapsulation method for EVPN
Encapsulation method for EVPN.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| evpn_tenant_config_path | EVPN tenant config path | string | |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value EvpnEncapConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| vni_pool_path | vni pool path | string |
EvpnTenantConfig (schema)
Evpn Tenant Configuration for Evpn in ROUTE-SERVER mode.
This resource is relevant only when Evpn Service is configured in ROUTE-SERVER mode.
The resource defines Vlans to VNIs mappings used by Evpn tenant VMs for overlay VXLAN transmission when attached
to vRouter. The resource contains overlay transport_zone_path and vni_pool_path to orchestrate creation of child Logical-Switches.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mappings | VLANs to VNIs mapping spec This property specifies a mapping spec of incoming Evpn tenant vlan-ids to VXLAN VNIs used for overlay transmission to Physical-Gateways used by vRouters. |
array of VlanVniRangePair | Required Minimum items: 1 Maximum items: 2000 |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value EvpnTenantConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| transport_zone_path | Policy path to the transport zone Policy path to transport zone. Only overlay transport zone is supported. |
string | Required |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
| vni_pool_path | Policy path to the vni pool Policy path to the vni pool used for Evpn in ROUTE-SERVER mode. |
string | Required |
EvpnTenantConfigListRequestParameters (schema)
Evpn Tenant Config list request parameters
Evpn Tenant Config list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
EvpnTenantConfigListResult (schema)
Paged Collection of Evpn Tenant Configuration
Collection of Evpn Tenant Configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Evpn Tenant Config list results Evpn Tenant Config list results |
array of EvpnTenantConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
EvpnTunnelEndpointConfig (schema)
Evpn Tunnel Endpoint Configuration
Evpn Tunnel Endpoint Configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| edge_path | edge path | string | Required |
| id | Unique identifier of this resource | string | Sortable |
| local_addresses | local addresses | array of IPv4Address | Required Minimum items: 1 Maximum items: 1 |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| mtu | MTU | int | Minimum: 64 Maximum: 9100 |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value EvpnTunnelEndpointConfig | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
EvpnTunnelEndpointConfigListRequestParameters (schema)
Evpn Tunnel Endpoint Config list request parameters
Evpn Tunnel Endpoint Config list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
EvpnTunnelEndpointConfigListResult (schema)
Paged Collection of Evpn Tunnel Endpoint Configuration
Collection of Evpn Tunnel Endpoint Configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Evpn Tunnel Endpoint Configuration list results Evpn Tunnel Endpoint Configuration list results |
array of EvpnTunnelEndpointConfig | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ExcludeList (schema)
Exclusion List
List of entities where Distributed Firewall will not be enforced. Exclusion List can contain NSGroup(s) or LogicalPort(s) or LogicalSwitch(es) to exclude Distributed Firewall enforcement.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| member_count | Total Member Count Total number of members present in Exclude List. |
integer | Readonly |
| members | Member list List of members in Exclusion List |
array of ResourceReference | Required Maximum items: 1000 |
| resource_type | Must be set to the value ExcludeList | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ExcludeListRequestParams (schema)
Parameters for filtering the exclude list
| Name | Description | Type | Notes |
|---|---|---|---|
| deep_check | Check all parents Deep check all parents of requested object_id if any of them is in exclude list. If found, makes requested entity as excluded. |
boolean | Default: "False" |
| object_id | identifier of the object | string | Required Maximum length: 64 |
| object_type | Type of the object Used if requested for deep_check. Type allows ability to find its association and parent entities. |
ExcludeMemberType |
ExcludeMemberType (schema)
Object type of an entity
Enum of supported excluded member types.
| Name | Description | Type | Notes |
|---|---|---|---|
| ExcludeMemberType | Object type of an entity Enum of supported excluded member types. |
string | Readonly Enum: NSGroup, LogicalPort, LogicalSwitch |
ExcludedMembersList (schema)
Represents the list of members that need to be excluded
Represents the list of members that need to be excluded
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_address_expression | IP addresses which need to be excluded | IPAddressExpression | |
| path_expression | Paths which need to be excluded. Paths can be only IP address based groups. Upto 50 paths are allowed. |
PathExpression |
ExportRequestParameter (schema)
Export task request parameters
This holds the request parameters required to invoke export task.
| Name | Description | Type | Notes |
|---|---|---|---|
| draft_path | Policy path of draft Policy path of a draft which is to be exported. If not provided, current firewall configuration will then be exported. |
string | |
| passphrase | Passphrase to sign exported files Passphrase to sign exported files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one non-space special character. |
secure_string | Required |
ExportTask (schema)
Export task information
This object holds the information of the export task.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| async_response_available | True if response for asynchronous request is available | boolean | Readonly |
| cancelable | True if this task can be canceled | boolean | Readonly |
| description | Description of the task | string | Readonly |
| draft_path | Policy path of a draft Policy path of a draft if this is an export task to export draft configuration. |
string | Readonly |
| end_time | The end time of the task in epoch milliseconds | EpochMsTimestamp | Readonly |
| exported_file | Name of the exported file Name of the exported file generated after completion of export task. |
string | Readonly |
| failure_msg | Reason of the task failure This property holds the reason of the task failure, if any. |
string | Readonly |
| id | Identifier for this task | string | Readonly |
| message | A message describing the disposition of the task | string | Readonly |
| progress | Task progress if known, from 0 to 100 | integer | Readonly Minimum: 0 Maximum: 100 |
| request_method | HTTP request method | string | Readonly |
| request_uri | URI of the method invocation that spawned this task | string | Readonly |
| start_time | The start time of the task in epoch milliseconds | EpochMsTimestamp | Readonly |
| status | Current status of the task | TaskStatus | Readonly |
| user | Name of the user who created this task | string | Readonly |
Expression (schema)
Base class for each node of the expression
All the nodes of the expression extend from this abstract class. This
is present for extensibility.
This is an abstract type. Concrete child types:
Condition
ConjunctionOperator
ExternalIDExpression
GroupScopeExpression
IPAddressExpression
IdentityGroupExpression
MACAddressExpression
NestedExpression
PathExpression
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value Expression | string | Required Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ExtendDvpgWorkflowSpec (schema)
Extend DVPG workflow spec
Extend DVPG workflow spec.
| Name | Description | Type | Notes |
|---|---|---|---|
| bridge_profile_path | Policy path to L2 Bridge profile Policy path to L2 Bridge profile. Same bridge profile can be configured on different segments. Each bridge profile on a segment must be unique. It is required if bridge mode is chosen as EDGE_BRIDGE. |
string | |
| bridging_mode | Bridging mode Bridging mode. |
BridgingMode | Default: "EDGE_BRIDGE" |
| dhcpv4_server_ips | List of DHCPv4 server IP addresses IPs of DHCPv4 servers used by VMs connected to the DVPG in the subnet. |
array of string | |
| dhcpv6_server_ips | List of DHCPv6 server IP addresses IPs of DHCPv6 servers used by VMs connected to the DVPG in the subnet. |
array of string | |
| dvpg_id | DVPG ID DVPG ID. |
string | Required |
| ip_subnets | A SegmentIpSubnets for the overlay segment to which the DVPG will be bridged A SegmentIpSubnets for the overlay segment to which the DVPG will be bridged. |
SegmentIpSubnets | Required |
| overlay_transport_zone_path | Overlay transport zone path The path of overlay transport zone in which the segment will be auto created. The default overlay-TZ will be used if it is not provided. |
string | |
| project_id | Project ID Project ID. |
string | |
| segment_name_for_auto_creation | Segment name for auto creation The segment name with which to auto create a segment for bridging the DVPG. Do not set this property if an existing segment will be used to bridge the DVPG. Only one of this property or the "segment_path" property must be set. |
string | |
| segment_path | Existing segment path to bridge DVPG The path of an existing segment to bridge the DVPG. Do not set this property if a new segment will be created to bridge the DVPG. Only one of this property or the "segment_name_for_auto_creation" property must be set. |
string | |
| type | Must be set to the value ExtendDvpgWorkflowSpec | WorkflowSpecType | Required |
| uplink_teaming_policy_name | Uplink teaming policy name The name of switching uplink teaming policy for bridge endpoint. This name corresponds to one of the switching uplink teaming policy names listed in the VLAN transport zone specified by the property "vlan_transport_zone_path". |
string | |
| vlan_transport_zone_path | VLAN transport zone path The path of VLAN transport zone that represents the underlay L2 domain in which the DVPGs will be bridged to overlay segments. An unique VLAN transport zone should be assigned to each underlay L2 domain when needed for bridging. If two VLANs in two underlay L2 domains are combined together as one L2 broadcast-domain by certain L2 extension, the two underlay L2 domains still should have two different VLAN transport zones assigned to them. If it is not given when the 'bridging_mode' is EDGE_BRIDGE, the VLAN transport zone path in the config spec of the edge node(s) in the bridge profile of 'bridge_profile_path' will be used, or an error will be thrown if a unique VLAN transport zone path cannot be found in the spec of the edge node(s). |
string |
ExtendedSolutionConfig (schema)
Extended Solution Configuration Info
Extended Solution Config would contain Vendor specific information required for NXGI partner Service VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| attributes | Servcie attributes List of attributes specific to a partner which needs to be passed to host. |
array of Attribute | Maximum items: 128 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value ExtendedSolutionConfig | string | |
| service_id | Service Id The service to which the solution config belongs. |
string | Readonly |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
ExternalGatewayBfdConfig (schema)
External Bidirectional Flow Detection configuration
Configuration for BFD session between host nodes and external gateways.
If this configuration is not provided, system defaults are applied.
| Name | Description | Type | Notes |
|---|---|---|---|
| bfd_profile_path | Policy path to Bfd Profile | string | |
| enable | Enable BFD session Flag to enable BFD session. |
boolean | Default: "True" |
ExternalIDExpression (schema)
External ID expression node
Represents external ID expressions in the form of an array, to support addition of objects like virtual interfaces, virtual machines, CloudNativeServiceInstance PhysicalServer to a group.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| external_ids | Array of external IDs for the specified member type This array can consist of one or more external IDs for the specified member type. |
array of string | Required Minimum items: 1 |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| member_type | External ID member type | string | Required Enum: VirtualMachine, VirtualNetworkInterface, CloudNativeServiceInstance, PhysicalServer |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ExternalIDExpression | string | Required Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ExtraConfig (schema) (Deprecated)
Vendor specific configuration on logical switch or logical port
Extra config is intended for supporting vendor specific configuration on the
data path, it can be set as key value string pairs on either logical switch
or logical port.
If it was set on logical switch, it will be inherited automatically by logical
ports in it. Also logical port setting will override logical switch setting
if specific key was dual set on both logical switch and logical port.
| Name | Description | Type | Notes |
|---|---|---|---|
| config_pair | Key value pair in string for the configuration | UnboundedKeyValuePair | Required |
ExtraConfigHostSwitchProfile (schema) (Deprecated)
Profile for extra configs in host switch
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| extra_configs | list of extra configs | array of ExtraConfig | |
| id | Unique identifier of this resource | string | Sortable |
| required_capabilities | array of string | Readonly | |
| resource_type | Must be set to the value ExtraConfigHostSwitchProfile | HostSwitchProfileType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
FIPSGlobalConfig (schema)
Global configuration
Global configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| lb_fips_enabled | A flag to turn on or turn off the FIPS compliance of load balancer feature. This is a deprecated property which is always set as true. When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature. |
boolean | Deprecated Readonly Default: "True" |
| tls_fips_enabled | A flag to turn on or turn off the FIPS compliance of TLS inspection feature. When this flag is set to true FIPS mode will be set on ssl encryptions of TLS inspection feature. |
boolean | Readonly Default: "False" |
FabricHostNode (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| compute_collection_id | Compute collection id Id of the compute collection to which discovered node belongs. |
string | Readonly |
| discovered_ip_addresses | Discovered IP Addresses of the transport node, version 4 or 6 | array of IPAddress | Readonly |
| discovered_node_id | Discovered node id Id of discovered node which was converted to create this node. |
string | Readonly |
| dpu | List of DPU information Specifies details of data processing units (DPU) present on ESXi Host. |
array of DpuInfo | Readonly |
| fqdn | Fully qualified domain name of the transport node | string | Readonly |
| host_credential | Host login credentials Login credentials for the host. It is mandatory to provide credentials while adding host to MP to create transport node. |
HostNodeLoginCredential | |
| ip_addresses | IP Addresses of the Node, version 4 or 6 IP Addresses of the Node, version 4 or 6. |
array of IPAddress | Required |
| maintenance_mode_state | Maintenance mode state Indicates host node's maintenance mode state. The state is ENTERING when a task to put the host in maintenance-mode is in progress. |
string | Readonly Enum: OFF, ENTERING, ON |
| managed_by_server | Id of vCenter server managing the HostNode The id of the vCenter server managing the ESXi type HostNode |
string | Readonly |
| os_type | Hypervisor OS type Hypervisor type, for example ESXi or RHEL KVM |
string | Required Enum: ESXI, RHELKVM, RHELSERVER, WINDOWSSERVER, RHELCONTAINER, UBUNTUKVM, UBUNTUSERVER, HYPERV, CENTOSKVM, CENTOSSERVER, CENTOSCONTAINER, SLESKVM, SLESSERVER, OELSERVER |
| os_version | Hypervisor OS version Version of the hypervisor operating system |
string | |
| windows_install_location | Install location of Windows Server on baremetal being managed by NSX Specify an installation folder to install the NSX kernel modules for Windows Server. By default, it is C:\Program Files\VMware\NSX\. |
string |
FailedNodeSupportBundleResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| error_code | Error code | string | Required Readonly |
| error_message | Error message | string | Required Readonly |
| node_display_name | Display name of node | string | Required Readonly |
| node_id | UUID of node | string | Required Readonly |
| node_ip | IPv4 address of node | string | Required Readonly |
| node_ipv6 | IPv6 address of node | string | Required Readonly |
FailedOrWarningConfig (schema)
Failed or Warning Config
| Name | Description | Type | Notes |
|---|---|---|---|
| controller | Controller Connection State | string | |
| core | Core Names | array of string | |
| dataplane | Dataplane State | string | |
| edge-agent | Edge Agent State | string | |
| manager | Manager Connection State | string | |
| nestdb | NestDB State | string | |
| nsd | Nsd State | string | |
| nsxa-edge-cluster | Edge Cluster State | string | |
| nsxa-lrouter | Logical Router State | string | |
| nsxa-service-router | Service Router State | string | |
| nsxa-state | NSXA State | string |
FailureDomain (schema)
Failure Domain for edge transport node
Failure Domain is engineered to be isolated from failures in other failure
domains, and to provide inexpensive, low-latency network connectivity to
other failure domains in the same region. We support failure domain only on
edge transport node. Like you can consider one rack as one failure domain
and place active-standby contexts like logical router, DHCP and MDProxy in
two different failure domains (racks). So failure of a single rack (FD) does
not impact any services and other rack (FD) will continue to handle traffic.
Initially system creates one default failure domain. For any edge transport
node, if failure domains is not given, it will be mapped to default system
generated failure domain. You can't update preferred_active_edge_services
flag for system generated default failure domain. It will be unset which
means that failure domain can be used for both active and standby allocation.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| preferred_active_edge_services | Set preference for failure domain Set preference for edge transport node failure domain which will be considered while doing auto placement of logical router, DHCP and MDProxy on edge node. true: For preemptive failover mode, active edge cluster member allocation preferes this failure domain. false: For preemptive failover mode, standby edge cluster member allocation preferes this failure domain. Default will be unset. It means no explicit preference. |
boolean | |
| resource_type | Must be set to the value FailureDomain | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
FailureDomainListResult (schema)
Failure Domain queries result
It will have list of failure domains which also includes system generated
failure domain.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Failure Domain Results Array of all failure domains including system generated default failure domain |
array of FailureDomain | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FastPathLcoreUsageStats (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has never updated the data. | EpochMsTimestamp | Readonly |
| lcore_rank_01_lcore_id | Lcore ID of Lcore Usage Rank 1. | int | |
| lcore_rank_01_lcore_usage | Rank 1 Lcore usage. | number | |
| lcore_rank_02_lcore_id | Lcore ID of Lcore Usage Rank 2. | int | |
| lcore_rank_02_lcore_usage | Rank 2 Lcore usage. | number | |
| lcore_rank_03_lcore_id | Lcore ID of Lcore Usage Rank 3. | int | |
| lcore_rank_03_lcore_usage | Rank 3 Lcore usage. | number | |
| lcore_rank_04_lcore_id | Lcore ID of Lcore Usage Rank 4. | int | |
| lcore_rank_04_lcore_usage | Rank 4 Lcore usage. | number | |
| lcore_rank_05_lcore_id | Lcore ID of Lcore Usage Rank 5. | int | |
| lcore_rank_05_lcore_usage | Rank 5 Lcore usage. | number | |
| lcore_rank_06_lcore_id | Lcore ID of Lcore Usage Rank 6. | int | |
| lcore_rank_06_lcore_usage | Rank 6 Lcore usage. | number | |
| lcore_rank_07_lcore_id | Lcore ID of Lcore Usage Rank 7. | int | |
| lcore_rank_07_lcore_usage | Rank 7 Lcore usage. | number | |
| lcore_rank_08_lcore_id | Lcore ID of Lcore Usage Rank 8. | int | |
| lcore_rank_08_lcore_usage | Rank 8 Lcore usage. | number | |
| lcore_rank_09_lcore_id | Lcore ID of Lcore Usage Rank 9. | int | |
| lcore_rank_09_lcore_usage | Rank 9 Lcore usage. | number | |
| lcore_rank_10_lcore_id | Lcore ID of Lcore Usage Rank 10. | int | |
| lcore_rank_10_lcore_usage | Rank 10 Lcore usage. | number | |
| lcore_rank_11_lcore_id | Lcore ID of Lcore Usage Rank 11. | int | |
| lcore_rank_11_lcore_usage | Rank 11 Lcore usage. | number | |
| lcore_rank_12_lcore_id | Lcore ID of Lcore Usage Rank 12. | int | |
| lcore_rank_12_lcore_usage | Rank 12 Lcore usage. | number | |
| lcore_rank_13_lcore_id | Lcore ID of Lcore Usage Rank 13. | int | |
| lcore_rank_13_lcore_usage | Rank 13 Lcore usage. | number | |
| lcore_rank_14_lcore_id | Lcore ID of Lcore Usage Rank 14. | int | |
| lcore_rank_14_lcore_usage | Rank 14 Lcore usage. | number | |
| lcore_rank_15_lcore_id | Lcore ID of Lcore Usage Rank 15. | int | |
| lcore_rank_15_lcore_usage | Rank 15 Lcore usage. | number | |
| lcore_rank_16_lcore_id | Lcore ID of Lcore Usage Rank 16. | int | |
| lcore_rank_16_lcore_usage | Rank 16 Lcore usage. | number | |
| number_of_lcores | number of valid lcores | int |
FastPathStats (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| flow_table_occupancy_0_pct | The number of flow tables in which up to 25% of entries are filled. | int | |
| flow_table_occupancy_25_pct | The number of flow tables in which 25-50% of entries are filled. | int | |
| flow_table_occupancy_50_pct | The number of flow tables in which 50-75% of entries are filled. | int | |
| flow_table_occupancy_75_pct | The number of flow tables in which 75-90% of entries are filled. | int | |
| flow_table_occupancy_90_pct | The number of flow tables in which 90-95% of entries are filled. | int | |
| flow_table_occupancy_95_pct | The number of flow tables in which 95% of entries are filled. | int | |
| flow_table_size | The number of flow table entries in a flow table. | int | |
| hits | Number of flow hits. | integer | |
| insertion_errors | The number of flow insertion failures. | integer | |
| miss | Packets that are processed by slowpath because of a flow miss. This has no overlap with the slowpath counters. | integer | |
| num_flow_tables | Num of flow tables on the host. | int | |
| num_flows | Total number of flows in all flow tables. | int | |
| num_flows_created | Total number of flows created. | integer | |
| slowpath | Packets that are always targeted to be processed by slowpath such as broadcast/multicast packets. | integer |
FastPathSysStats (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| host_enhanced_fastpath | Fast path stats for enhanced datapath module. | FastPathStats | |
| host_standard_fastpath | Fast path stats for legacy datapath module. | FastPathStats | |
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has never updated the data. | EpochMsTimestamp | Readonly |
Fastpath (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| rx_drops | Count of rx packet drops of ENS Fastpath / Not applicable for FC Module. | integer | |
| rx_drops_sp | Count of rx pkts drops of slowpath / Not applicable for FC Module. | integer | |
| rx_drops_uplink | Count of rx packet drops of ENS Uplink / Not applicable for FC Module. | integer | |
| tx_drops | Count of tx packet drops of ENS Fastpath / Count of packets dropped at FC lookup of vnic. | integer | |
| tx_drops_sp | Count of tx pkts drops by slowpath / Not applicable for FC Module. | integer | |
| tx_drops_uplink | Count of tx packet drops of ENS Uplink / Count of packets dropped at FC lookup of Uplink. | integer |
FeatureFlagGetRequestParam (schema)
Full site path. If site path is not provided, result for default NSX+ site will be returned
| Name | Description | Type | Notes |
|---|---|---|---|
| site_path | string |
FeaturePermission (schema)
Feature Permission
| Name | Description | Type | Notes |
|---|---|---|---|
| feature | Feature Id | string | Required |
| feature_description | Feature Description | string | |
| feature_name | Feature Name | string | |
| is_execute_recommended | Is execute recommended | boolean | Readonly |
| is_internal | Is internal | boolean | Readonly |
| permission | Permission | string | Required Enum: crud, read, execute, none |
FeaturePermissionArray (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| feature_permissions | Array of FeaturePermission | array of FeaturePermission | Required |
FeaturePermissionListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List results | array of FeaturePermission | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FeatureSet (schema)
List of features required to view the widget
Represents list of features required to view the widget.
| Name | Description | Type | Notes |
|---|---|---|---|
| feature_list | List of features required for to view wdiget List of features required for to view widget. |
array of string | |
| require_all_permissions | Flag for specifying if permission to all features is required Flag for specifying if permission to all features is required If set to false, then if there is permission for any of the feature from feature list, widget will be available. |
boolean |
FeatureStackCollectionConfiguration (schema)
HPM feature stack data collection frequency configuration
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| client_type_collection_configurations | Client type collection configurations The set of client type data collection configurations |
array of ClientTypeCollectionConfiguration | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| feature_stack_name | Feature stack name The name of the feature stack |
string | Required |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value FeatureStackCollectionConfiguration | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
FeatureStackCollectionConfigurationList (schema)
Feature stack collection configuration list result
| Name | Description | Type | Notes |
|---|---|---|---|
| results | Feature stack configurations The complete set of feature stack data collection configurations |
array of FeatureStackCollectionConfiguration | Readonly |
FeatureType (schema)
Features type.
features type used on the node.
| Name | Description | Type | Notes |
|---|---|---|---|
| FeatureType | Features type. features type used on the node. |
string | Readonly Enum: DISTRIBUTED_FIREWALL, DISTRIBUTED_IPFIX, DISTRIBUTED_INTELLIGENCE, DISTRIBUTED_IDPS, GATEWAY_IDPS, DISTRIBUTED_MPS, GATEWAY_MPS, GATEWAY_FIREWALL, GATEWAY_TLS, NETWORK_DETECTION_RESPONSE, DISTRIBUTED_BAREMETAL, DISTRIBUTED_IPFIX_BAREMETAL, DISTRIBUTED_INTELLIGENCE_BAREMETAL |
FeatureUsage (schema)
feature usage result item
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| capacity_usage | Capacity Usage List | array of CapacityUsage | Required Readonly |
| feature | name of the feature | string | Readonly |
FeatureUsageCsvRecord (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| ccu_usage_count | count of number of concurrent users | integer | Readonly |
| core_usage_count | Number of CPU cores used by this feature | integer | Readonly |
| cpu_usage_count | count of number of cpu sockets used by this feature | integer | Readonly |
| feature | name of the feature | string | Readonly |
| vcpu_usage_count | count of number of vcpus of public cloud VMs | integer | Readonly |
| vm_usage_count | count of number of vms used by this feature | integer | Readonly |
FeatureUsageList (schema)
list of feature usage items
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| feature_usage_info | Feature Usage List | array of FeatureUsage | Required Readonly |
FeatureUsageListInCsvFormat (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| file_name | File name File name set by HTTP server if API returns CSV result as a file. |
string | |
| last_update_timestamp | Timestamp when the data was last updated; unset if data source has
never updated the data. |
EpochMsTimestamp | Readonly |
| results | array of FeatureUsageCsvRecord |
FeatureUsages (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| DISTRIBUTED_BAREMETAL | Distributed Firewall on Bare Metal feature count Distributed Firewall on Bare Metal feature count. |
string | Readonly Default: "UNAVAILABLE" |
| DISTRIBUTED_FIREWALL | Distributed Firewall feature count Distributed Firewall feature count. |
string | Readonly Default: "UNAVAILABLE" |
| DISTRIBUTED_IDPS | Distributed IDPS feature count Distributed IDPS feature count. |
string | Readonly Default: "UNAVAILABLE" |
| DISTRIBUTED_INTELLIGENCE | Distributed Intelligence feature count Distributed Intelligence feature count. |
string | Readonly Default: "UNAVAILABLE" |
| DISTRIBUTED_INTELLIGENCE_BAREMETAL | Distributed Intelligence on Bare Metal feature count Distributed Intelligence on Bare Metal feature count. |
string | Readonly Default: "UNAVAILABLE" |
| DISTRIBUTED_IPFIX | Distributed IPFIX feature count Distributed IPFIX feature count. |
string | Readonly Default: "UNAVAILABLE" |
| DISTRIBUTED_IPFIX_BAREMETAL | Distributed IPFIX on Bare Metal feature count Distributed IPFIX on Bare Metal feature count. |
string | Readonly Default: "UNAVAILABLE" |
| DISTRIBUTED_MPS | Distributed MPS feature count Distributed MPS feature count. |
string | Readonly Default: "UNAVAILABLE" |
| GATEWAY_FIREWALL | Gateway stateful firewall feature count Gateway stateful firewall feature count |
string | Readonly Default: "UNAVAILABLE" |
| GATEWAY_IDPS | Gateway IDPS feature count Gateway IDPS feature count. |
string | Readonly Default: "UNAVAILABLE" |
| GATEWAY_MPS | Gateway MPS feature count Gateway MPS feature count |
string | Readonly Default: "UNAVAILABLE" |
| GATEWAY_TLS | Gateway TLS feature count Gateway TLS feature count. |
string | Readonly Default: "UNAVAILABLE" |
| NETWORK_DETECTION_RESPONSE | Network Detection Response feature count Network Detection Response feature count. |
string | Readonly Default: "UNAVAILABLE" |
FederationConfig (schema)
Global Manager federation configuration
Global Manager federation configuration. This configuration is distributed
to all Sites participating in federation.
| Name | Description | Type | Notes |
|---|---|---|---|
| site_config | Federation configurations of all Sites | array of SiteFederationConfig | Readonly |
FederationConfiguration (schema)
Federation configuration
Federation configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| epoch | Epoch | integer | Required |
| id | Federation id | string | Required |
| sites | Sites | array of FederationSite | Required |
FederationConnectivityConfig (schema)
Federation connectivity configuration
Additional configuration required for federation.
| Name | Description | Type | Notes |
|---|---|---|---|
| global_overlay_id | Auto generated federation global 24-bit id Global id for by Layer3 services for federation usecases. |
integer | Readonly |
FederationGatewayConfig (schema)
Federation gateway configuration
Additional gateway configuration required for federation
| Name | Description | Type | Notes |
|---|---|---|---|
| global_overlay_id | Auto generated federation global 24-bit id Global id for by Layer3 services for federation usecases. |
integer | Readonly |
| inter_site_transit_vlan_id | inter site transit vlan id | int | Readonly |
| site_allocation_indices | Indicies for cross site allocation
Indicies for cross site allocation for edge cluster and its members referred by gateway. |
array of SiteAllocationIndexForEdge | Readonly |
| transit_segment_id | Auto generated federation global id for transit segment Global UUID for transit segment id to be used by Layer2 services for federation usecases. |
string | Readonly |
FederationQueueInfo (schema)
Details about a specific queue in the flow
Provides insights into details of a specific queue in the flows. For example
Global Manager to Local Manager flow, there is a queue on the Global Manager
for sending and a queue on Local Manager for receiving.
| Name | Description | Type | Notes |
|---|---|---|---|
| current_size | Number of messages in the queue | integer | |
| max_size | Maixmum capacity of the queue | integer | |
| name | Queue name | string | |
| namespace | Queue namespace Every persistent queue has name and namespace. For more debugging like dumping queue, namespace is needed. |
string | |
| type | Queue type - sender or receiver side | string | Enum: TRANSMITTER, RECEIVER |
FederationSite (schema)
Site information
Site information.
| Name | Description | Type | Notes |
|---|---|---|---|
| active_gm | Does site have active GM | string | Required Enum: ACTIVE, STANDBY, NONE, INVALID |
| aph_list | Aph services in the site | array of AphInfo | Required |
| cert_hash | Hash of the trustManagerCert | string | |
| cluster_id | Cluster id | string | |
| config_version | Site config version | integer | |
| id | Id of the site | string | Required |
| is_federated | Is site federated | boolean | Required |
| is_local | Is site local | boolean | Required |
| name | Name of the site | string | Required |
| node_type | Type of node | string | Required Enum: GM, LM, GM_AND_LM |
| site_version | Version of the site | string | Required |
| split_brain | Split brain | boolean | |
| system_id | System id | integer | Required |
| trust_manager_cert | Cert string from trust manager | string | |
| vip_ip | Vip ip | string |
FederationSiteMigrationState (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| site_migration_state | Federation site-id and it's migration state map Key-value pair of federation site-id and its migration-state i.e. 'ENABLED' or 'DISABLED'. |
array of KeyValuePair |
FederationStatus (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| active_standby_sync_statuses | Status of synchronization between active and standby sites. | array of ActiveStandbySyncStatus | Required |
| remote_connections | Site connection status | array of SiteStatus |
FeedBack (schema)
Provide details related to feeback for MP to Policy promotion.
Provide details of validation/errors occurred during collection
,translation and apply phase in MP to Policy promotion.
| Name | Description | Type | Notes |
|---|---|---|---|
| error_list | Error array list | array of FeedBackErrorMessage | Required |
| mp_display_name | Manager resource display name | string | Required |
| mp_id | Manager resource id | string | Required |
| type | Manager resource type | string | Required |
FeedBackErrorMessage (schema)
FeedBackErrorMessage
Provide details of error_id and error description for errors occurred during collection
,translation and apply phase in MP to Policy promotion.
| Name | Description | Type | Notes |
|---|---|---|---|
| error_desc | Error description due to which promotion is not successful. | string | Required |
| error_id | Error Id due to which promotion is not successful. | string | Required |
FeedBackListRequestParameters (schema)
FeedBack List Request Parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| location | Location flag Location flag corresponds to the version of feedback. It can be CURRENT - feedback of current promotion ARCHIVED - feedback of previous sucessful promotion |
string | Enum: CURRENT, ARCHIVED Default: "CURRENT" |
| mp_display_name | Specify the mp resource display name to filter corresponding feedbacks. Specify the mp resource display name to filter corresponding feedbacks. |
string | |
| mp_id | Specify the mp resource id to filter corresponding feedbacks. Specify the mp resource id to filter corresponding feedbacks. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| resource_type | Specify the mp resource type to filter corresponding feedbacks. Specify the mp resource type to filter corresponding feedbacks. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
FeedBackListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Feedback object list results. Feedback object list results. |
array of FeedBack | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
Feedback (schema)
Feedback details
Feedback details.
| Name | Description | Type | Notes |
|---|---|---|---|
| id | Feedback ID Feedback ID. |
string | Readonly |
| message | Feedback message Feedback message. |
string | Readonly |
| severity | Feedback severity Feedback severity. |
ColorCode | Readonly |
FeedbackListRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| category | Category on which feedback request should be filtered | string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| federation_site_id | Id of the site in NSX-T Federation Id of the site in NSX-T Federation |
string | |
| hash | Hash based on which feedback request should be filtered | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| network_layer | Network layer for which feedback is generated Network layer for which feedback is generated. This field is mandatory in BYOT modes. |
string | Enum: L2, L3_L7 |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| state | Filter based on current state of the feedback request | string | Enum: ALL, RESOLVED, UNRESOLVED Default: "ALL" |
| sub_category | Sub category based on which feedback request should be filtered | string |
FeedbackListResult (schema)
Feedback list
Feedback list.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Paged collection of feedbacks Paged collection of feedbacks. |
array of Feedback | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FeedbackResponseRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| network_layer | Network layer for which feedback is generated Network layer for which feedback is generated. This field is mandatory in BYOT modes. |
string | Enum: L2, L3_L7 |
FeedbackSummaryListRequestParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| network_layer | Network layer for which feedback is generated Network layer for which feedback is generated. This field is mandatory in BYOT modes. |
string | Enum: L2, L3_L7 |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
FeedbacksRequestParameters (schema)
Feedback list request parameters
Feedback list request parameters.
| Name | Description | Type | Notes |
|---|---|---|---|
| workflow_resource | Workflow resource Workflow resource. |
WorkflowResource (Abstract type: pass one of the following concrete types) DvpgAndSegmentWorkflowResource DvpgWorkflowResource SegmentAndBridgeProfileWorkflowResource SegmentWorkflowResource VcWorkflowResource VmGroupWorkflowResource |
Required |
| workflow_type | Workflow type Workflow type. |
WorkflowType | Required |
FieldSanityConstraintExpression (schema)
Represents the field value sanity constraint
Represents the field value constraint to constrain specified field
value based on defined sanity checks.
Example - For DNS.upstream_servers, all the IP addresses must either be
public or private.
{
"target": {
"target_resource_type": "DnsForwarderZone",
"attribute": "upstreamServers",
"path_prefix": "/infra/dns-forwarder-zones/"
},
"constraint_expression": {
"resource_type": "FieldSanityConstraintExpression",
"operator": "OR",
"checks": ["ALL_PUBLIC_IPS", "ALL_PRIVATE_IPS"]
}
}
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| checks | Array of sanity checks to be performed on field value List of sanity checks. |
array of string | Required Enum: ALL_PUBLIC_IPS, ALL_PRIVATE_IPS, ALL_IPV6_CIDRS, ALL_IPV6_IPS, ALL_IPV4_CIDRS, ALL_IPV4_IPS |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| operator | A conditional operator | string | Required Enum: OR, AND |
| resource_type | Must be set to the value FieldSanityConstraintExpression | string | Required Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
FieldSetting (schema)
FieldSetting
Field Setting.
| Name | Description | Type | Notes |
|---|---|---|---|
| field_pointer | Field Pointer Field Pointer. |
string | Required |
| value | Value Value that the field must be set to. |
FieldSettingValue (Abstract type: pass one of the following concrete types) ConstantFieldValue |
Required |
FieldSettingValue (schema)
Field Setting Value
Field Setting Value.
This is an abstract type. Concrete child types:
ConstantFieldValue
| Name | Description | Type | Notes |
|---|---|---|---|
| resource_type | Resource Type Field Setting Value resource type. |
string | Required Enum: ConstantFieldValue |
FieldsFilterData (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| ip_info | IP address information This property is deprecated. Please use the property network_info instead. |
IpInfo | Deprecated |
| network_info | Network layer information Network layer information. |
NetworkInfo | |
| resource_type | Must be set to the value FieldsFilterData | string | Required Enum: FieldsFilterData, PlainFilterData Default: "FieldsFilterData" |
| transport_info | Transport layer information Transport layer information. |
TransportInfo |
FieldsPacketData (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| arp_header | The ARP header | ArpHeader | |
| eth_header | The ethernet header | EthernetHeader | |
| frame_size | Requested total size of the (logical) packet in bytes If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size. |
integer | Minimum: 60 Maximum: 1000 Default: "128" |
| ip_header | The IPv4 header | Ipv4Header | |
| ipv6_header | The IPv6 header | Ipv6Header | |
| payload | RFC3548 compatible base64-encoded payload Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload contains any data the user wants to put after the transport header. |
string | Maximum length: 1336 |
| resource_type | Must be set to the value FieldsPacketData | string | Required Enum: BinaryPacketData, FieldsPacketData Default: "FieldsPacketData" |
| routed | Awareness of logical routing When this flag is set, traceflow packet will have its destination overwritten as the gateway address of the logical router to which the source logical switch is connected. More specifically: - For ARP request, the target IP will be overwritten as gateway IP if the target IP is not in the same subnet of gateway. - For ARP response, the target IP and destination MAC will be overwritten as gateway IP/MAC respectively, if the target IP is not in the same subnet of gateway. - For IP packet, the destination MAC will be overwritten as gateway MAC. However, this flag will not be effective when injecting the traceflow packet to a VLAN backed port. This is because the gateway in this case is a physical gateway that is outside the scope of NSX. Therefore, users need to manually populate the gateway MAC address. If the user still sets this flag in this case, a validation error will be thrown. The scenario where a user injects a packet with a VLAN tag into a parent port is referred to as the traceflow container case. Please note that the value of `routed` depends on the connected network of the child segment rather than the connected network of segment of the parent port in this case. Here is the explanation: The parent port in this context is the port on a segment which is referred to by a SegmentConnectionBindingMap. The bound segment of the SegmentConnectionBindingMap is the child segment. The user-crafted traceflow packet will be directly forwarded to the corresponding child segment of the parent port without interacting with any layer 2 forwarding/layer 3 routing in this scenario. The crafted packet will follow the forwarding/routing polices of the child segment's connected network. For example, if a user injects a crafted packet to port_p, and the segment (seg_p) of port_p is referred to by the binding map m1, where m1 is bound to segment seg_c, and the destination port (port_d) of the packet is the VM vNIC connected to seg_p. Although port_p and port_d are on the same segment, the 'routed' value should be set to true if the user expects the crafted packet to be correctly delivered to the destination. This is because the child segments seg_c and seg_d are on different segments and require router interaction to communicate. |
boolean | |
| transport_header | The transport header This field contains a protocol that is above IP. It is not restricted to the 'transport' defined by the OSI model (e.g., ICMP is supported). |
TransportProtocolHeader | |
| transport_type | Transport type of the traceflow packet This type takes effect only for IP packet. |
string | Enum: BROADCAST, UNICAST, MULTICAST, UNKNOWN Default: "UNICAST" |
FileProperties (schema)
File properties
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| created_epoch_ms | File creation time in epoch milliseconds | integer | Required |
| modified_epoch_ms | File modification time in epoch milliseconds | integer | Required |
| name | File name | string | Required Pattern: "^[^/]+$" |
| path | File path | string | Readonly |
| size | Size of the file in bytes | integer | Required |
FilePropertiesListResult (schema)
File properties query results
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | File property results | array of FileProperties | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FileThumbprint (schema)
File thumbprint
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| name | File name | string | Required Pattern: "^[^/]+$" |
| sha1 | File's SHA1 thumbprint | string | Deprecated Required |
| sha256 | File's SHA256 thumbprint | string | Required |
FileTransferAuthenticationScheme (schema)
Remote server authentication details
| Name | Description | Type | Notes |
|---|---|---|---|
| identity_file | SSH private key data | secure_string | |
| password | Password to authenticate with | secure_string | |
| scheme_name | Authentication scheme name | string | Required Enum: PASSWORD, KEY |
| username | User name to authenticate with | string | Required Pattern: "^([a-zA-Z][a-zA-Z0-9-.]*[a-zA-Z]\\\){0,1}\w[\w.-]+$" |
FileTransferProtocol (schema)
Protocol to transfer backup file to remote server
| Name | Description | Type | Notes |
|---|---|---|---|
| authentication_scheme | Scheme to authenticate if required | FileTransferAuthenticationScheme | Required |
| protocol_name | Protocol name | string | Required Enum: sftp Default: "sftp" |
| ssh_fingerprint | SSH fingerprint of server The expected SSH fingerprint of the server. If the server's fingerprint does not match this fingerprint, the connection will be terminated. Only ECDSA fingerprints hashed with SHA256 are supported. To obtain the host's ssh fingerprint, you should connect via some method other than SSH to obtain this information. You can use one of these commands to view the key's fingerprint: 1. ssh-keygen -l -E sha256 -f ssh_host_ecdsa_key.pub 2. awk '{print $2}' ssh_host_ecdsa_key.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64 | sed 's/.//44g' | awk '{print "SHA256:"$1}' |
string | Required Pattern: "^SHA256:.*$" |
FileType (schema)
MalwarePrevention File type
| Name | Description | Type | Notes |
|---|---|---|---|
| FileType | MalwarePrevention File type | string | Enum: DOCUMENT, EXECUTABLE, MEDIA, ARCHIVE, DATA, SCRIPT, OTHER |
Filter (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| name | The name of the filter. | string | Required |
| value | The value of the filter. | string | Required |
FilterRequest (schema)
Filter request
Filter request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| case_sensitive | Flag to indicate whether filtering is case-sensitive or not Set this flag to true to make filtering case-sensitive. |
boolean | Default: "True" |
| field_names | Field Names Comma separated fields to be filtered on |
string | Required |
| value | Value Filter value |
string | Required |
FilterWidgetConfiguration (schema)
Filter widget Configuration
Represents configuration for filter widget. This is abstract representation of filter widget.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| alias | Alias to be used when emitting filter value Alias to be used when emitting filter value. |
string | |
| condition | Expression for evaluating condition If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally. |
string | Maximum length: 1024 |
| datasources | Array of Datasource Instances with their relative urls The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API. |
array of Datasource | Minimum items: 0 |
| default_filter_value | Default filter value to be passed to datasources Default filter values to be passed to datasources. This will be used when the report is requested without filter values. |
array of DefaultFilterValue | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Widget Title Title of the widget. If display_name is omitted, the widget will be shown without a title. |
string | Maximum length: 255 |
| drilldown_id | Id of drilldown widget Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. |
string | Maximum length: 255 |
| feature_set | Features required to view the widget Features required to view the widget. |
FeatureSet | |
| filter | Id of filter widget for subscription Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property. |
string | Deprecated |
| filter_value_required | Flag to indicate if filter value is necessary Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory. |
boolean | Default: "True" |
| filters | A List of filter ids applied to this widget configuration A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget. |
array of string | |
| footer | Footer | ||
| icons | Icons Icons to be applied at dashboard for widgets and UI elements. |
array of Icon | |
| id | Unique identifier of this resource | string | Sortable |
| is_drilldown | Set as a drilldown widget Set to true if this widget should be used as a drilldown. |
boolean | Default: "False" |
| legend | Legend for the widget Legend to be displayed. If legend is not needed, do not include it. |
Legend | |
| plot_configs | List of plotting configuration for a given widget. List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here. |
array of WidgetPlotConfiguration | |
| resource_type | Must be set to the value FilterWidgetConfiguration | string | Required Readonly Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, DropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration Maximum length: 255 |
| rowspan | Vertical span Represents the vertical span of the widget / container. 1 Row span is equal to 20px. |
int | Minimum: 1 |
| shared | Visiblity of widgets to other users Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users. |
boolean | Deprecated |
| show_header | This decides to show the container header or not. If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header. |
boolean | |
| span | Horizontal span Represents the horizontal span of the widget / container. |
int | Minimum: 1 Maximum: 12 |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| weight | Weightage or placement of the widget or container Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details. |
int | Deprecated |
FipsGlobalConfig (schema)
NSX global configs for FIPS compliance settings
Policy api will overwrite the fipsGlobalConfig set using MP api. Always use https://<policyIp>/policy/api/v1/infra/global-config to update fips configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| lb_fips_enabled | A flag to turn on or turn off the FIPS compliance of load balancer feature. This is a deprecated property which is always set as true. When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature. |
boolean | Deprecated Readonly Default: "True" |
| resource_type | Must be set to the value FipsGlobalConfig | GlobalConfigType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
FireWallServiceAssociationListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Firewall rule list result Firewall rule list result with pagination support. |
array of FirewallRule | Required Readonly |
| service_type | Must be set to the value FireWallServiceAssociationListResult | string | Required Enum: FireWallServiceAssociationListResult, IpfixServiceAssociationListResult |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FirewallCategory (schema)
Firewall Category
Statistic category for the type of rules in a section, like Layer2 Distributed Firewall, Layer3 DFW.
| Name | Description | Type | Notes |
|---|---|---|---|
| FirewallCategory | Firewall Category Statistic category for the type of rules in a section, like Layer2 Distributed Firewall, Layer3 DFW. |
string | Readonly Enum: L2DFW, L3DFW, L3BRIDGEPORTFW, L3LOGICALROUTERFW |
FirewallConfiguration (schema)
Firewall related configurations
For Multi-tenancy, only disable_auto_draft field applies, the other fields have no effect.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| disable_auto_drafts | Auto draft deactivate flag To deactivate auto drafts, set it to true. By default, auto drafts are enabled. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_firewall | Firewall enable flag If set to true, Firewall is enabled. |
boolean | Default: "True" |
| global_addrset_mode_enabled | A flag to indicate if global address set is enabled in DFW When this flag is set to true, global address set is enabled in Distributed Firewall. |
boolean | Default: "True" |
| global_macset_optimization_mode_enabled | Global MACSet Optimization Flag MACSet optimization is turned on when this flag is set to true. By default it is set to false. |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value FirewallConfiguration | string | Required Enum: DfwFirewallConfiguration |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
FirewallContextType (schema)
Firewall Context Type
Types of firewall contexts.
| Name | Description | Type | Notes |
|---|---|---|---|
| FirewallContextType | Firewall Context Type Types of firewall contexts. |
string | Enum: transport_nodes, logical_routers, bridge_ports |
FirewallCpuMemThresholdsProfile (schema)
Firewall CPU and memory threshold profile
A profile holding CPU and memory threshold configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| cpu_threshold_percentage | CPU utilization threshold percentage CPU utilization threshold percentage to monitor and report for distributed firewall. |
integer | Required Minimum: 10 Maximum: 100 Default: "90" |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| mem_threshold_percentage | Heap memory threshold utilization percentage Heap memory threshold percentage to monitor and report for distributed firewall. |
integer | Required Minimum: 10 Maximum: 100 Default: "90" |
| resource_type | Must be set to the value FirewallCpuMemThresholdsProfile | string | Required Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile, GeneralSecuritySettingsProfile |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
FirewallDnsProfile (schema)
Firewall DNS profile
A profile holding DNS configuration which allows firewall to use DNS response packets and manage firewall cache. e.g. TTL used to expire snooped entries from cache.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| dns_ttl_config | DNS TTL config Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response. |
DnsTtlConfig | |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value FirewallDnsProfile | string | Required Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile, GeneralSecuritySettingsProfile |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
FirewallFilterByRequestParameters (schema)
Request parameters for filtering entities based on the given criteria
| Name | Description | Type | Notes |
|---|---|---|---|
| enforcement_point_path | Path of the enforcement point Path of the enforcement point from where the result need to be fetched. If not provided, default enforcement point will be considered. It is mandatory parameter on global manager. |
string | |
| parent_path | Path of the parent object of the entities The path of the parent object of entities that are need to be filtered based in the given criteria. Parent path is required for filtering rules of particular policy. |
string | |
| scope | Scope filter criteria All those firewall entities, policies/rules, will be returned whose scope value satisfies the given criteria. The value for scope can be, - virtual machine id or - logical router id. Based on the given scope value, the entities will be filtered. |
string | Required |
FirewallFloodProtectionProfile (schema)
Firewall flood protection profile
A profile holding protection configuration for SYN flood, UDP flood, ICMP flood and other flood attack.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enable_rst_spoofing | Flag to indicate RST spoofing is enabled or not The flag to indicate RST spoofing is enabled or not. This option does not apply to EDGE components. This can be enabled only if syncache is enabled. |
boolean | Default: "False" |
| enable_syncache | Flag to indicate syncache is enabled or not The flag to indicate syncache is enabled or not. This option does not apply to EDGE components. |
boolean | Default: "False" |
| icmp_active_flow_limit | Maximum limit of active icmp connections The maximum limit of active icmp connections. If this property is omitted, or set to null, then there is no limit on active icmp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components. |
integer | Minimum: 1 Maximum: 1000000 |
| id | Unique identifier of this resource | string | Sortable |
| nat_active_conn_limit | Maximum limit of active NAT connections The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource. |
integer | Minimum: 1 Maximum: 4294967295 Default: "4294967295" |
| other_active_conn_limit | Maximum limit of other active connections besides udp, icmp and tcp half open connections The maximum limit of other active connections besides udp, icmp and half open tcp connections. If this property is omitted, or set to null, then there is no limit on other active connections besides udp, icmp and tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components. |
integer | Minimum: 1 Maximum: 1000000 |
| resource_type | Must be set to the value FirewallFloodProtectionProfile | string | Required Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile, GeneralSecuritySettingsProfile |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_half_open_conn_limit | Maximum limit of half open tcp connections The maximum limit of tcp half open connections. If this property is omitted, or set to null, then there is no limit on active tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (1,000,000) on the specific components. |
integer | Minimum: 1 Maximum: 1000000 |
| udp_active_flow_limit | Maximum limit of active udp connections The maximum limit of active udp connections. If this property is omitted, or set to null, then there is no limit on active udp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (100,000) on the specific component. |
integer | Minimum: 1 Maximum: 1000000 |
FirewallGlobalConfig (schema)
NSX global configs for Distributed Firewall
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| global_addrset_mode_enabled | A flag to indicate if global address set is enabled in DFW When this flag is set to true, global address set is enabled in Distributed Firewall. |
boolean | Default: "True" |
| global_fastpath_mode_enabled | A flag to indicate if fast path searching is enabled in DFW This property is deprecated. The fast path mode is always enabled in Distributed Firewall. |
boolean | Deprecated Default: "True" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value FirewallGlobalConfig | GlobalConfigType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
FirewallIdentitySearchFilterValue (schema)
Searching domain entities using a matching filter value
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point enforcement point path, forward slashes must be escaped using %2F. |
string | |
| filter_value | Name search filter value Search filter value is a substring match pattern only which the target entity contains. It is case insentive and doesn't allow wildcard. |
string | Required |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
FirewallIdentityStoreLdapServerTestParameters (schema)
Parameters for performing LDAP server test
| Name | Description | Type | Notes |
|---|---|---|---|
| action | LDAP server test requested Type of LDAP server test to perform. |
string | Required Enum: CONNECTIVITY |
| enforcement_point_path | String Path of the enforcement point Enforcement point path, forward slashes must be escaped using %2F. |
string |
FirewallIdentityStoreListRequestParameters (schema)
Firewall identity store list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| enforcement_point_path | String Path of the enforcement point enforcement point path, forward slashes must be escaped using %2F. |
string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
FirewallIdentityStoreSyncRequest (schema)
Firewall identity store synchronization request
| Name | Description | Type | Notes |
|---|---|---|---|
| action | Sync type requested Sync type could be either FULL sync or DELTA sync. The full sync fetches all the objects under the configured sync nodes while delta sync will get the changed objects from previous sync time. FULL_SYNC - Perform a full synchronization, where the local state of all AD objects is updated. DELTA_SYNC - Perform a delta synchronization, where local AD objects that have changed since the last synchronization are updated. STOP_SYNC - Stop the synchronization process. |
string | Required Enum: FULL_SYNC, DELTA_SYNC, STOP_SYNC |
| delay | Request to execute the sync with some delay in seconds The delay can be added to execute the sync action in the future. |
integer | Minimum: 0 Default: "0" |
| enforcement_point_path | String Path of the enforcement point enforcement point path, forward slashes must be escaped using %2F. |
string |
FirewallInsertParameters (schema)
Parameters to tell where rule/section need to be added. All the params take rule/section Id.
| Name | Description | Type | Notes |
|---|---|---|---|
| id | Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'. | string | Maximum length: 64 |
| operation | Operation | string | Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top" |
FirewallListRequestParameters (schema)
Parameters to filter list of sections/rules.
Pagination and Filtering parameters to get only a subset of sections/rules.
| Name | Description | Type | Notes |
|---|---|---|---|
| applied_tos | AppliedTo's referenced by this section or section's Distributed Service Rules . Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| context_profiles | Limits results to sections having rules with specific Context Profiles. The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| deep_search | Toggle to search with direct or indirect references. This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check. |
boolean | Default: "False" |
| destinations | Destinations referenced by this section's Distributed Service Rules . The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| extended_sources | Limits results to sections having rules with specific Extended Sources. The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases. |
string | |
| filter_type | Filter type Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria. |
string | Enum: FILTER, SEARCH Default: "FILTER" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| search_invalid_references | Return invalid references in results. Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos). |
boolean | Default: "False" |
| services | NSService referenced by this section's Distributed Service Rules . Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| sources | Sources referenced by this section's Distributed Service Rules . The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string |
FirewallProfileListParameters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| resource_type | Profile resource type Profile resource type |
string | Required |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
FirewallProfileListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | List of the firewall profiles List of firewall profiles. |
array of BaseFirewallProfile (Abstract type: pass one of the following concrete types) FirewallCpuMemThresholdsProfile FirewallDnsProfile FirewallFloodProtectionProfile FirewallSessionTimerProfile GeneralSecuritySettingsProfile |
Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FirewallRule (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _owner | Owner of this resource | OwnerResourceLink | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| action | Action Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DETECT - Detect IDS Signatures. ALLOW_CONTINUE - Allows rules to jump from this rule. Action on matching rules in the destination category will decide next step. Application is default destination until new categories are supported to jump to. DETECT_PREVENT - Detect and Prevent IDS Signatures. |
string | Required Enum: ALLOW, DROP, REJECT, REDIRECT, DO_NOT_REDIRECT, DETECT, ALLOW_CONTINUE, DETECT_PREVENT |
| applied_tos | AppliedTo List List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any. |
array of ResourceReference | Maximum items: 128 |
| context_profiles | Context Profiles NS Profile object which accepts attributes and sub-attributes of various network services (ex. L7 AppId, domain name, encryption algorithm) as key value pairs. |
array of ResourceReference | Maximum items: 128 |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destinations | Destination List List of the destinations. Null will be treated as any. |
array of ResourceReference | Maximum items: 128 |
| destinations_excluded | Negation of destination Negation of the destination. |
boolean | Default: "False" |
| direction | Rule direction Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified. |
string | Enum: IN, OUT, IN_OUT Default: "IN_OUT" |
| disabled | Rule enable/disable flag Flag to disable rule. Disabled will only be persisted but never provisioned/realized. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| extended_sources | Extended Sources List of NSGroups that have end point attributes like AD Groups(SID), process name, process hash etc. For Flash release, only NSGroups containing AD Groups are supported. |
array of ResourceReference | Maximum items: 128 |
| id | Identifier of the resource | string | Readonly |
| ip_protocol | IPv4 vs IPv6 packet type Type of IP packet that should be matched while enforcing the rule. |
string | Enum: IPV4, IPV6, IPV4_IPV6 Default: "IPV4_IPV6" |
| is_default | Default rule Flag to indicate whether rule is default. |
boolean | Readonly |
| logged | Enable logging flag Flag to enable packet logging. Default is disabled. |
boolean | Default: "False" |
| notes | Notes User notes specific to the rule. |
string | Maximum length: 2048 |
| priority | Rule priority Priority of the rule. |
integer | Readonly |
| resource_type | Must be set to the value FirewallRule | string | |
| rule_tag | Tag User level field which will be printed in CLI and packet logs. |
string | Maximum length: 32 |
| section_id | Section Id Section Id of the section to which this rule belongs to. |
string | Readonly |
| services | Service List List of the services. Null will be treated as any. |
array of FirewallService | Maximum items: 128 |
| sources | Source List List of sources. Null will be treated as any. |
array of ResourceReference | Maximum items: 128 |
| sources_excluded | Negation of source Negation of the source. |
boolean | Default: "False" |
FirewallRuleList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| rules | List of the firewall rules List of firewall rules in the section. Only homogenous rules are supported. |
array of FirewallRule | Required Maximum items: 1000 |
FirewallRuleListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Firewall rule list result Firewall rule list result with pagination support. |
array of FirewallRule | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FirewallSection (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| applied_tos | AppliedTo List List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo. |
array of ResourceReference | Maximum items: 128 |
| autoplumbed | Tells if a section is auto-plumbed or not This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API. |
boolean | Readonly Default: "False" |
| category | Section category Category from policy framework. |
string | Readonly |
| comments | Section lock/unlock comments Comments for section lock/unlock. |
string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enforced_on | Firewall Section Enforcement type This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value. |
string | Readonly |
| firewall_schedule | Firewall Schedule Reference Reference of the firewall schedule during which this section will be valid. |
ResourceReference | |
| id | Unique identifier of this resource | string | Sortable |
| is_default | Default section flag It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section. |
boolean | Readonly |
| lock_modified_by | Lock modified by user ID of the user who last modified the lock for the section. |
string | Readonly |
| lock_modified_time | Section locked/unlocked time Section locked/unlocked time in epoch milliseconds. |
EpochMsTimestamp | Readonly |
| locked | Section Locked Section is locked/unlocked. |
boolean | Readonly Default: "False" |
| priority | Section priority Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority. |
integer | Readonly |
| resource_type | Must be set to the value FirewallSection | string | |
| rule_count | Rule count Number of rules in this section. |
integer | Readonly |
| section_type | Section Type Type of the rules which a section can contain. Only homogeneous sections are supported. |
string | Required Enum: LAYER2, LAYER3, L3REDIRECT, IDS |
| stateful | Stateful nature of the distributed service rules in the section. Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless. |
boolean | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_strict | TCP Strict If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet. |
boolean | Default: "False" |
FirewallSectionFilterParameters (schema)
Parameters to filter section from list of sections
Pagination and Filtering parameters to get only a subset of sections.
| Name | Description | Type | Notes |
|---|---|---|---|
| applied_tos | AppliedTo's referenced by this section or section's Distributed Service Rules . Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| context_profiles | Limits results to sections having rules with specific Context Profiles. The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases. |
string | |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| deep_search | Toggle to search with direct or indirect references. This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check. |
boolean | Default: "False" |
| destinations | Destinations referenced by this section's Distributed Service Rules . The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| enforced_on | Limit result to sections having a specific kind of enforcement point Used to filter out results based on enforcement point of the section. If this parameter is BRIDGEENDPOINT, then return firewall sections enfored on logical port with attachment type bridgeendpoint. For LOGICALROUTER, then firewall sections enforced on Logical Router are returned. For VIF, other firewall sections are returned. Other values are not supported. |
AttachmentTypeQueryString | |
| exclude_applied_to_type | Limit result to sections not having a specific AppliedTo type Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param. |
DSAppliedToType | |
| extended_sources | Limits results to sections having rules with specific Extended Sources. The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases. |
string | |
| filter_type | Filter type Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria. |
string | Enum: FILTER, SEARCH Default: "FILTER" |
| include_applied_to_type | Limit result to sections having a specific AppliedTo type Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter.Section filter only takes a single value for this param. |
DSAppliedToType | |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| locked | Limit results to sections which are locked/unlocked Used to filter out locked or unlocked sections. |
boolean | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| search_invalid_references | Return invalid references in results. Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos). |
boolean | Default: "False" |
| search_scope | Limit result to sections of a specific enforcement point This parameter can be used to limit the search scope to certain firewalls. It can be the value of an appliedTo of a bridge port firewall or an edge firewal. Results will include sections only from that bridge port firewall or edge firewall. For example, if the identifier of a bridge port is given, the search result will only contain the sections of that bridge port firewall. If the identifier of logical router is given, the search result will only contain the sections of that edge firewall. |
string | |
| services | NSService referenced by this section's Distributed Service Rules . Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string | |
| sources | Sources referenced by this section's Distributed Service Rules . The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases. |
string | |
| type | Section Type Section Type with values layer2 or layer3 |
string | Enum: LAYER2, LAYER3 Default: "LAYER3" |
FirewallSectionListResult (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Section list List of the firewall sections. The list has to be homogenous. |
array of FirewallSection | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FirewallSectionLock (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| comments | Comments Comments for section lock/unlock. |
string | Required Minimum length: 4 Maximum length: 4096 |
| section_revision | Section revision Revision of the section. |
integer | Required |
FirewallSectionRuleList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| applied_tos | AppliedTo List List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo. |
array of ResourceReference | Maximum items: 128 |
| autoplumbed | Tells if a section is auto-plumbed or not This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API. |
boolean | Readonly Default: "False" |
| category | Section category Category from policy framework. |
string | Readonly |
| comments | Section lock/unlock comments Comments for section lock/unlock. |
string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enforced_on | Firewall Section Enforcement type This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value. |
string | Readonly |
| firewall_schedule | Firewall Schedule Reference Reference of the firewall schedule during which this section will be valid. |
ResourceReference | |
| id | Unique identifier of this resource | string | Sortable |
| is_default | Default section flag It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section. |
boolean | Readonly |
| lock_modified_by | Lock modified by user ID of the user who last modified the lock for the section. |
string | Readonly |
| lock_modified_time | Section locked/unlocked time Section locked/unlocked time in epoch milliseconds. |
EpochMsTimestamp | Readonly |
| locked | Section Locked Section is locked/unlocked. |
boolean | Readonly Default: "False" |
| priority | Section priority Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority. |
integer | Readonly |
| resource_type | Must be set to the value FirewallSectionRuleList | string | |
| rule_count | Rule count Number of rules in this section. |
integer | Readonly |
| rules | List of the firewall rules List of firewall rules in the section. Only homogenous rules are supported. |
array of FirewallRule | Required Maximum items: 1000 |
| section_type | Section Type Type of the rules which a section can contain. Only homogeneous sections are supported. |
string | Required Enum: LAYER2, LAYER3, L3REDIRECT, IDS |
| stateful | Stateful nature of the distributed service rules in the section. Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless. |
boolean | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_strict | TCP Strict If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet. |
boolean | Default: "False" |
FirewallSectionState (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| details | Array of configuration state of various sub systems | array of ConfigurationStateElement | Readonly |
| failure_code | Error code | integer | Readonly |
| failure_message | Error message in case of failure | string | Readonly |
| pending_change_list | List of pending changes Pending changes to be realized. |
array of PendingChange | Required Maximum items: 100 |
| revision_desired | Section's desired state revision number This attribute represents revision number of section's desired state. |
integer | Readonly |
| state | Overall state of desired configuration Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. |
string | Required Readonly Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, in_sync, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, REGISTRATION_TIMEDOUT, REPLACE_FAILED, UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED, LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING, DELETE_VM_IN_REDEPLOY_FAILED, DEPLOY_VM_IN_REDEPLOY_FAILED, INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE, VM_RESOURCE_RESERVATION_FAILED, DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER, DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, EDGE_NODE_SETTINGS_MISMATCH_RESOLVE, EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE, EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE, EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE, COMPUTE_MANAGER_NOT_FOUND, DELETE_IN_PROGRESS, ADVANCED_CONFIG_EDIT_FAILED, UPT_MODE_REALIZATION_POLL_TIMED_OUT, DATAPATH_CONFIGURATION_EDIT_FAILED, MAINTENANCE_MODE_ENABLED, ERROR_IN_ENABLE_MAINTENANCE_MODE, ERROR_IN_DISABLE_MAINTENANCE_MODE, CONFIGURE_UPT_ON_VM_FAILED, VM_VERSION_IS_UPT_INCOMPATIBLE, DELETE_FAILED_FOR_DIFFERENT_MOREF_ID, DELETE_FAILED_ON_VM_NOT_FOUND, DELETE_FAILED_FOR_NON_LCM_EDGE, ADVANCED_CONFIG_EDIT_PENDING, DUPLICATE_VLANS_SHARING_SAME_PNIC, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, REDEPLOY_ACTIVITY_FAILED, REDEPLOY_ACTIVITY_IN_PROGRESS, REDEPLOY_ACTIVITY_SCHEDULED, REDEPLOY_ACTIVITY_SUCCESSFUL, REPLACE_ACTIVITY_FAILED, REPLACE_ACTIVITY_IN_PROGRESS, REPLACE_ACTIVITY_SCHEDULED, REPLACE_ACTIVITY_SUCCESSFUL, REPLACED_RPC_CLIENT_OF_TN, RETRYING_REPLACE, UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR, VM_REDEPLOY_FAILED, VM_RESOURCE_RESERVATION_EDIT_PENDING, REDEPLOYED_VM_REGISTRATION_PENDING |
FirewallSectionsSummary (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| rule_count | Rule count Total number of rules in the section. |
integer | Readonly |
| section_count | Section count Total number of sections for the section type. |
integer | Readonly |
| section_type | Section Type Type of rules which a section can contain. |
FirewallCategory | Readonly |
FirewallSectionsSummaryList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| last_compute_time | Timestamp of the last computation, in epoch milliseconds. | EpochMsTimestamp | Readonly |
| sections_summary | List of the firewall sections summary List of firewall sections summary. |
array of FirewallSectionsSummary | Readonly |
FirewallService (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| is_valid | Target validity Will be set to false if the referenced NSX resource has been deleted. |
boolean | Readonly |
| service | Distributed Service Network and Security Service element Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService. |
NSServiceElement (Abstract type: pass one of the following concrete types) ALGTypeNSService EtherTypeNSService ICMPTypeNSService IGMPTypeNSService IPProtocolNSService L4PortSetNSService |
|
| target_display_name | Target display name Display name of the NSX resource. |
string | Readonly Maximum length: 255 |
| target_id | Target ID Identifier of the NSX resource. |
string | Maximum length: 64 |
| target_type | Target type Type of the NSX resource. |
string | Maximum length: 255 |
FirewallSessionTimerProfile (schema)
Firewall Session timeout profile
A profile holding TCP, UDP and ICMP session timeout configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| icmp_error_reply | Timeout after ICMP error The timeout value for the connection after an ICMP error came back in response to an ICMP packet. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "10" |
| icmp_first_packet | First packet connection timeout The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "20" |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value FirewallSessionTimerProfile | string | Required Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile, GeneralSecuritySettingsProfile |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_closed | Timeout after RST The timeout value of connection in seconds after one endpoint sends an RST. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "20" |
| tcp_closing | Timeout after first TN The timeout value of connection in seconds after the first FIN has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "120" |
| tcp_established | Connection timeout The timeout value of connection in seconds once the connection has become fully established. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 120 Maximum: 4320000 Default: "43200" |
| tcp_finwait | Timeout after FINs exchanged The timeout value of connection in seconds after both FINs have been exchanged and connection is closed. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "45" |
| tcp_first_packet | Connection timout after first packet The timeout value of connection in seconds after the first packet has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "120" |
| tcp_opening | Connection timout after second packet The timeout value of connection in seconds after a second packet has been transferred. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "30" |
| udp_first_packet | Connection timout after first packet The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "60" |
| udp_multiple | Timeout after hosts sent packet The timeout value of connection in seconds if both hosts have sent packets. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "60" |
| udp_single | Connection timeout for destination The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. |
integer | Required Minimum: 10 Maximum: 4320000 Default: "30" |
FirewallStats (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| byte_count | Bytes count Aggregated number of bytes processed by the rule. |
integer | Readonly |
| hit_count | Hits count Aggregated number of hits received by the rule. |
integer | Readonly |
| l7_accept_count | L7 Accept count Aggregated number of L7 Profile Accepted counters received by the rule. |
integer | Readonly |
| l7_reject_count | L7 Reject count Aggregated number of L7 Profile Rejected counters received by the rule. |
integer | Readonly |
| l7_reject_with_response_count | L7 Reject with response count Aggregated number of L7 Profile Rejected with Response counters received by the rule. |
integer | Readonly |
| max_popularity_index | The maximum popularity index Maximum value of popularity index of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. |
integer | Readonly |
| max_session_count | Maximum sessions count Maximum value of sessions count of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. |
integer | Readonly |
| packet_count | Packets count Aggregated number of packets processed by the rule. |
integer | Readonly |
| popularity_index | The index of the popularity of firewall rule This is calculated by sessions count divided by age of the rule. |
integer | Readonly |
| rule_id | Firewall rule Id Rule Identifier of the Firewall rule. This is a globally unique number. |
string | Readonly |
| session_count | Sessions count Aggregated number of sessions processed by the rule. |
integer | Readonly |
| total_session_count | Total sessions count Aggregated number of sessions processed by the all firewall rules. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. |
integer | Readonly |
FirewallStatsList (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| result_count | Firewall rules stats count Total count for firewall rule statistics in results set |
integer | Required Readonly |
| results | Firewall rules stats List of rule statistics |
array of FirewallStats | Readonly Maximum items: 1000 |
| section_id | Firewall section ID Corresponding firewall section identifier for list of rule statistics |
string | Required Readonly |
FirewallStatus (schema)
Firewall Status Response
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| context | Firewall Context Type Types of firewall contexts. |
FirewallContextType | Required |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| global_status | Firewall Status Type Firewall status for a fabric entity or in global context where firewall is supported. |
FirewallStatusType | Required |
| id | Unique identifier of this resource | string | Sortable |
| resource_type | Must be set to the value FirewallStatus | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| target_statuses | List of target resource status List of firewall status on various target logical resources. This will override the global status of corresponding firewall context (e.g it will override the gloabal status of logical_routers). |
array of TargetResourceStatus |
FirewallStatusListResult (schema)
Firewall Statuses
List of firewall statuses for a context or all context
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | array of FirewallStatus | Required Readonly |
|
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FirewallStatusType (schema)
Firewall Status Type
Types of firewall statuses representing state of DFW for a context type (e.g. transport_nodes).
| Name | Description | Type | Notes |
|---|---|---|---|
| FirewallStatusType | Firewall Status Type Types of firewall statuses representing state of DFW for a context type (e.g. transport_nodes). |
string | Enum: DISABLED, ENABLED |
FirstNSampling (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| match_number | Number of packets to be sampled | integer | Required Minimum: 1 Maximum: 65535 |
| sampling_type | Must be set to the value FirstNSampling | string | Required Enum: FirstNSampling, PacketNumberSampling, IntervalSampling |
FloodProtectionProfile (schema)
Flood Protection profile
A profile holding TCP, UDP and ICMP and other protcol connection limits.
This is an abstract type. Concrete child types:
DistributedFloodProtectionProfile
GatewayFloodProtectionProfile
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| icmp_active_flow_limit | Active ICMP connections limit If this field is empty, firewall will not set a limit to active ICMP connections. |
integer | Minimum: 1 Maximum: 1000000 |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| other_active_conn_limit | Timeout after first TN If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections. |
integer | Minimum: 1 Maximum: 1000000 |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value FloodProtectionProfile | FloodProtectionProfileResourceType | Required |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_half_open_conn_limit | Active half open TCP connections limit If this field is empty, firewall will not set a limit to half open TCP connections. |
integer | Minimum: 1 Maximum: 1000000 |
| udp_active_flow_limit | Active UDP connections limit If this field is empty, firewall will not set a limit to active UDP connections. |
integer | Minimum: 1 Maximum: 1000000 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
FloodProtectionProfileBindingListResult (schema)
Paged Collection of flood protection profile binding maps
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Flood protection profile binding maps list results | array of FloodProtectionProfileBindingMap | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FloodProtectionProfileBindingMap (schema)
Policy Flood Protection Profile binding map
This entity will be used to establish association between Flood Protection
profile and Logical Routers.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| profile_path | Profile Path PolicyPath of associated Profile |
string | Required |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value FloodProtectionProfileBindingMap | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
FloodProtectionProfileListRequestParameters (schema)
Flood Protection profile list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
FloodProtectionProfileListResult (schema)
Paged Collection of flood protection profiles
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Flood protection profile list results | array of FloodProtectionProfile (Abstract type: pass one of the following concrete types) DistributedFloodProtectionProfile GatewayFloodProtectionProfile |
Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
FloodProtectionProfileResourceType (schema)
Resource types of flood protection profiles
GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways.
DistributedFloodProtectionProfile is used for all Transport Nodes.
| Name | Description | Type | Notes |
|---|---|---|---|
| FloodProtectionProfileResourceType | Resource types of flood protection profiles GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways. DistributedFloodProtectionProfile is used for all Transport Nodes. |
string | Enum: GatewayFloodProtectionProfile, DistributedFloodProtectionProfile |
FlowCacheStatistics (schema)
Flow cache statistics
Provides the following statistics for flow cache since the time the edge
dataplane is UP:
- Number of active entries.
- Number of cache entry insertions.
- Number of bucket collisions when the entry insertion happens to
a bucket which is full.
- Number of key collisions when the entry to be inserted has a key
colliding with that of an existing entry.
- Number of cache hits, hit_rate, misses and skips.
- Number of packets that cannot be cached.
- Number of maximum entries with respect to size.
| Name | Description | Type | Notes |
|---|---|---|---|
| active | Active The number of current active entries in the flow cache. |
string | |
| bucket_collisions | Bucket collisions The total number of times when during an entry insertion, the corresponding bucket is full with unexpired entries. This collision will result in a flow cache miss. This is valid only for mega flow cache. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string | |
| dont_cache | Dont cache The total number of packets that cannot be cached. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string | |
| hit_rate | Hit rate The rate at which the packets matching the flow cache are forwarded. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string | |
| hits | Hits The total number of packets forwarded due to matching flow cache entry. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string | |
| insertions | Insertions The total number of times a new flow cache entry is added. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string | |
| key_collisions | Key collisions The total number of times a newly inserted entry has a key colliding with that of an existing entry. In this case, the new entry will replace the existing entry. This is only valid for mega flow cache. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string | |
| max_seen_percentage | Max seen percentage The percentage of maximum entries in a flow cache with respect to total size. This is collected from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string | |
| misses | Misses The total number of packets passed on to the next layer due to cache miss. The next layer can be either slow path (in case of megaflow cache) or megaflow cache (in case of microflow cache). The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string | |
| skipped | Skipped The total number of packet misses due to unsupported packet type or the cache is disabled. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart. |
string |
FlowInfo (schema)
Details of config flow
Provides details of config flow in federation
Federation has the following flows
- Global Manager to Local Manager (GM -> LM)
- Local Manager to Glocal Manager (LM -> GM)
- Global Manager Active to Glocal Manager Standby (GM -> GM)
- Local Manager to Local Manager (LM -> LM)
| Name | Description | Type | Notes |
|---|---|---|---|
| cross_site_flow_info | Corss site flow information for the flow | CrossSiteFlowInfo | |
| flow_type | Flow identifier | string | Enum: GM_TO_LM, LM_TO_GM, GM_TO_GM, LM_TO_LM, GM_WORK_QUEUE, GM_DELETE_QUEUE |
| id | System identifier for the flow | string | |
| queue_infos | Queue information for the flow Every flow will have transmitter and receiver queues. |
array of FederationQueueInfo |
Flows (schema)
Flows
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Flow information Flow information |
array of FlowInfo | |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
Footer (schema)
Widget Footer
Footer of a widget that provides additional information or allows an action such as clickable url for navigation. An example usage of footer is provided under 'example_request' section of 'CreateWidgetConfiguration' API.
| Name | Description | Type | Notes |
|---|---|---|---|
| actions | Footer Actions Action to be performed at the footer of a widget. An action at the footer can be simple text description or a hyperlink to a UI page. Action allows a clickable url for navigation. An example usage of footer action is provided under 'example_request' section of 'CreateWidgetConfiguration' API. |
array of FooterAction | Minimum items: 0 |
| condition | Expression for evaluating condition If the condition is met then the footer will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API. |
string | Maximum length: 1024 |
FooterAction (schema)
Widget Footer Action
Action specified at the footer of a widget to provide additional information or to provide a clickable url for navigation. An example usage of footer action is provided under the 'example_request' section of 'CreateWidgetConfiguration' API.
| Name | Description | Type | Notes |
|---|---|---|---|
| dock_to_container_footer | Dock the footer at container If true, the footer will appear in the underlying container that holds the widget. |
boolean | Default: "True" |
| label | Label for action Label to be displayed against the footer action. |
Label | Required |
| url | Clickable hyperlink, if any Hyperlink to the UI page that provides details of action. |
string | Maximum length: 1024 |
ForceRevisionCheckRequestParameter (schema)
Parameter to enforce revision check before updating objects
Forces revision check before updating
| Name | Description | Type | Notes |
|---|---|---|---|
| enforce_revision_check | Force revision check If this is set to true, each child object in the request needs to have _revision property set correctly. System will honor the revision numbers while updating the resources. |
boolean | Default: "False" |
FormFactorDetail (schema)
Detail about form factor
Form factor contains, resources required to deploy
NSX Application Platform deployment and available features for a given
form factor.
| Name | Description | Type | Notes |
|---|---|---|---|
| node_resources | Node resources Required node resources to deploy NSX Application Platform deployment. |
NodeResources | |
| supported_features | Supported features Features supported in this form factor. |
array of string |
FormFactorType (schema)
Form factor types
Form factor types.
standard - Deployment with standard configuration.
advanced - Deployment with advanced configuration.
evaluation - Deployment with evaluation configuration.
| Name | Description | Type | Notes |
|---|---|---|---|
| FormFactorType | Form factor types Form factor types. standard - Deployment with standard configuration. advanced - Deployment with advanced configuration. evaluation - Deployment with evaluation configuration. |
string | Enum: standard, advanced, evaluation |
FormFactors (schema)
NSX Application Platform deployment platform form factors
Different form factor for deployment.
| Name | Description | Type | Notes |
|---|---|---|---|
| advanced | Advanced form factor Advanced form factor to deploy charts. |
FormFactorDetail | |
| evaluation | Evaluation form factor Evaluation form factor to deploy charts. |
FormFactorDetail | |
| standard | Standard form factor Standard form factor to deploy charts. |
FormFactorDetail |
ForwarderZone (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| source_ip | Source ip of the forwarder The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used. |
IPv4Address | |
| upstream_servers | Ips of upsteam DNS servers Ip address of the upstream DNS servers the DNS forwarder accesses. |
array of IPv4Address | Required Minimum items: 1 Maximum items: 3 |
ForwardingMode (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| ForwardingMode | string | Enum: IPV4_ONLY, IPV6_ONLY, IPV4_AND_IPV6 |
ForwardingPolicy (schema) (Deprecated)
Forwarding Policy
Contains ordered list of forwarding rules that determine when to
forward traffic to / from the underlay for accessing cloud native services.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| category | A way to classify a security policy, if needed. - Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are "Ethernet","Emergency", "Infrastructure" "Environment" and "Application". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories "Emergency", "SystemRules", "SharedPreRules", "LocalGatewayRules", "AutoServiceRules" and "Default", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to "SharedPreRules" or "LocalGatewayRules" only. Also, the users can add/modify/delete rules from only the "SharedPreRules" and "LocalGatewayRules" categories. If user doesn't specify the category then defaulted to "Rules". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, "Default" category is the placeholder default rules with lowest in the order of priority. |
string | |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource (Abstract type: pass one of the following concrete types) ChildForwardingRule |
|
| comments | SecurityPolicy lock/unlock comments Comments for security policy lock/unlock. |
string | |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| internal_sequence_number | Internal sequence number This field is to indicate the internal sequence number of a policy with respect to the policies across categories. |
int | Readonly |
| is_default | Default policy flag A flag to indicate whether policy is a default policy. |
boolean | Readonly |
| lock_modified_by | User who locked the security policy ID of the user who last modified the lock for the secruity policy. |
string | Readonly |
| lock_modified_time | SecuirtyPolicy locked/unlocked time SecurityPolicy locked/unlocked time in epoch milliseconds. |
EpochMsTimestamp | Readonly |
| locked | Lock a security policy Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ForwardingPolicy | string | |
| rule_count | Rule count The count of rules in the policy. |
int | Readonly |
| rules | Rules that are a part of this ForwardingPolicy | array of ForwardingRule | |
| scheduler_path | Path to the scheduler for time based scheduling Provides a mechanism to apply the rules in this policy for a specified time duration. |
string | |
| scope | The list of group paths where the rules in this policy will get
applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain. |
array of string | Maximum items: 128 |
| sequence_number | Sequence number to resolve conflicts across Domains This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999. |
int | Minimum: 0 |
| stateful | Stateful nature of the entries within this security policy. Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless. |
boolean | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| tcp_strict | Enforce strict tcp handshake before allowing data packets Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true. |
boolean | |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ForwardingPolicyListResult (schema) (Deprecated)
Paged Collection of ForwardingPolicy objects
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | ForwardingPolicy list results | array of ForwardingPolicy | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ForwardingPolicyStatisticsForEnforcementPoint (schema) (Deprecated)
Forwarding Policy statistics for an enforcement point
Forwarding policy statistics for a specfic enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| enforcement_point | Enforcement point path Path for a specific enforcement point |
string | Readonly |
| statistics | Forwarding Policy Statistics Statistics for the specified enforcement point |
ForwardingPolicyStats | Readonly |
ForwardingPolicyStatisticsListResult (schema) (Deprecated)
Paged Collection of Forwarding Policy statistics
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Forwarding Policy statistics list results | array of ForwardingPolicyStatisticsForEnforcementPoint | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ForwardingPolicyStats (schema) (Deprecated)
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Forwarding rules stats List of rule statistics. |
array of ForwardingRuleStats | Readonly |
| section_id | Forwarding Policy ID Forwarding policy identifier. |
string | Required Readonly |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ForwardingRule (schema) (Deprecated)
Forwarding rule
Forwarding rule that determine how to forward traffic from a VM.
Traffic from VM can either be routed via Overlay or Underlay when VM is on hybrid port.
Additionally NAT can be performed for VM or container on overlay to route traffic to/from underlay
ROUTE_TO_UNDERLAY - Access a service on underlay space from a VM connected to hybrid port. Eg access to AWS S3 on AWS underlay
ROUTE_TO_OVERLAY - Access a service on overlay space from a VM connected to hybrid port.
ROUTE_FROM_UNDERLAY - Access a service hosted on a VM (that is connected to hybrid port) from underlay space. Eg access from AWS ELB to VM
ROUTE_FROM_OVERLAY - Access a service hosted on a VM (that is connected to hybrid port) from overlay space
NAT_FROM_UNDERLAY - Access a service on overlay VM/container from underlay space using DNAT from underlay IP to overlay IP
NAT_TO_UNDERLAY - Access an underlay service from a VM/container on overlay space using SNAT from overlay IP to underlay IP
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| action | Action The action to be applied to all the services |
string | Enum: ROUTE_TO_UNDERLAY, ROUTE_TO_OVERLAY, ROUTE_FROM_UNDERLAY, ROUTE_FROM_OVERLAY, NAT_FROM_UNDERLAY, NAT_TO_UNDERLAY |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| destination_groups | Destination group paths We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| destinations_excluded | Negation of destination groups If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups |
boolean | Default: "False" |
| direction | Direction Define direction of traffic. |
string | Enum: IN, OUT, IN_OUT Default: "IN_OUT" |
| disabled | Flag to deactivate the rule Flag to deactivate the rule. Default is activated. |
boolean | Default: "False" |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| ip_protocol | IPv4 vs IPv6 packet type Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null. |
string | Enum: IPV4, IPV6, IPV4_IPV6 |
| is_default | Default rule flag A flag to indicate whether rule is a default rule. |
boolean | Readonly |
| logged | Enable logging flag Flag to enable packet logging. Default is deactivated. |
boolean | Default: "False" |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| notes | Text for additional notes on changes User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters. |
string | Maximum length: 2048 |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| profiles | Layer 7 service profiles or TLS action profile Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed. |
array of string | Maximum items: 128 |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM. |
string | Readonly |
| resource_type | Must be set to the value ForwardingRule | string | |
| rule_id | Unique rule ID This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on. |
integer | Readonly |
| scope | The list of policy paths where the rule is applied
LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs. |
array of string | Maximum items: 128 |
| sequence_number | Sequence number of the this Rule This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number |
int | Minimum: 0 |
| service_entries | Raw services In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null. |
array of ServiceEntry (Abstract type: pass one of the following concrete types) ALGTypeServiceEntry EtherTypeServiceEntry ICMPTypeServiceEntry IGMPTypeServiceEntry IPProtocolServiceEntry L4PortSetServiceEntry NestedServiceServiceEntry |
Maximum items: 128 |
| services | Names of services In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| source_groups | Source group paths We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| sources_excluded | Negation of source groups If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups |
boolean | Default: "False" |
| tag | Tag applied on the rule User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters. |
string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| unique_id | A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. |
string | Readonly |
ForwardingRuleListRequestParameters (schema) (Deprecated)
ForwardingRule list request parameters
| Name | Description | Type | Notes |
|---|---|---|---|
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | |
| include_mark_for_delete_objects | Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included. |
boolean | Default: "False" |
| included_fields | Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. |
string | |
| page_size | Maximum number of results to return in this page (server may return fewer) | integer | Minimum: 0 Maximum: 1000 Default: "1000" |
| sort_ascending | boolean | ||
| sort_by | Field by which records are sorted | string |
ForwardingRuleListResult (schema) (Deprecated)
Paged Collection of ForwardingRules
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | Rule list results | array of ForwardingRule | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ForwardingRuleStatisticsForEnforcementPoint (schema) (Deprecated)
Forwarding Policy Rule statistics for an enforcement point
Forwarding Rule statistics for a specfic enforcement point.
| Name | Description | Type | Notes |
|---|---|---|---|
| enforcement_point | Enforcement point path Path for a specific enforcement point |
string | Readonly |
| statistics | Forwarding Rule Statistics Statistics for the specified enforcement point |
ForwardingRuleStats | Readonly |
ForwardingRuleStatisticsListResult (schema) (Deprecated)
Paged Collection of Forwarding rule statistics
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| cursor | Opaque cursor to be used for getting next page of records (supplied by current result page) | string | Readonly |
| result_count | Count of results found (across all pages), set only on first page | integer | Readonly |
| results | ForwardingRuleStatistics list results | array of ForwardingRuleStatisticsForEnforcementPoint | Required |
| sort_ascending | If true, results are sorted in ascending order | boolean | Readonly |
| sort_by | Field by which records are sorted | string | Readonly |
ForwardingRuleStats (schema) (Deprecated)
Forwarding Policy Rule Statistics
FP Rule Statistics.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| byte_count | Bytes count Aggregated number of bytes processed by the rule. |
integer | Readonly |
| hit_count | Hits count Aggregated number of hits received by the rule. |
integer | Readonly |
| internal_rule_id | NSX internal rule id Realized id of the rule on NSX MP. Policy Manager can create more than one rule per policy rule, in which case this identifier helps to distinguish between the multple rules created. |
string | Readonly |
| l7_accept_count | L7 Accept count Aggregated number of L7 Profile Accepted counters received by the rule. |
integer | Readonly |
| l7_reject_count | L7 Reject count Aggregated number of L7 Profile Rejected counters received by the rule. |
integer | Readonly |
| l7_reject_with_response_count | L7 Reject with response count Aggregated number of L7 Profile Rejected with Response counters received by the rule. |
integer | Readonly |
| lr_path | Logical Router (Tier-0/Tier1) path Path of the LR on which the section is applied in case of Edge FW. |
string | Readonly |
| max_popularity_index | The maximum popularity index Maximum value of popularity index of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. |
integer | Readonly |
| max_session_count | Maximum Sessions count Maximum value of sessions count of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. |
integer | Readonly |
| packet_count | Packets count Aggregated number of packets processed by the rule. |
integer | Readonly |
| popularity_index | The index of the popularity of rule This is calculated by sessions count divided by age of the rule. |
integer | Readonly |
| rule | Rule path Path of the rule. |
string | Readonly |
| session_count | sessions count Aggregated number of sessions processed by the rule. |
integer | Readonly |
| total_session_count | Total Sessions count Aggregated number of sessions processed by all the rules This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. |
integer | Readonly |
FpCounters (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| rx_bytes | Count of rx bytes of ENS-Fastpath/FC-lookup. | integer | Readonly |
| rx_drops | Count of rx packet drops of ENS Fastpath / Not applicable for FC Module. | integer | Readonly |
| rx_drops_sp | Count of rx pkts drops of slowpath / Not applicable for FC Module. | integer | Readonly |
| rx_drops_uplink | Count of rx packet drops of ENS Uplink / Not applicable for FC Module. | integer | Readonly |
| rx_pkts | Count of rx packets of ENS Fastpath / Count of rx packets at FC lookup of vnic. | integer | Readonly |
| rx_pkts_sp | Count of rx pkt of slowpath / Not applicable for FC Module. | integer | Readonly |
| rx_pkts_uplink | Count of rx packets of ENS Uplink / Count of rx packets at FC lookup of Uplink. | integer | Readonly |
| tx_bytes | Count of tx bytes of ENS/FC Fastpath | integer | Readonly |
| tx_drops | Count of tx packet drops of ENS Fastpath / Count of packets dropped at FC lookup of vnic | integer | Readonly |
| tx_drops_sp | Count of tx pkts drops by slowpath / Not applicable for FC Module. | integer | Readonly |
| tx_drops_uplink | Count of tx packet drops of ENS Uplink / Count of packets dropped at FC lookup of Uplink. | integer | Readonly |
| tx_pkts | Count of tx packets of ENS Fastpath / Count of packets going through FC fastpath at vnic. | integer | Readonly |
| tx_pkts_sp | Count of tx pkts of ENS/FC slowpath | integer | Readonly |
| tx_pkts_uplink | Count of tx packets of ENS Uplink / Count of packets going through FC fastpath at Uplink. | integer | Readonly |
FqdnAnalysisConfig (schema)
FQDN Analysis feature configuration entity
The type contains information about the configuration of the FqdnAnalysis feature for a
specific node.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| children | Subtree for this type within policy tree Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only. |
array of ChildPolicyConfigResource Children are not allowed for this type |
|
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| enabled | Enabled Property which specifies the enabling/disabling of the feature. |
boolean | Default: "False" |
| id | Unique identifier of this resource | string | Sortable |
| marked_for_delete | Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. |
boolean | Readonly Default: "False" |
| origin_site_id | A unique identifier assigned by the system for knowing which site owns an object This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+. |
string | Readonly |
| overridden | Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. |
boolean | Readonly Default: "False" |
| owner_id | A unique identifier assigned by the system for the ownership of an object This is a UUID generated by the system for knowing who owns this object. This is used in NSX+. |
string | Readonly |
| parent_path | Path of its parent Path of its parent |
string | Readonly |
| path | Absolute path of this object Absolute path of this object |
string | Readonly |
| realization_id | A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. |
string | Readonly |
| relative_path | Relative path of this object Path relative from its parent |
string | Readonly |
| remote_path | Path of the object on the remote end. This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only fo |